Multiple NIC on Ubuntu Box - Isolating traffic to specific interfaces

whitehawk · 10-15-2009, 04:53 PM

Hello Community,
I have two custom built ubuntu boxes running 9.04 Server edition on them. Both these boxes have two gigabit NIC cards. They are connected to a 24 port layer 2 switch which is connected to my wireless router.

Router (192.168.0.1)
|
24 port Gigabit switch
| |
| |-- Ubuntu 9.04 Server (192.168.0.23) 100 Mbps NIC
| |-- Ubuntu 9.04 Server (192.168.0.32) 1 Gbps NIC
|
|-- Ubuntu 9.04 Server (192.168.0.24) 100 Mbps NIC
|-- Ubuntu 9.04 Server (192.168.0.42) 1 Gbps NIC

The network card configuration files have the default gw set to 192.168.0.1 for both the NICs in the two machines.
My objective is to have certain services listen to specific address only while the general traffic (SSH, apt-get etc) use the other interface. The problem I am facing is that I am able to get into the box from outside. My SSH, DNS, MySQL and Tomcat servers are visible from other machines on my network but I am not able to see the internet from within these boxes. For instance, I can SSH into 192.168.0.23 or 192.168.0.32 but I cannot ping google.com from within these boxes.
However, If I do route add default gw 192.168.0.1 the problem goes away but then I am not able to divert the internal traffic to a specific card.
The idea here is to use the gigabit cards for my services (SMB/ DB) and the 100Mbps cards for running update check or browing the internet etc.
What should I change in my iptables to get what I want?

rizhun · 10-16-2009, 10:03 AM

Hi whitehawk,

You shouldn't need to get iptables involved.
This should be possible with proper routing.

Please post the output from a 'netstat -rn' and 'ifconfig -a'.

Are you using network config files for individual cards?
If so, please post the content of these files.

Thanks.