Two network cards, how does this exactly work?

Y

Yelphos

Hey,

I use an T43-Thinkpad Notebook, a PCMCIA card from Belkin called "F5D5010". In internet it says this card works on freebsd FreeBSD but I got some problems with this card and the onboard card.

The first thing, if I install freebsd FreeBSD I can choose both cards and one they do work if I configured one of those and set to standard. The other card doesn't work, I chose the onboard to standard, it works with some compatibility issues. I come to those issues after the first issue and that's the non-working second card. Ifconfig says it is active and the cable plugged in, it displays the setting I made into rc.conf and it also accepts other settings, from ifconfig it all looks working well but if I switch to X and start Firefox to go into internet nothing happens. I plug the cable into the right set onboard card and I can browse the internet, I plug the cable into the second card with same settings and no issues in ifconfig (looks like the onboard card) it doesn't go into internet. It displays can't connect to internet in pure console or if I start X it doesn't let me browse or do anything else in internet.

The next problem is some kind of instability when changing the IP settings with ifconfig on the onboard card to other IPs, if I set on console the settings to another IP it works one time and then I must reboot to change the IP back to how it was for functioning. If I set up the IP in rc.conf everything works fine for the onboard card but if I change the IP by command it doesn't accept this very often and refuses every connection to everything, also if I change back the first IP. For example I got 2 routers on different IPs and I can't switch with ifconfig command to the IP of the second router because if I do i can't access the router. I can access the router if I set the IP in rc.conf and reboot but if I change the IP with commands it doesn't let me in to both routers.

What's the problem with freebsd FreeBSD? Is there some secret option to set how freebsd FreeBSD accesses the internet? Maybe it does automatically detect those setting while booting but I can't find anything about in free-bsd FreeBSD tutorials or web search. Looks like freebsd[/de] FreeBSD can't manage two networks without pointing one network out as internet network or so, similar with changing IP.

I also looked into the boot logs for the second card, there is no indicator of malfunctioning. It recognises everything fine but seems just doesn't want to use the second card for internet.
 
It is very difficult to tell what you are trying to do. Why are you trying to use two different cards?

Changing the IP address of a card is not enough, you probably also need to reset the default route. This is usually done automatically by dhclient(8).
 
The goal is to forward packets from secondary card to primary and send those packets to my internet router. It shall function as packet inspection firewall, web cache- and web filterproxy. Actually I would just like to change the IP-adresses on my primary card to solve some configuring tasks on different devices with different IP's but if i change them it doesnt work always. Sometimes it just takes a long while before it functions on its old normal IP again and sometimes it just doesn't work on no IP i set or it works instant. Right, this sounds like something should do something automatically but doesn't do always.

Default route something I missed/didn't know while searching about failures but hard if you are someway new to the operating-system and networking-stuff, didn't know anymore what to search for. Any other stuff that affects my network behind the scenes and could cause FreeBSD forcing on primary card as internet-gateway?

I also wonder if there could be any problems if I set both cards on the same IP-address range except of last number, some devices don't accept such configurations for some reason in my past experiences with networks. Would be nice if someone could tell me why developers prevented from setting up such stuff.
 
What you are trying to set up is usually done with a gateway. Two cards are not needed to inspect traffic, and putting them both on the same network is asking for misery. Developers have not prevented it, because some people actually do need that. It is a special-case setup.

If you want all traffic to go through the FreeBSD system, that is what FreeBSD calls a gateway. In that case, the two network cards are needed, one for the inside (LAN), and one for the outside (Internet, or "WAN").
 
I prefer to use two network cards to split it in to two different networks, it negates the ability to listen to the network if someone got infected in the highly insecure network area. My router also requires some special protection from inside where the notebook with two network-cards comes in, it prevents any attacks from my potential insecure computers inside. I know it would be also possible to use one network card receiving first and then sending to router in the same network but this has some serious security-issues. I didn't mean the developers of FreeBSD, I talked about every developers from software/devices I used in my past. Sometimes they deactivate functions like setting WAN and LAN network to the same IP for example, I asked myself (and you) if this could cause stability issues causing the developers to prevent from setting up this way.

It is called a gateway, right. This is how far I was gone with it and I stopped right at the point where my second network card doesn't let me into internet if I plug the cable into it. I just want to verify first everything works fine on this notebook which doesn't work fine yet and after many different searches I couldn't figure out what is causing the second and the primary card such problems I described. (why the "I" big?)
 
For a typical setup, use dhclient(8) to get an IP address from the internet router/modem/whatever. Or, if the system is supposed to use a static IP address, set that and the default route manually. Also probably need to edit /etc/resolv.conf. The FreeBSD system then will have internet access.

Get this to work first.

PS: in English, "I" is always capitalized.
 
I don't understand at all. Please give some examples of what you tried and what you wanted it to do.

Your either trying to do routing (a gateway), a virtual interface bridge(), or link aggregation/failover (see lagg()).
 
If I ping to my router with primary it does normal ping and if ping with secondary it says:

Code: 
No route to host

I think this is our problem, I must set an route with route command but if I do so it always says
Code: 
route already exists
Hmm, I deleted the default route but primary works and connects to router but not the secondary. There must be another route to set that was made while installation automatically but not for secondary card I didn't specify for standard usage. I try now different commands to figure out how to set this route because if I search
Code: 
No route to host
then search says this happens if the system has no route to deliver the package which means I must someway set that. If I use [cmd=]netstat -nr[/cmd] it shows under gateway something like
Code: 
#link9
on both primary and secondary cards IP. But there is still a difference, device bge0 (the primary card) is shown with only one entry in netstat and got an IP like x.x.x.0/24, the other 3 entries are all assigned to le0 which means secondary card and there is no such entry like for bge0, why does the primary card have only one entry and does more or less function and the secondary got 3 entries?

(Is this "I"-thing new? I didn't learn this in school.)
 
My English-teachers were always very very old, I can't remember ever heard about but maybe I slept while this lesson. (really) Grammar was always something that didn't interest me at young years, for now my thinking about changed. Guess I should look someway deeper into grammar of other languages.

The stuff you corrected is the stuff I did wrong, right? There is nothing else I should know about my previous posts? To ask not to get banned and I don't understand why or missed something while reading the rules.(I really did, yesterday and today) I will try to do it as right as I can but I don't always feel good enough to stay aware of everything about right posting, some health issue after an stroke that caused me temporary mentally defective. I do as good as I can but I can't guarantee to do everything right all the time.
 
Yelphos said:
If I ping to my router with primary it does normal ping and if ping with secondary it says:

Code: 
No route to host
Click to expand...

As it should. The secondary card should not be on the same network:

Code: 
                    FreeBSD
internet---router---(a) (b)----lan

Interface a is the outside, WAN network. Interface b is the inside, LAN network. They should not be connected to the same network.

(Is this "I"-thing new? I didn't learn this in school.)
Click to expand...

Been around for a couple of hundred years, I think.
 
Also if I plug the cable from a to b? If I understood right both should use the default router if nothing else specified, a does and b not. It returns the no routing error. I think I delete all those entries about b and try to create both routing entries for the different devices identical, just to verify everything works right on both cards. After I saw the second card connecting to the Internet and other stuff tested I specify it how it is intended, passing packets from b to a or not.
 
I think I don't ask questions in this forum anymore. But anyways, thanks you helped enough with the first posts. Next time I look deeper into such "mechanics" from the operating-system. Better then getting always such answers, I don't like this way to talk. (except of grammatical rules)
 
You didn't specify enough details of your configuration such as what IP and netmasks your assigning to which interfaces.

Better if you don't configure anything with rc.conf and just do everything manually first.

Code: 
ifconfig em0 192.168.10.1 255.255.255.0
ifconfig em1 192.168.20.1 255.255.255.0
route add ...
route default ...
then edit resolv.conf

To find answers you first need to know the proper question; which is often more difficult to figure out than the question itself.

If you think this place is harsh just wait until you try the mailing lists. So your grammar and how you phrase things is a little off.. just means you have to be more patient with people trying to help you.

I think but still am not sure that your trying to setup a firewall or a transparent bridge().
 
You must log in or register to reply here.
Back
Top