3

Options for non-virtualized network interface isolation?

view full story
linux-howto

http://serverfault.com – My server has two physical NICs, interfaces are eth0 192.168.1/24 (lan) and eth1 192.168.3/24 (dmz). Both NICs are connected to a router via wire. Router has two vlans for lan and dmz with separated ports also, with a firewall between the zones (OpenWRT). Problem object is the server and the way Linux prioritizes loopback interface. I want to have dmz -> lan initiating traffic blocked, for which the router firewall takes care of on the network, but as we know traffic going over server loopback interface between local NICs doesn't even reach the router. lan -> dmz direction all must be allowed (HowTos)

dayu's picture
Submitted by dayu on 12/29/2011 – Made popular on 12/29/2011

Stories similar to Options for non-virtualized network interface isolation?

I am having an issue with a CentOS 6.3 box. We have two NICs (eth0 and eth1) in the server which each have an ip from a different subnet assigned, let's say eth0:192.168.1.2/24 (gateway 192.168.1.1) and eth1:192.168.2.2/24 (gateway 192.168.2.1).

Hey everyone,

I have a server that should be connected to two networks. One where it is connected via a router to the internet and another one connected to a local network. I make certain ports of the server available in the internet, via port-forwarding. As soon as I configure the second interface (eth1), which has a static IP configuration, connection attempts from the internet fail.

Hi All,

I have 2 NICs in my U9.04 Server box (eth0, eth1). After I added 2 virtual interfaces for each physical interface (eth0:1,eth0:2,eth1:1,eth1:2), the MAC addresses of all the interfaces have changed to that of eth0. Because eth1 was configured to be on my local network, I can't access the box remotely anymore.

I have a server (Ubuntu 10.04 server) that has two NIC.

I have an extra desktop PC with 2 NICs that I'd like to use as my home firewall. I'll install a linux distro meant to be used as a firewall on the desktop.

I was thinking of placing it in between the cable modem and wireless:

modem <-> desktop_NIC1 <-> (firewall software) <-> desktop_NIC2 <-> wireless router <-> laptops, ipads, etc.

I have 2 networks that I'd like to connect with a router/firewall to filter traffic between the two. One network is on a public subnet, let's say 64.22.12.192/27 and the other network is on a private subnet 192.168.0.0/24.

I want to configure a dedicated Linux server as a router for protecting dedicated servers with public IPs.

I have 6 dedicated servers and I want to add a router/firewall to protect them.

I will use another server with two network cards (eth0 and eth1) as a dedicated router.

All dedicated servers must have incoming and outgoing Internet access for all ports.

How can I configure this to work?

e

firewall setup 24 weeks 18 hours ago

I have just setup an F17 box as a firewall. Everything is working fine, except for one minor catch: In short, the firewall box itself cannot access any services (eg, dns, ntp) unless I explicitly open up ports for them on the wan interface.

Hi all, I have a small atom based pc running Ubuntu 9.10 x64, which I want to use as a proxy, file server, and wifi access point. The box has 4 NICS, two of which are ethernet wired, two are 802.11.

One of the wired network NICs is connected to a BT home hub via DHCP. I can control the address range/subnet for this interface.