Good day, recently I have installed another NIC on my server, everything works but I saw a small problem with my configuration. Here are the details:
1 x Intel NIC = Main internet connection
1 x Broadcom NIC = Local Area Network
I use NAT and IPFW with type set to OPEN, if IPFW is enabled than my clients can access the internet. But all other traffic (incoming from outside to server) is very very slow. If I disable the firewall, everything from outside works perfectly but no internet for clients.
What could be the problem?
Thank you
1 x Intel NIC = Main internet connection
1 x Broadcom NIC = Local Area Network
I use NAT and IPFW with type set to OPEN, if IPFW is enabled than my clients can access the internet. But all other traffic (incoming from outside to server) is very very slow. If I disable the firewall, everything from outside works perfectly but no internet for clients.
What could be the problem?
Code:
server# ifconfig
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4019b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,VLAN_HWTSO>
ether 00:15:17:36:33:69
inet 89.136.xxx.xxx netmask 0xfffffc00 broadcast 255.255.255.255
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=c019b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE>
ether 00:1f:29:02:1b:a6
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
media: Ethernet autoselect (none)
status: no carrier
bge1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
ether 00:10:18:1c:e4:f9
media: Ethernet autoselect (none)
status: no carrier
ipfw0: flags=8801<UP,SIMPLEX,MULTICAST> metric 0 mtu 65536
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
Code:
server# ipfw show
00050 28397256 73726238384 divert 8668 ip4 from any to any via em0
00100 48333037 2707442600 allow ip from any to any via lo0
00200 0 0 deny ip from any to 127.0.0.0/8
00300 0 0 deny ip from 127.0.0.0/8 to any
00400 0 0 deny ip from any to ::1
00500 0 0 deny ip from ::1 to any
00600 0 0 allow ipv6-icmp from :: to ff02::/16
00700 0 0 allow ipv6-icmp from fe80::/10 to fe80::/10
00800 0 0 allow ipv6-icmp from fe80::/10 to ff02::/16
00900 0 0 allow ipv6-icmp from any to any ip6 icmp6types 1
01000 0 0 allow ipv6-icmp from any to any ip6 icmp6types 2,135,136
65000 31963844 75197626555 allow ip from any to any
65535 0 0 deny ip from any to anyThank you