Need to setup Linux server run 2 nics for different access
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Need to setup Linux server run 2 nics for different access
I am putting a second nic in my server. I want to have eth0 running - just like a single nic runs now. I want this for remote SSH access.
The second nic eth1, I want to use openvpn for Private Internet Access and have a few other apps running on that nic.
I know that "ANYTHING" is possible with linux
I already have openvpn running and privateinternetaccess works. I just want to split traffic between the 2 nics with the 2 different external IP addresses. Right now I manually start and stop then privateinternetaccess via openvpn. It would be nice to just keep them both up but separate.
Oh and just one router.
I'm not afraid of a little code - it will force me to learn whatever (perl, python, java)
No code required, just configuration.
Each service has a setting for what port and IP to listen on. Generally, the IP is left undefined or set to 0.0.0.0(IPv4. IPv6 has an equivalent, but I will restrict to IPv4 for this answer.) This means listen on every possible address on the host.
Simply set the IP to the address of the NIC that you want to allow the traffic on. Henceforth the service will listen only on that address and NOT on the other.
Hmmm... Doing reading and getting more confused then help. The closest thing I found was "Configuring multiple default routes". I was hoping that a simpler solution was available.
I have openvpn running just fine on eth0. I want openvpn on eth1 - and be able to ssh in on eth0. When privateinternetaccess is running with openvpn I can't ssh in - that has a whole other set of issues. I figured a second nic and split out the work would get me the best of both - openvpn and some other apps on eth1 everything else eth0
(OBTW - eth0 is an Intel nic on the motherboard and eth1 is a low price TP-Link TG-3468)
Every time I try to start eth1 with a gateway - i get errors (enabling the dhcp line, stoping and starting seems to clear the errors)
virbr0 Link encap:Ethernet HWaddr c6:c6:1c:2a:59:07
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
cat interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
##### temp changed from auto eth0 to auto br0
auto br0
iface eth0 inet manual
Ubuntu 14.04.3 LTS
_____________________________
current networking - everything runs/works - I have openvpn running PrivateInternetAccess so I can no longer "see" this box from outside my router - obviously
My first thought was to get openvpn running on the second nic - I scratched that idea since - if it ain't broke don't fix it - keep everything running as is
I will just enable the second nic (192.168.1.53) - and switch my NAT settings from 192.168.1.89 to 192.168.1.53 - and just SSH in that way
changing NAT for Plex as well lets me continue to run openvpn/PIA ans still get to my Plex server from outside.
_____________________________
both nics are connected to the same router/gateway
the 192.168.1.89 is dhcp reserved (no need to change?)
the 192.168.1.53 is static -
Policy routing seems the cleanest answer - without re-doing everything I have running now.
the examples I have seen ALL run on 2 different subnets - reading about multiple default routes
I just want all traffic in on eth0 to go out on eth0 - my setup does that now - eth0 is default
i just want to add a policy that takes all traffic in on eth1 (my SSH and Plex) to go back out on eth1 - its going back out on eth0 by default
I am running KVM (virtual machines) so the br0, virbr0 are setup and working
tun0 is from the openvpn/PIA setup and is also working
eth1 runs when I turn it on - but replies on eth0
I didn't want to get into different subnets for 1 nic if I didn't have to
_____________________________
ifconfig
br0 Link encap:Ethernet HWaddr 00:25:11:a5:c7:63
inet addr:192.168.1.89 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
...
eth0 Link encap:Ethernet HWaddr 00:25:11:a5:c7:63
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
...
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
...
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.166.1.6 P-t-P:10.166.1.5 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
...
virbr0 Link encap:Ethernet HWaddr 12:14:fe:35:f0:d0
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
...
____________________________________________________________________
like I said. I have openvpn for PIA running on one nic - eth0 - along with everything else.
I can't SSH into the machine from outside my network on eth0 when openvpn/PIA is running.
I can't access Plex from outside my network if openvpn/PIA is running.
I want to SSH in and have responses going back out on eth1, and use eth1 to access Plex from outside my network.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.