Two Networks on one System

Martin McCormick martin at x.it.okstate.edu
Tue Jun 21 11:28:59 UTC 2011 

	Here is what the issue is right now. The remote campus
in question has been on number space that was part of our Class
B network. They got a block of subnets for their DNS's and
campus enterprises and work stations. We secured them their own
number space and they are migrating from their portion of our
network to their new network and both nets are presented
routable from the rest of the world.

	If you do a whois query for their domain, you get the
address on our network of their primary DNS. When one updates
the whois data, there is a lag of some hours until new queries
start going to the new address of their primary DNS. In the mean
time, we don't really care but we would like for the new
interface for the primary to be reachable so that the minute the
information changes, we're answering lookups. After that point,
we will permanently take down the old interface address on our
network and probably reboot with the normal configuration now
being the new IP address.

	The problem I have, probably due to a misunderstanding
of what I need to do, is easy to describe.

	The defaultrouter statement in rc.conf or

route add default x.x.x.x

from the command line sets an interface to know that packets
whose destinations or sources that are outside the subnet go to
that default gateway.

	When I set up the secondary interface, I have not been
able to come up with a statement or statements that tell fxp1
that it's default router is y.y.y.y so you can't ever reach it
from outside the new subnet.

	Once traffic ever gets in to the system, it will
probably stay together based on the interface where it came
from, but it won't have to do it for hopefully more than a few
hours.

	I have tried both a second physical connection and an
alias and have ended up with the same behavior each time. Since
we have the second NIC active, I prefer to use it if I can ever
get it to use its router just like the primary interface does.

	Right now, I can get on to our secondary DNS which is in
the same subnet as the new address for the primary and log right
in to the primary through the new interface. From anywhere else
on the Earth, that new address is as dead as a doornail.

	I certainly appreciate every posting so far as routing
is one of the thorniest issues one can encounter in networking
so the more one is aware of, the less head-scratching and
frustration there is.

Martin McCormick

More information about the freebsd-questions mailing list