Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have an apache webserver setup that uses nfs to save alot of files to a separate fileserver machine.
I wish to have eth1 used only for nfs traffic while eth0 handles everything else.
I also want to avoid using iptables and routing packages, is their a config file somewhere that i can tell something like:
10.10.0.125 inet_interface=eth1
Does this web server offer services to the internet. If so, you want to have one interface for internet traffic and one for LAN traffic. Being on separate subnets, you could simply use IP forwarding. You would also want to firewall off all services you don't want offered to the internet.
its only serving LAN purposes. Development webserver with file backend.
For simplicity sake its a stripped debian distro with no security at all.
Lets say this is my network map:
DHCP
|
Switch----Webserv----Fileserv
|
LAN
I remote X and ssh into that lan through a LAN machine which has security so at idle theirs no outside traffic.
Im trying to find out the easiest way that requires the least amount of packages. If theirs a simple .conf file or change to bind eth1 to specific ip traffic would be best.
If not please suggest an application and example config. thanks
Do I take it that you have both nics plugged into the same switch?
... looking at that map, though, it looks like eth1 is connected to Fileserv while eth0 is connected to the switch. At which point, I have trouble seeing the problem. (Especially if there is no through-traffic between the two sides.)
Last edited by Simon Bridge; 09-08-2007 at 02:21 AM.
the LAN is constantly communicating with the Webserver and modifying SQL tables, At the same time the Webserv is creating files and logs and writing them to the Fileserv.
I want the Fileserv to be completely cut off from the LAN and the two servers are connected with a crossover cable and static ip's but the mountd command polls eth0 before searching eth1 and I want it to automaticly search eth1 explicity when any command asks for something from subnet 10.10.0.xxx
Eventually their will be a switch between the webserv and fileserv and their will be many more application servers but I dont want alot of network sputter across wrong interfaces.
Last edited by blu_alchemist; 09-08-2007 at 02:31 AM.
Just configure fileserve for a different network address or subnet. When the webserver needs to access it the routing table will select the second interface. Don't enable ip_forward. Setting up the second interface should produce a route to it for you. You can check with "/sbin/route".
If the web server isn't offering an NFS service, close of that port on the firewall for the NFS service. You're setup is how many servers are setup. A cross over cable connects to a computer that is used solely for logs to that computer.
I found why linux was having difficulty connecting, I was using an old tulip 10/100 nic thats acting pretty flaky. Set up with a static ip they both appeared to connect fine but when the nfs request was made sometimes the eth1 would time out and it would poll eth0 for the nfs address then bounce back to eth1 and connect correctly.
I was getting alot of traffic on the filewall/lan switch from my nfs request so I thought it was a routing error. Guess cheap ass hardware is the source of all evil.
I just bought a bag of 25 3Com Fast EtherLink XL 3C905B-TX for $20 so that has solved many of my lans errors.
Thanks jschiwal, /sbin/route is equiv to the windooz arp command, is that table auto generated on boot or will manual entries persist?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.