Hi:

I'm a newbie at networking but have had some experience with Linux for a while.

I have Kubuntu 7.04 running and I would like to use one NIC for all addresses with fall outside the network 192.168.0.1 to 192.168.0.255 (basically internet traffic) and one NIC for internal network traffic. In other words, I have some instances where I need to show an external IP address and some instances when I want to show an internal address or the address of the router.

Is this doable?

Can anyone point me in the right direction?

Thanks.

If you would also email me at joe@bram.net since I don't frequent this forum.

Thanks again,

Joe Saladino

I am also trying to do this, but I believe you will have to take a look at the route command and bridging

It is definitely doable. If you simply want to assign each NIC its own IP address and have each on a serparate subnet, you can probably do this with a GUI that is provided (which I know nothing about). If you want instead try editing /etc/network/interfaces and need some help, let me know.

You probably won't get a lot of sympathy for people emailing you about responses on this forum. By default, you get email alerts when posts appear in this or other threads you've posted to. You can change the emailing policy if you don't like the default.

@Micro420,

While bridging is a possibility, that involves both NICs having the same IP address (as I understand it -- I have never done it). I don't believe that is what the OP wants to do.

Sound possible, you can assign static ip addresses to a network card, then use iptables to route local traffic down one card, and then anything not local goes out the other. That may be possible.

hi,

surely it doable.
but not sure with kubuntu (i used centos).

scenario 1 : using ifconfig (using the same subnet)
scenario 2 : using vconfig (if you want to create IP in totally different subnet/VLAN).

HTH.

I'll respond to all the above :-)

I use shorewall as a firewall so can I also use iptables?

Sure would be nice if someone had done this. I just don't understand bridges.

Anyway, thanks for the point in the right direction. I'll see what I can do on my own. If you have any other ideas, I'll listen.

BTW, I didn't realize that I got notice of postings so don't bother to email me as well. Sorry for asking :-/

Thanks

Joe

Shorewall is just a front end for setting up netfilter. So other than splitting semantic hairs, you can think of shorewall as being a front end for iptables. From the shorewall home page:

I have no experience with bridges. But if I understand correctly (see post #3), I have done things analogous to what you need where I had more than one interface (either two NICs or one NIC plus PPP) and used the computer as a gateway to another network. I don't have experience with any GUI your system might have provided (although the GUI might well handle this), but if you think this is what you want, I can try to help you with modifying configuration files and init scripts. If this computer already has Internet access, we can start from there, and (if Kubuntu is structured like Ubuntu) modify /etc/network/interfaces, enable ip-forwarding in your kernel, and decide how to get get the machines on your internal network configured (DHCP versus manual), including providing them addresses of DNS servers. Let me know what you want.

EDIT: BTW, it is my understanding from reading that if you do create a bridge (rather than what I was talking about), that iptables doesn't even enter into the situation. This is because your computer sees the entire bridge as the interface and netfilter would know nothing of the bridge's individual components.

EDIT2: When listing the changes, I forgot to mention that you would probably need to use iptables (or possibly shorewall) to MASQUERADE (a Linux specific term referring to a form of SNAT) or SNAT the outgoing connection. I believe the default routing table entry gets defined in /etc/network/interfaces and gets set automatically when the corresponding interface is brought up.

EDIT3: For info about /etc/network/interfaces, type man interfaces.

I have just done some reading on the ebtables website. Not nearly enough studying to really understand it, but enough to make me question my previous statement, quoted above. It now appears to me that the OP might be able to handle the situation with a bridge, but if I understand the situation correctly, I think that using a bridge would be overkill.

I'll be happy to help out with a non-bridge solution if desired, but I don't see myself initiating any further comment on this thread.

This may be a bit over my head at this time but I will keep reading and maybe get back if I find a step by step solution.

Thanks so much for your help. I may get back to you later on.

Joe