Only one nic of two seems to be active...

henri

Hi folks,

We have to setup a transparent squid router/proxy between a cheap adsl-router and a 172.xxx.... companie's network with 2003 Server and Clients.

One nic is a common unproblematic on-board chip and the other one a HP100 which we have to use to connect to the HP-Routers which do rarely accept normal nics.

All IPs shoud be assigned static.

The problem is ...

1) Nics are switching randomly (I already read, this could be solved with some udev entries)
2) When we start the server, we can either connect the adsl-router or the internal net from the proxy, depending on which card loaded first. - But never both!

Surprisingly, ifconfig shows all interfaces as correctly up!

192.168.1.1 is the adsl-router, 192.168.10.xxx the internal net:

Our Setup looks (for test-purposes at the lab ;-)

) like this:
config_eth0=( "192.168.10.100 netmask 255.255.255.0 brd 192.168.10.255" )
config_eth1=( "192.168.1.33 netmask 255.255.255.0 brd 192.168.1.255" )
routes_eth1=( "default gw 192.168.1.1" )

ip_forward is turned on

As the nics swiched randomly, we could, when eth0 worked, connect the proxy from the internal net, so we could ensure that the hp100 card does work well with the drivers and drivers are loaded correctly.
When eth1 worked, we could connect to the adsl-router, so the on-board nic also works correct.

I can remember I've had about the same problem before, but unfortunately it's years ago with my home Redhat-network.
And unfortunately, I'm stuck!

Many thanks, if you have any idea for the solution of our problem,
please post every single thought, we'll test it all ;-)

yours Henri

think4urs11

henri · Posted: Sat Jun 17, 2006 12:03 am Post subject:

Yess, it was irritating!

First I found out: One nic bas broken. I exchanged it but switching of the nics didn't really stop.

Then I did a little reseach and learned how to rename the interfaces defining a few udev-rules and wow:
Now the nics always get loaded in the correct order and by it's correct name!

But that's not all! These new names like eth_lan and eth_isp are very helpful when debugging firewall-scripts or defining some nice new softlevels with many totally different network setups. I did that immediately to my laptop and it helps a lot.

Ah, btw, no, the proxy cant be bypassed because it's configured as a transparent proxy with virus-scan and access-control via iptables and squidGuard and works very well and fast now. Unfortunately we now still have a routing problem which I posted here also.

Yours Henri