Confusion in Configuring Networks

[Fred Krogh]

I don't really need or even want a router, but I need wireless. I thought maybe their were switches that would put out a wireless signal, but the little looking I've done did not reveal such a thing. Thanks.

[WWWW]

This is interesting:

A system can have two interfaces with different subnets?

eth1 192.168.1.3
eth2 192.168.2.3

How do programs not get confused? I certainly can see this being useful. But won't get programs confuzzled?

Would it be possible to expand this?

eth1 192.168.1.3
eth2 192.168.2.3
eth3 192.168.3.3

And what it is the difference as opposed to have this?

eth1 192.168.1.2
eth2 192.168.1.3
eth3 192.168.1.4

Thanks!

[depontius]

Believe it or not, you've just asked a mouthful.

Really, subnets are defined by the "subnet mask", and in the case of the RFC-1918 network for 192.168.*.* the subnet mask is conventionally 255.255.255.0. You map that 255.255.255.0 over top of the 192.168.*.*, and what it really means is that for a given subnet, only the fourth number, the one after the last dot, is allowed to vary. So using your first/second examples, 192.168.1.3 and 192.168.2.3 are on different subnets, assuming you've got the normal 255.255.255.0 subnet mask. With your third example, 192.168.1.2 and 192.168.1.3 are both on the same subnet, and that applies pretty much regardless of the subnet mask. (I've used subnet masks to define very small subnets before on my home network, but it's not common.)

Why might you want multiple subnets? My home network currently has three subnets. I have a cable modem, and my appliance router plugs into that - first subnet. The back side of my appliance router is an 8-port switch, and 2 of those ports plug into a pair of (redundnat) bastion hosts, running secondary firewalls - second (DMZ) subnet. The back side of my redundant bastion hosts is my LAN, where the rest of the stuff on the home network connects. Right now my wireless router is plugged in as an access point on my LAN - so it's only using the wireless function, not the routing.

I'm thinking of changing things a bit in the near future, prompted by the Internet Of Things. I kind of want to get some of those Things, but it seems that they all need to phone home, and at least some of them (L.G. Smart TVs) phone home with information harvested from the LAN they're connected to. I want stuff like that on its very on subnet, that routes only to the internet, and not to my LAN. So that would probably mean plugging a wireless router into my DMZ with only a default route to the internet and its own subnet for my I.O.T.
_________________
.sigs waste space and bandwidth

[NeddySeagoon]

WWWW,

My KVM router has four subnets.

ppp0 is the big bad internet. PPPoE on eth0
eth1 is my DMZ on 192.168.10.0/24
eth2 is wy WAP on 192.168.54.0/24
eth3 is my wired protected network on 192.168.100.0/24

Apps don't get confused because the kernel looks after the interconnectivity.

I have separate wireless and wired networks
a) because I am paranoid
b) wireless is not permitted to connect to wired but it is allowed to respond if wired asks.

I have a few things an my wired network that like to phone home. They are all blocked by filtering on the destination port they try to connect to.
That results in logspam in wy firewall logs.
Did I mention that I'm paranoid?

Hmm maybe it actually has another subnet too. Being a KVM, its console is VNC on another subnet. 192.168.122.0/24 or something like that.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.

[WWWW]

[Fred Krogh]

I'm back, sorry! I've learned a lot from the help already given.
Using a Windows 7 machine I finally got the router configured. The only ethernet connection my main computer has now is eth0. All seems to work, except apache is messed up. Thus

[Fred Krogh]

I have another problem. That windows 7 machine will not fetch mail, but gives no sign of the problem. It can access the web just fine. I have set it up to fetch from my server at 192.168.1.2. It will also not fetch from my site mathalacarte.com at 216.86.203.11. Is there something that needs to be said in the wireless router to make this work?

[NeddySeagoon]

Fred Krogh,

If you have interfaces that you are not using, they may be required to be up so that the net service, which apache needs is considered up.

Read the comments in /etc/rc.conf and maybe adjust the rc_depend_strict setting.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.

[Fred Krogh]

Thanks Neddy! I was just in the process of posting the following when I got your last comment.

More info. The computers on the subnet can send mail, but can't access the pop-3 server on the same subnet. Some problems I had were only fixed by removing net.eth1 and net.eth2 from the default run level. It apparently was not sufficient to stop them as both postfix and apache were trying to access these access points. My web server now appears to be working, including with virutal hosts. So down to one problem only. The pop-3 part.

I note that /etc/init.d/postfix restart will not work. Postfix seems to think it is already stopped and it fails to start. postfix-reload does have the effect of changing the job numbers of the running postfix programs. At the moment I have no idea whether the problem is in postfix, or in the wireless router. or perhaps in dovecot. In the wireless router, I have had "Enable Port Trigger" set to no and to yes and in the latter case I have

[Fred Krogh]

Maybe enough progress to get this over the hump? But I'm still having problems with mail. I'm currently trying to set up a new account in my laptop that matches one on a Windows machine that will send but can't get mail. In the wireless router, I have set: Enable multicast routing to yes. That seems to be necessary. I have also enabled Port Trigger which now has the following data