1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Configure 2 NIC FreeBSD server as a WAN switch

Discussion in 'Networking' started by ethoms, Jan 22, 2012.

  1. ethoms

    ethoms New Member

    Messages:
    56
    Thanks Received:
    0
    Basically I want to configure a FreeBSD (8.2) server to act like a network switch. One cable from fibre optic modem coming in on one NIC. And one cable going out from NIC 2 on the same subnet (an 16 public IP block from ISP) to a layer 2 network switch, to the other servers using the public subnet. Can this be done? I'm going to try it by setting up both NICs on same subnet, different IPs and then set
    Code:
    gateway_enable="YES"
    in rc.conf. Just doing some research before I go to the office and start disrupting the connection.

    Why not just use a switch between the modem and WAN facing NICs?

    Because the back end (ISP) doesn't like talking to layer 2 devices, couldn't send email to yahoo, yet every other mail domain worked fine. I've tried using the router they supplied, split my public subnet into two; one on each interface, bridged them, and then put the switch behind that. Because the router is layer 3, it solved my sending to yahoo mail problem but I only get half my internet upload speed.

    I've tried so many different configurations, each switch I use has slightly different behaviour. Basically the internet connection and/or the modem seem very fussy about the hardware it talks to. One things for sure, If I connect a server directly to the modem, I get full speed, infact I get double the upload speed I should be getting on my contract. So, I thought I'd let FreeBSD do my networking, I'm confident it can get more out of my connection than these damn off-the-shelf routers/switches.

    The cable modem is 100Mb/s full duplex. I need a good networking stack (FreeBSD) to buffer this as I'm convinced it's the speed and duplex on different links that's causing the problems.

    How can I do this, one cable from modem to FreeBSD server, service running on this FreeBSD server, then share through a second NIC and switch to another server (Solaris) also running internet services.

    All the guides / documentation I can find regarding gateways / routers are related to 2 subnets. But I want to do only with one public subnet.
     
  2. phoenix

    phoenix Moderator Staff Member Moderator

    Messages:
    3,422
    Thanks Received:
    753
    Can you draw a diagram of the network topology? Not exactly sure what you are trying to do, but it sounds like bridging is what you need.
     
  3. ethoms

    ethoms New Member

    Messages:
    56
    Thanks Received:
    0
    I thought of bridging first of all, but it didn't work. I managed to create a bridge0 and set it a valid IP + subnet. From what I remember, it would ping out if the internet facing NICs was plugged but as soon as the other NIC was pluggged it couldn't route to anything. Perhaps I needed the gateway_enable="YES" option set. Will try again when I go to office.

    Network diagram:

    Code:
    ISP gateway (200.200.200.113)
               |
               |
    Fibre Optic Modem (100baseTX full-duplex)  
               |
               |
             [NIC1]
    FreeBSD Gateway/Server (200.200.200.119{host},200.200.200.120{jail},200.200.200.121{jail})
             [NIC2]
               |
               |
         <<<<<< >>>>>>>>>>>>>>>>>>>>>
         |                          |
         |                          |
    Solaris Global Zone{host}     Solaris Zone 1
    (200.200.200.116)            (200.200.200.118)
    
     
  4. ecazamir

    ecazamir New Member

    Messages:
    215
    Thanks Received:
    27
    The proper syntax is:
    Code:
    gateway_enable="YES"

    without the ending 'd'.

    An alternate method to permanently enable packet forwarding is to set in /etc/sysctl.conf
    Code:
    net.inet.ip.forwarding=1

    Or temporary, executing
    Code:
    sysctl net.inet.ip.forwarding=1
     
  5. ethoms

    ethoms New Member

    Messages:
    56
    Thanks Received:
    0
    @ecazamir: Thanks, don't know where that d came from, I've edited it out.