One Web server got two different IP in two different subnet

M

meteor8488

Hi,

Currently I got a server with two NIC, and each Nic get a public IP which are in different subnet.

The reason why I'm using two IP is one IP is used for PHP website and another one is for Static files.

For now the configuration is like
Code: 
ifconfig_igb0="inet 1.1.10.10 netmask 255.255.255.240"  #sever 1, this is for php web
ifconfig_igb1="inet 1.1.50.10 netmask 255.255.255.248" # server 2, this is for static files
defaultrouter="1.1.50.1" # this is the default gateway for IP 1.1.50.10
And for igb0, ISP limits it to use 50M bandwidth.
For igb1, the limitation is 450M

For now both IPs are working well. And two websites are also working well.

But when I run systat -ifstat.

I found that it seems all outgoing traffic are via igb1. The incoming traffic is OK.

Code: 
           igb0  in    113.650 KB/s        183.298 KB/s          199.078 MB
                 out     0.000 KB/s          0.000 KB/s          163.117 KB

           igb1  in     90.482 KB/s        327.727 KB/s           21.578 TB
                 out     5.749 MB/s         13.245 MB/s          424.747 TB

I understand that all outgoing traffic are using the default gateway of sever. So when user access server 1, the incoming traffic are going via igb0, but when server response, the traffic is going via igb1.

Is it possible to force sever to use igb0 to response the requests from sever 1 (igb0)?
 
Last edited by a moderator:
You could run two individual webserver processes where each process listens to one specific IP address. Then use setfib(1) to set up a different routing table for each process.

I don't know how feasible any of this is mind you because I haven't done this myself, but it's the first thing which came to mind.
 
Thanks for this information. It's quite useful.
I checked some document, they are all said to recompile the kernel to use more than 1 fib.
But i just set up a test VM and used the default kernel, and then add net.fibs=2 to the loader and reboot. And then sysctl net. | grep fib and get a result 2.

Does that mean in FreeBSD 11, there is no need to recompile the kernel to enable multiple fibs?
 
meteor8488 said:
Does that mean in FreeBSD 11, there is no need to recompile the kernel to enable multiple fibs?
Click to expand...
To my knowledge it's already enabled. The only thing you need to do is specify net.fibs in /etc/loader.conf, then reboot and after that you can use the x amount of routing tables. Default value is 1, so right now I can only use FIB 0:

Code: 
unicron:/home/peter $ netstat -4rnF 0 | wc -l
      10
unicron:/home/peter $ netstat -4rnF 1
netstat: 1: invalid fib
unicron:/home/peter $ sysctl net.fibs
net.fibs: 1
 
Thanks again.

I configured fibs as below:

In rc.conf

Code: 
ifconfig_igb0="inet 1.1.10.10 netmask 255.255.255.240 fib 0" #sever 1, this is for php web
ifconfig_igb1="inet 1.1.50.10 netmask 255.255.255.248" fib 1# server 2, this is for static files
static_routes="Nic0 Nic1"
route_Nic0="default 1.1.10.1 -fib 0"
route_Nic1="default 1.1.50.1 -fib 1"

And for ipfw
Code: 
$IPF 110 setfib 0 ip from any to any via igb0
$IPF 120 setfib 1 ip from any to any via igb1

Then I restart the network via

/etc/rc.d/netif restart && /etc/rc.d/routing restart

check sibs:
Code: 
# setfib 0 netstat -nr |grep default
default            1.1.10.1     UGS        igb0
# setfib 1 netstat -nr | grep default
default            1.1.50.1       UGS        igb1


But if I run tcpdump,

The incoming traffic for static is going via igb1, it's OK.
But the outgoing traffic for 1.1.50.10 is still going via igb0.

Is there any thing wrong in my configuration?

Update:

With the same settings, I reboot the sever. And after reboot all good.
It seems restart the network is not enough.
 
You must log in or register to reply here.
Back
Top