On Tue, 20 Jan 2009 13:19:57 +0000, Stuart Henderson wrote: >On 2009/01/20 22:40, Rod Whitworth wrote: >> Still learning.... >> >> I am trying to set up a box with two interfaces. I DO NOT want to route >> traffic through it. >> >> It is at a site where there are two connections to the net and I want >> the testbox to have an address on each of the LANs which are attached >> to the routers for those two connections. >> >> There is no NAT involved and all addresses are global so let's pretend >> that one of the LANs is 192.168.0.0/24 and the other is 172.16.0.0/24 >> with the routers having .1 on its LAN and testbox is to be .254 on each >> LAN. >> >> I should be able to ssh into testbox using each of those two addresses >> and still be able to "see" the other router even if its connection to >> the internet is down. >> >> I figure that reply-to is going to be involved but I have not managed >> to make it do my bidding. Can it work? What's the magic line? > >Something like this does the trick for me; > >pass in on bge0 (reply-to bge0 172.16.0.1) proto tcp to (bge0) port ssh >pass in on bge1 (reply-to bge1 192.168.0.1) proto tcp to (bge1) port ssh
Uh, shift the first left paren in each line to the right past the "reply-to". That avoids the syntax error. Sadly it didn't make the reply work for me though... I'm going to grab some more kit and set up a mock-up where I can traceroute and sniff more easily than over a channel that may not hold up when I need it. I've seen a few (not hordes) requests for this functionality whilst googling, so I'll write it up when I succeed. Perhaps undeadly would like it and that's not a bad resource to search for techy help. > >If you only have one interface, a variation involving alias addresses >also works. > Nope. 2 NICs. Right now I hate aliases. Mumble about linux users aliasing 10 IPs onto one NIC to subnet a LAN and every box on each subnet gets to see all the traffic on its own NIC. grrrrrr! windows ports hanging out looking for friends, grrrr! Thanks for the tip. It will be the basis for the experiment. Rod/ *** NOTE *** Please DO NOT CC me. I <am> subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ /earth: write failed, file system is full cp: /earth/creatures: No space left on device
