How to bind services to interfaces

S

StefanAO

Dear all,

I currently run a NAS4Free (based on FreeBSD 9.2). I have it set up in the following way: the network interface establishes an OpenVPN connection and runs a service through it (in my case Transmission). This works fine at the moment, however, I would like to set up a lighttpd not running through the VPN (I run an Owncloud over this web server, but obviously cannot reach it behind the VPN). I plan to install a second NIC, however I am stuck at how to bind a certain service to a certain interface. It would be most convenient for me not to use a jail.

Any help on this is greatly appreciated! Thanks!

P.s. I am fairly new to the topic, so please bear with me if this post lacks any necessary information.
 
You usually don't bind services to an interface but to an IP address. How to do that depends on the service and will be mentioned in the documentation.
 
Thank you for the fast reply - that explains why I could not find anything on this. Will install the second NIC and try binding lighttpd to that second IP.
 
StefanAO said:
Will install the second nic and try binding lighttpd to that second ip.
Click to expand...
Don't put both interfaces in the same subnet. That's going to cause problems. You could clone lo0 to get lo1, assign a different network to it and limit access through PF or IPFW. Then bind your (local) services to the address assigned to lo1.

Easily done on FreeBSD but I have no idea how to do that on NAS4Free.
 
Alright, that answer was quite a bit too advanced for me, sorry. Both interfaces will connect to the same router/modem. From your first answer, I thought installing a second network card, assigning a separate ip to that card and binding the service to that ip would do the trick...
 
What are you trying to accomplish the the second network card? You are not going to get any performance increase from having two NICs in the same LAN net if that's what you're thinking. The usual reason to add a second network card is to make use a secondary WAN connection and use it for redundancy and load balancing.
 
My intentions is not to add a second network card for performance, they will go through the same router anyway. However, as one network card establishes a VPN connection, I cannot reach that network card from outside that vpn. That's why I want to add the second card and run lighttpd over that ip so that I can reach it from outside. Or is there a way to do this over one and the same network interface? Two ip adresses on one card, one from the vpn and a public one from my network provider? Can I bind one service to the ip given by the vpn (so that it runs through the tun device) and the other service to my local ip (192.168...), such that I can reach it over my public ip assigned to my modem via my isp?
 
Your VPN is a VPN client for accessing a VPN server somewhere outside right? What type of VPN is it, OpenVPN? If it is OpenVPN I can think of quite a few reasons why it cuts access, first one that comes to my mind is that the VPN changes the default route on the system to the VPN tunnel when it is active. Post as much as details as you can about this VPN service and we might be able to assist more.
 
Yes, I'm also thinking this can be solved just by changing some of the routing. Adding a second network card isn't going to be the solution but with some clever routing we can probably get everything working.
 
You must log in or register to reply here.
Back
Top