FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 02-02-2008, 01:37 AM
Raquel
 
Default 2 Network Cards

On Fri, 1 Feb 2008 20:44:11 -0500
"Douglas A. Tutty" <dtutty@porchlight.ca> wrote:

> On Fri, Feb 01, 2008 at 04:37:03PM -0800, Raquel wrote:
> > On Fri, 1 Feb 2008 16:09:00 -0800
> > Raquel <raquel@thericehouse.net> wrote:
> >
> > > I have 2 network cards in this machine. Currently only one of
> > > those cards is setup but now I have need to setup another. The
> > > current /etc/network/interfaces looks like:
> > > # The primary network interface
> > > allow-hotplug eth0
> > > iface eth0 inet static
> > > address 99.999.999.137
> > > netmask 255.255.255.248
> > > network 99.999.999.136
> > > broadcast 99.999.999.999
> > > gateway 99.999.999.999
> > > dns-nameservers 99.999.999.999 99.999.999.999
> > > dns-search domain.com
> > >
> >
> > Let me make a few changes. In order to get eth1 to also work,
> > can I add to /etc/network/interfaces:
> >
> > # The secondary network interface
> > allow-hotplug eth1
> > iface eth1 inet static
> > address 99.999.999.138
> > netmask 255.255.255.248
> > network 99.999.999.136
> > broadcast 99.999.999.999
> > gateway 99.999.999.999
> > dns-nameservers 99.999.999.999 99.999.999.999
> > dns-search domain.com
> >
> > Is there anything else I need to watch out for? I know that the
> > firewall needs to be changed.
> >
>
> Looks fine to me, as long as all the "9"s are place-holders for real
> numbers. It doesn't make sense to have two NICs in one box on the
> same network.
>
> Doug.
>

Thanks, Doug. Yes. The "9"s are place-holders. I've not been using
the second nic because it wasn't needed. However, now I want to host
2 different SSL hosts using named virtual hosts. So, I need a second
IP and I'm dipping into my range of IP numbers.

--
Raquel
================================================== ==========
The arc of the moral universe is long, but it bends towards justice.

--Martin Luther King, Jr.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-02-2008, 01:54 AM
"Douglas A. Tutty"
 
Default 2 Network Cards

On Fri, Feb 01, 2008 at 06:37:04PM -0800, Raquel wrote:

> Thanks, Doug. Yes. The "9"s are place-holders. I've not been using
> the second nic because it wasn't needed. However, now I want to host
> 2 different SSL hosts using named virtual hosts. So, I need a second
> IP and I'm dipping into my range of IP numbers.

If they truely are on the same physical pice of wire, why not use
virtual/aliases. Eg, instead of eth0 and eth1, you would have eth0 and
eth0:1 or something (never done it, check the man pages).

Doug.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-02-2008, 02:28 AM
Raquel
 
Default 2 Network Cards

On Fri, 1 Feb 2008 21:54:37 -0500
"Douglas A. Tutty" <dtutty@porchlight.ca> wrote:

> On Fri, Feb 01, 2008 at 06:37:04PM -0800, Raquel wrote:
>
> > Thanks, Doug. Yes. The "9"s are place-holders. I've not been
> > using the second nic because it wasn't needed. However, now I
> > want to host 2 different SSL hosts using named virtual hosts.
> > So, I need a second IP and I'm dipping into my range of IP
> > numbers.
>
> If they truely are on the same physical pice of wire, why not use
> virtual/aliases. Eg, instead of eth0 and eth1, you would have eth0
> and eth0:1 or something (never done it, check the man pages).
>
> Doug.
>

Don't I end up doing the same thing? I thought of aliasing eth0, but
why? I have a nic not being used in the machine and running another
wire from my switch to it will give me what I need. If I alias eth0
to eth0:1 I'd still need to assign eth0:1 another IP number. Right?

--
Raquel
================================================== ==========
The arc of the moral universe is long, but it bends towards justice.

--Martin Luther King, Jr.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-02-2008, 02:45 AM
"Douglas A. Tutty"
 
Default 2 Network Cards

On Fri, Feb 01, 2008 at 07:28:47PM -0800, Raquel wrote:
> On Fri, 1 Feb 2008 21:54:37 -0500
> "Douglas A. Tutty" <dtutty@porchlight.ca> wrote:
>
> > On Fri, Feb 01, 2008 at 06:37:04PM -0800, Raquel wrote:
> >
> > > Thanks, Doug. Yes. The "9"s are place-holders. I've not been
> > > using the second nic because it wasn't needed. However, now I
> > > want to host 2 different SSL hosts using named virtual hosts.
> > > So, I need a second IP and I'm dipping into my range of IP
> > > numbers.
> >
> > If they truely are on the same physical pice of wire, why not use
> > virtual/aliases. Eg, instead of eth0 and eth1, you would have eth0
> > and eth0:1 or something (never done it, check the man pages).
>
> Don't I end up doing the same thing? I thought of aliasing eth0, but
> why? I have a nic not being used in the machine and running another
> wire from my switch to it will give me what I need. If I alias eth0
> to eth0:1 I'd still need to assign eth0:1 another IP number. Right?

Sure. It would make sense if the hardware could keep up with two NICs
going full-out, so it depends on the network speed (10/100/1000), the
speed and quality of the NICs, and the power of the computer. Either
way, every packet has to go through the kernel and the firewall code. I
don't know which is faster. It takes a monster of a box to keep a GB
ethernet saturated, yet alone 2.

Look at it this way:

Lets say we're dealing with a 100 MB/s ethernet. Lets say that all the
boxes on the network are all capable of saturating their 100 MB/s
ethernet. If all the NICs all try to talk at once, as long as they are
talking in pairs, then the switch should handle it. In this case,
having two NICs in your box makes sense because, being two virtual
boxes, it is conceivable that two different client boxes will want to
talk to the server box at full speed, as long as the server box can keep
2 100 MB/s NICs well fed while doing the serving. Also, as long as the
switch back-plane has the throughput.

Remember, a second NIC will mean twice the hardware to be interrupting
the CPU.

I would rather spend the money on one good NIC than two cheaper ones.

Doug.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-02-2008, 03:59 AM
Raquel
 
Default 2 Network Cards

On Fri, 1 Feb 2008 22:45:30 -0500
"Douglas A. Tutty" <dtutty@porchlight.ca> wrote:

> Sure. It would make sense if the hardware could keep up with two
> NICs going full-out, so it depends on the network speed
> (10/100/1000), the speed and quality of the NICs, and the power of
> the computer. Either way, every packet has to go through the
> kernel and the firewall code. I don't know which is faster. It
> takes a monster of a box to keep a GB ethernet saturated, yet alone
> 2.
>
> Look at it this way:
>
> Lets say we're dealing with a 100 MB/s ethernet. Lets say that all
> the boxes on the network are all capable of saturating their 100
> MB/s ethernet. If all the NICs all try to talk at once, as long as
> they are talking in pairs, then the switch should handle it. In
> this case, having two NICs in your box makes sense because, being
> two virtual boxes, it is conceivable that two different client
> boxes will want to talk to the server box at full speed, as long as
> the server box can keep 2 100 MB/s NICs well fed while doing the
> serving. Also, as long as the switch back-plane has the
> throughput.
>
> Remember, a second NIC will mean twice the hardware to be
> interrupting the CPU.
>
> I would rather spend the money on one good NIC than two cheaper
> ones.
>
> Doug.

I think that I understand what you're saying. However, what's the
difference? If the machine is capable of handling 15 VirtualHosts
with 1 nic and 1 IP number, why can it not handle 15 VirtualHosts with
2 nics and 2 IP numbers? What am I not understanding?

Scenario #1:
domainA and domainB are being hosted on 1 machine with 1 nic. Out of
need, different IP numbers are needed, so eth0 is being aliased,
creating eth0:1.

Scenario #2
domainA and domainB are being hosted on 1 machine with 2 nic. Out of
need, different IP numbers are needed, so nic#0 is eth0 and nic#1 is
eth1.

The only difference I can see is that, in essence, Scenario #1 is
possibly "throttling" what reaches the CPU by virtue of what can get
through the nic.

--
Raquel
================================================== ==========
The arc of the moral universe is long, but it bends towards justice.

--Martin Luther King, Jr.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-02-2008, 05:21 AM
Alex Samad
 
Default 2 Network Cards

On Fri, Feb 01, 2008 at 08:59:38PM -0800, Raquel wrote:
> On Fri, 1 Feb 2008 22:45:30 -0500
> "Douglas A. Tutty" <dtutty@porchlight.ca> wrote:
>
> > Sure. It would make sense if the hardware could keep up with two
> > NICs going full-out, so it depends on the network speed
> > (10/100/1000), the speed and quality of the NICs, and the power of
> > the computer. Either way, every packet has to go through the
> > kernel and the firewall code. I don't know which is faster. It
> > takes a monster of a box to keep a GB ethernet saturated, yet alone
> > 2.
> >
> > Look at it this way:
> >
> > Lets say we're dealing with a 100 MB/s ethernet. Lets say that all
> > the boxes on the network are all capable of saturating their 100
> > MB/s ethernet. If all the NICs all try to talk at once, as long as
> > they are talking in pairs, then the switch should handle it. In
> > this case, having two NICs in your box makes sense because, being
> > two virtual boxes, it is conceivable that two different client
> > boxes will want to talk to the server box at full speed, as long as
> > the server box can keep 2 100 MB/s NICs well fed while doing the
> > serving. Also, as long as the switch back-plane has the
> > throughput.
> >
> > Remember, a second NIC will mean twice the hardware to be
> > interrupting the CPU.
> >
> > I would rather spend the money on one good NIC than two cheaper
> > ones.
> >
> > Doug.
>
> I think that I understand what you're saying. However, what's the
> difference? If the machine is capable of handling 15 VirtualHosts
> with 1 nic and 1 IP number, why can it not handle 15 VirtualHosts with
> 2 nics and 2 IP numbers? What am I not understanding?

broadcasts will cause an interrupt on both interfaces. Something to remember
eth0 will answer arp requests for the ip address on eth1 (there are sysctl's to
stop this)

you will need to check to make sure you packets are leaving via eth1 (if eth0
came up first). been a while since I have done this but your routing table is
going to look something like


a.b.c.137 dev eth0 link mtu 1500 advmss 1460
a.b.c.138 dev eth1 link mtu 1500 advmss 1460
a.b.c.0/24 dev eth0 proto kernel scope link src a.b.c.137 mtu 1500 advmss 1460
(<- this depends which one come up first [i believe])

some when it comes time to route an outbound packet it will go via eth0

plus you will probably have something like this

default via a.b.c.1 dev eth0 mtu 1500 advmss 1460 (so all non local ip packet
will go via eth0)

and depending on arp replies, if eth0 replies on behalf of eth1, all packets
destined for the ip address on eth1 will come in via eth0 (again this can be
changed with a sysctl)


a




>
> Scenario #1:
> domainA and domainB are being hosted on 1 machine with 1 nic. Out of
> need, different IP numbers are needed, so eth0 is being aliased,
> creating eth0:1.
>
> Scenario #2
> domainA and domainB are being hosted on 1 machine with 2 nic. Out of
> need, different IP numbers are needed, so nic#0 is eth0 and nic#1 is
> eth1.
>
> The only difference I can see is that, in essence, Scenario #1 is
> possibly "throttling" what reaches the CPU by virtue of what can get
> through the nic.
>
> --
> Raquel
> ================================================== ==========
> The arc of the moral universe is long, but it bends towards justice.
>
> --Martin Luther King, Jr.
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>

--
"If we don't stop extending our troops all around the world in nation-building missions, then we're going to have a serious problem coming down the road."

- George W. Bush
10/03/2000
Boston, MA
First Presidential Debate with Al Gore
 
Old 02-02-2008, 05:44 AM
Ken Irving
 
Default 2 Network Cards

On Fri, Feb 01, 2008 at 04:35:18PM -0900, Ken Irving wrote:
> On Fri, Feb 01, 2008 at 04:37:03PM -0800, Raquel wrote:
> > On Fri, 1 Feb 2008 16:09:00 -0800 Raquel wrote:
> >
> > > I have 2 network cards in this machine. Currently only one of those
> > > cards is setup but now I have need to setup another. The
> > > current /etc/network/interfaces looks like:
> > > # The primary network interface
> > > allow-hotplug eth0
> > > iface eth0 inet static
> > > address 99.999.999.137
> > > netmask 255.255.255.248
> > > network 99.999.999.136
> > > broadcast 99.999.999.999
> > > gateway 99.999.999.999
> > > dns-nameservers 99.999.999.999 99.999.999.999
> > > dns-search domain.com
> >
> > Let me make a few changes. In order to get eth1 to also work, can I
> > add to /etc/network/interfaces:
> >
> > # The secondary network interface
> > allow-hotplug eth1
> > iface eth1 inet static
> > address 99.999.999.138
> > netmask 255.255.255.248
> > network 99.999.999.136
> > broadcast 99.999.999.999
> > gateway 99.999.999.999
> > dns-nameservers 99.999.999.999 99.999.999.999
> > dns-search domain.com
> >
> > Is there anything else I need to watch out for? I know that the
> > firewall needs to be changed.
>
> I don't think it's quite as simple as providing two separate IPs on a
> single subnet, but what are you trying to do? All you say is that you
> need to "setup" the second card, but why? I have plenty of systems
> with 2 cards, but I've only done it to host a local net on one card,
> with an upstream net connection on the other. While you haven't said
> much about the "firewall", I'd suggest looking at shorewall and its docs,
> only because that's where I've read about doing this sort of thing.

I haven't seen any response to this, but had the impression from the
use of 137 and 138 in the addresses above that both would be on the
same subnet. The obfuscated "network" entries look to me to be host
address, so I don't know what you're dealing with. I googled a bit and
found some informative links, and suggest you do the same.

I dimly recall that there's something in how the kernel works with
interfaces and ip address that's perhaps not intuitive, and easy to
get wrong.

--
Ken Irving, fnkci+debianuser@uaf.edu


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-02-2008, 09:27 PM
Ken Irving
 
Default 2 Network Cards

On Fri, Feb 01, 2008 at 09:44:47PM -0900, Ken Irving wrote:
> > On Fri, Feb 01, 2008 at 04:37:03PM -0800, Raquel wrote:
> > > On Fri, 1 Feb 2008 16:09:00 -0800 Raquel wrote:
> > >
> > > > I have 2 network cards in this machine. Currently only one of those
> > > > cards is setup but now I have need to setup another. The
> > > > current /etc/network/interfaces looks like:
> > > > ...
> > > Is there anything else I need to watch out for? I know that the
> > > firewall needs to be changed.
> ...
> I dimly recall that there's something in how the kernel works with
> interfaces and ip address that's perhaps not intuitive, and easy to
> get wrong.

ARP (Address Resolution Protocol) flux looks like something you might
want to look into.

--
Ken Irving, fnkci+debianuser@uaf.edu


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-04-2008, 01:08 PM
Brian McKee
 
Default 2 Network Cards

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On 1-Feb-08, at 11:59 PM, Raquel wrote:


I think that I understand what you're saying. However, what's the
difference? If the machine is capable of handling 15 VirtualHosts
with 1 nic and 1 IP number, why can it not handle 15 VirtualHosts with
2 nics and 2 IP numbers? What am I not understanding?


Two nics = 2 pieces of hardware that can fail, both consuming hydro.

On the other hand, tripping over one wire only gets one website.

Ya win some, ya lose some.... :-)

Brian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Verify this email or encrypt your email for free - see gnupg.org

iD8DBQFHpxxeGnOmb9xIQHQRAl6zAKCVR7vNyRhp/UVL9vz+9JJX7SSZcwCfcMTJ
IB2pc1DzYPUXm1kmHNmqDAo=
=CS8b
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 08:18 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org