Topic: Novice question: How to support two network segments

[Gordon Lee]

My e-smith 4.1.2 has two network cards installed. I would like e-smith to serve two network segments (subnet: 255.255.255.128) without an additional gateway. I know that e-smith-manager has a menu item to add an additional network, but it requires a router. Should I just enter the IP of my e-smith as the router, or are there other settings that I need to do?

Thanks in advance for your advices!

Gordon

[koolmoose]

I believe you need a router on each subnet with the route to the other subnet in its routing table.  Assuming the first subnet 192.168.1.x contains the e-smith gateway at 192.168.1.1 and is set up using the e-smith-manager localnetworks function to specify 192.168.2.x as a local network, the second subnet router at 192.168.2.1 could be e-smith or some other box capable of routing.  If the router representing the second subnet is not e-smith, you could add a route to the 192.168.1.x subnet using the command line.

I am not sure I understand your goal. Are you attempting to have two subnets on one ethernet card?  If so, consider using ip-aliasing which will allow you to have many subnets on the same ethernet card with either 4 letter names or numbers. e.g. eth1:acct or eth1:ops might be used as aliases for accounting and operations subnets. Since the subnets are private, I don't see a need to use anything other than a class C address.  Use ifconfig on the command line to set up the interfaces. Realise this is less secure than a separate ethernet card.

Hope this answers your question.
Paul

[Gordon Lee]

Let me try to clarify our situation. Please point me to a right direction if we have set anything wrong.

We have a single physical star ethernet network with a Cisco router connecting to the Internet. We have divided our physical network into two logical networks (mask=255.255.255.128).

Recently, we have setup an e-smith to act as a backup server which backups a file of hundreds of megabytes each from around 80 Win9x PCs within an hour or two. We found that the traffic on our Cisco router has become quite heavy because we have configured our Win9x clients to use that router as their default gateway. Now we would like to reduce workload on the router by enabling the e-smith as an additional router which just routes internal traffic between the two logical networks.

Should we use just one ethernet card with IP-aliasing, or use both ethernet cards, to achieve our purpose of internal routing? And what is the procedure? Please give me as much details as possible because I am a novice with TCP/IP, Linux and e-smith. Thanks in advance!

Gordon

[koolmoose]

I assume you already have a separate firewall.


Gordon Lee wrote:

> We have a single physical star ethernet network with a Cisco
> router connecting to the Internet. We have divided our
> physical network into two logical networks
> (mask=255.255.255.128).

It appears you want to use a subnet half the size of standard.  I have not tried this so
I am not sure it will work with e-smith.  I would use standard class C subnets just to
avoid uncertainty.  There is no shortage of Private addresses!

> Should we use just one ethernet card with IP-aliasing, or use
> both ethernet cards, to achieve our purpose of internal
> routing?

I would use two ethernet cards.
The ip-aliases trick would save an ethernet card at the price of performance so I would not recommend it.

> And what is the procedure? Please give me as much
> details as possible because I am a novice with TCP/IP, Linux
> and e-smith. Thanks in advance!


Set up e-smith as 'server only' in console.

One ethernet card would connect to your cisco router and its subnet, the other to your second subnet.  When you set up each ethernet card, make choices for your subnets and netmask that do not conflict with the standard e-smith setup.  For example, if you use DHCP, make appropriate changes to the range.

 The e-smith manager will allow you to connect to a second subnet with the second ethernet card.  However, you may have to do some command line configuration to use smaller subnets.  You would definitely have to for ip-aliases.  

You mentioned 'logical networks' so I would suggest that the two networks be physically separate; otherwise you may still have a performance problem because of the network traffic.  e-smith will route between the networks for your normal traffic but your backup data won't be seen on the 'other' network.

I hope I understood your problem.  Let me know if this is helpful.

Regards,
Paul

[Gordon Lee]

koolmoose wrote:
>
>
> I assume you already have a separate firewall.
>
>
> Gordon Lee wrote:
>
> > We have a single physical star ethernet network with a Cisco
> > router connecting to the Internet. We have divided our
> > physical network into two logical networks
> > (mask=255.255.255.128).
>
> It appears you want to use a subnet half the size of
> standard.  I have not tried this so
> I am not sure it will work with e-smith.  I would use
> standard class C subnets just to
> avoid uncertainty.  There is no shortage of Private addresses!
>

We have to use class B IPs and the specific netmask because they are pre-assigned by another entity.

> > Should we use just one ethernet card with IP-aliasing, or use
> > both ethernet cards, to achieve our purpose of internal
> > routing?
>
> I would use two ethernet cards.
> The ip-aliases trick would save an ethernet card at the price
> of performance so I would not recommend it.
>

Then we would use two ethernet cards.

> > And what is the procedure? Please give me as much
> > details as possible because I am a novice with TCP/IP, Linux
> > and e-smith. Thanks in advance!
>
>
> Set up e-smith as 'server only' in console.
>
> One ethernet card would connect to your cisco router and its
> subnet, the other to your second subnet.  When you set up
> each ethernet card, make choices for your subnets and netmask
> that do not conflict with the standard e-smith setup.  For
> example, if you use DHCP, make appropriate changes to the
> range.
>
>  The e-smith manager will allow you to connect to a second
> subnet with the second ethernet card.  However, you may have
> to do some command line configuration to use smaller
> subnets.  You would definitely have to for ip-aliases.
>
> You mentioned 'logical networks' so I would suggest that the
> two networks be physically separate; otherwise you may still
> have a performance problem because of the network traffic.
> e-smith will route between the networks for your normal
> traffic but your backup data won't be seen on the 'other'
> network.
>

We will follow your procedure to see if we can make it. Thank you very much for your detailed advices!

Regards,
Gordon