Configure 2 NIC FreeBSD server as a WAN switch

Network related discussions (including general TCP/IP stuff, routing, etc).

Configure 2 NIC FreeBSD server as a WAN switch

Postby ethoms » 22 Jan 2012, 04:06

Basically I want to configure a FreeBSD (8.2) server to act like a network switch. One cable from fibre optic modem coming in on one NIC. And one cable going out from NIC 2 on the same subnet (an 16 public IP block from ISP) to a layer 2 network switch, to the other servers using the public subnet. Can this be done? I'm going to try it by setting up both NICs on same subnet, different IPs and then set
Code: Select all
gateway_enable="YES"
in [FILE]rc.conf[/FILE]. Just doing some research before I go to the office and start disrupting the connection.

Why not just use a switch between the modem and WAN facing NICs?

Because the back end (ISP) doesn't like talking to layer 2 devices, couldn't send email to yahoo, yet every other mail domain worked fine. I've tried using the router they supplied, split my public subnet into two; one on each interface, bridged them, and then put the switch behind that. Because the router is layer 3, it solved my sending to yahoo mail problem but I only get half my internet upload speed.

I've tried so many different configurations, each switch I use has slightly different behaviour. Basically the internet connection and/or the modem seem very fussy about the hardware it talks to. One things for sure, If I connect a server directly to the modem, I get full speed, infact I get double the upload speed I should be getting on my contract. So, I thought I'd let FreeBSD do my networking, I'm confident it can get more out of my connection than these damn off-the-shelf routers/switches.

The cable modem is 100Mb/s full duplex. I need a good networking stack (FreeBSD) to buffer this as I'm convinced it's the speed and duplex on different links that's causing the problems.

How can I do this, one cable from modem to FreeBSD server, service running on this FreeBSD server, then share through a second NIC and switch to another server (Solaris) also running internet services.

All the guides / documentation I can find regarding gateways / routers are related to 2 subnets. But I want to do only with one public subnet.
ethoms
Junior Member
 
Posts: 29
Joined: 13 Feb 2009, 18:45

Postby phoenix » 22 Jan 2012, 05:29

Can you draw a diagram of the network topology? Not exactly sure what you are trying to do, but it sounds like bridging is what you need.
Freddie

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
User avatar
phoenix
MFC'd
 
Posts: 3349
Joined: 17 Nov 2008, 05:43
Location: Kamloops, BC, Canada

Postby ethoms » 23 Jan 2012, 01:11

I thought of bridging first of all, but it didn't work. I managed to create a bridge0 and set it a valid IP + subnet. From what I remember, it would ping out if the internet facing NICs was plugged but as soon as the other NIC was pluggged it couldn't route to anything. Perhaps I needed the gateway_enable="YES" option set. Will try again when I go to office.

Network diagram:

Code: Select all
ISP gateway (200.200.200.113)
           |
           |
Fibre Optic Modem (100baseTX full-duplex) 
           |
           |
         [NIC1]
FreeBSD Gateway/Server (200.200.200.119{host},200.200.200.120{jail},200.200.200.121{jail})
         [NIC2]
           |
           |
     <<<<<< >>>>>>>>>>>>>>>>>>>>>
     |                          |
     |                          |
Solaris Global Zone{host}     Solaris Zone 1
(200.200.200.116)            (200.200.200.118)
ethoms
Junior Member
 
Posts: 29
Joined: 13 Feb 2009, 18:45

Postby ecazamir » 24 Jan 2012, 09:00

The proper syntax is:
Code: Select all
gateway_enable="YES"

without the ending 'd'.

An alternate method to permanently enable packet forwarding is to set in [FILE]/etc/sysctl.conf[/FILE]
Code: Select all
net.inet.ip.forwarding=1

Or temporary, executing
Code: Select all
sysctl net.inet.ip.forwarding=1
ecazamir
Member
 
Posts: 215
Joined: 10 Mar 2009, 14:01

Postby ethoms » 28 Jan 2012, 09:46

@ecazamir: Thanks, don't know where that d came from, I've edited it out.
ethoms
Junior Member
 
Posts: 29
Joined: 13 Feb 2009, 18:45


Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests