RE: multiple network cards and dns

That's brilliant thanks for that!
I am going to be setting up a proxy server using Squid with 2 network cards. I am right in saying the routing table should have a default out the external interface.
Also the reason i was asking about dns is that as im using this box as a proxy what dns servers should i specify? Ones on the inside network, the isp's (external network), or both of them?




many thanks


Date: Sun, 31 Dec 2006 12:30:50 -0700From: ryan@xxxxxxxxxxxxx: debian-user@xxxxxxxxxxxxxxxxxxxxxxx: Re: multiple network cards and dns
Andrew Critchlow wrote:


When you have 2 network cards in use with debian with DNS server configured on each which one does it choose to query for an address? Is configuring 2 network cards on debian as simple as configuring one card? thanks everyone.DNS is a map of names to numbers and numbers to names. You can basically assign any name to each IP for each NIC. If you assign the same name to two IP address, BIND DNS will rotate the responses in a round robin fashion. So:foo.bar. IN A 192.168.1.1foo.bar. IN A 192.168.1.2Will first respond to queries:192.168.1.1 192.168.1.2Then will respond:192.168.1.2 192.168.1.1This is a load balancing feature of BIND 4.9 and later versions, if this is what you are trying to accomplish. Otherwise if it's a firewall, assign a different name to the internal and external IPs.Configuring two NICs is as simple as adding another entry in /etc/network/interfaces for the new NIC. Be careful as sometimes after adding a second NIC the original NIC may become eth1 rather than eth0 (this has been PCI slot placement dependent for me).Here's the /etc/network/interfaces file from my firewall:# This file describes the network interfaces available on your system# and how to activate them. For more information, see interfaces(5).auto lo eth0 eth1# The loopback network interfaceiface lo inet loopback# The internal (onboard) network interfaceiface eth1 inet static address 192.168.1.254 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 #gateway 192.168.1.254# The external (pci) network interfaceiface eth0 inet static address 55.55.55.105 netmask 255.255.255.0 network 55.55.55.0 broadcast 55.55.55.255 gateway 55.55.55.254Note the commented out gateway for eth1. Since this is a firewall the appropriate gateway is the external one and if both gateways are enabled routes get screwed up. I know as I've had this hang me up before...-Ryan

Relevant Pages

  • Proxy VS Firewall
    ... does nothing but *hide* your internal network and cache web ... Firewall however will do things such as application filter's, ... Proxy server: Intercepts all messages entering and leaving the network. ... It intercepts all requests to the real server to see if it ...
    (comp.security.firewalls)
  • Can connect VISTA BUSINESS to SBS 2003
    ... We bought a VISTA business pc about a year ago and getting it onto our SBS network was unbelievebly complex ... One had XP on and joined the network in 30 seconds. ... If you use a public proxy server to browse the Internet, clear the Internet Explorer connection setting for using a proxy server. ...
    (microsoft.public.windows.server.sbs)
  • Re: ActiveSync Freezes with Internet setting applied
    ... detect if you have a proxy server on your network. ... This is controlled by the connection settings. ... The active sync comes back as not responding, ... the check box is cleared or the network cable is unplugged. ...
    (microsoft.public.pocketpc.activesync)
  • Re: Couple of issues
    ... select "bypass proxy server for local addresses". ... user tries to access the internet, ... Everybody on NT4 domain, you can ... >your network is setup, but you can filter at the firewall ...
    (microsoft.public.win2000.security)
  • Re: Newbie Questions
    ... with the HOWTOs - and then graduate to the "Linux Network Administrator's ... and the firewall is doing NAT. ... when they REALLY need the proxy server? ... there must be written policies in place BEFORE the ...
    (comp.os.linux.networking)