PLEASE Help on two network cards in server

There isn't enough information in your post to answer your question fully.

In general you need to enable IP forwarding on the server. That way it will forward packets from one NIC over the other NIC:

sudo sysctl -w net.inet.ip.forwarding=1

However, that's only part of the story. Devices on each network need to know how to get to the other network, and that's usually done by editing the routing table on each system. Without knowing the network addresses in use on each side of the server I can't tell you what changes you need to make.

In addition it's not common for a printer to have an option to manipulate the route table in this way. It may be easier/necessary to setup a print server on the Mac that can accept print jobs from nodes on net1 and print them on the printer on net2.

OK, that definitely helps. The last piece that should answer the question relates to the routing table on the server. Can you post the output of netstat -rn.

"sudo sysctl -w net.inet.ip.forwarding=1"

That will start forwariding immediately but woun't survive a reboot.

In Tiger Server Admin NAT setup you can make this permanent by choosing "start Ipforwarding Only".

(Or by adding a line to /etc/hostconfig:
IPFORWARDING=-YES-

Or by adding a new file /etc/sysctl.conf
with this line in it:
net.inet.ip.forwarding=1)


"Devices on each network need to know how to get to the other network, and that's usually done by editing the routing table on each system."

Not necessary. What's necessary is a static route in each Internet router that use the server IP for each LAN as the gateway/router for the other LAN.

Example network 1: 192.168.100.0/24
Internet router 192.168.100.1
Server IP for that LAN 192.168.100.254
Static route in Internet router: 192.168.200/24 gw 192.168.100.254


Example network 2: 192.168.200.0/24
Internet router 192.168.200.1
Server IP for that LAN 192.168.200.254
Static route in Internet router: 192.168.100/24 gw 192.168.200.254


"In addition it's not common for a printer to have an option to manipulate the route table in this way"

Correct, but you need to add the correct gw/router and netmask to the printer IP settings for this setup. This is sometimes achievable via Telneting to the printer in question to set it up (older Apple printers).


For performance reason it could be better using a static route in each machine if the internet router doesn't send out route redirect packets.

Some DHCP servers should be able to send out a static route to it's clients with the rest of the IP info thus making it easier to provide each machine with a static route.

"http://docs.info.apple.com/article.html?artnum=106453"

This is for AppleTalk routing, I would stay away form it.

Use IP instead (LPR, Bonjour, RAW), maybe using the server as a printserver from one of the LANs (the one where the printers are not) otherwise use direct printing to the printer/RIP.

And the netstat -rn output above wasn't done on the server was it?

Ive got a similiar problem, and in Terminal, on my Mac mini, setup with two interfaces (yes, really), I can ping one interface to another: en0 set to LAN and en1 set to WAN.

The problem is that the WAN link from the server cant ping anything other than the other interface (built in ethernet - en0).

using Terminal to try to ping from one specific interface to a valid/reachable IP, one tries to use the -L switch so as to tell the hardware from which interface the packets will come from (I believe this is right but please correct me if Im wrong). So, reasonably interpreting the man page for ping, one should use ping as follows: (here I try to ping my WAN gateway)

VOTSERVER:~ chrisc$ ping -I en1 70.141.57.222
ping: invalid multicast interface: `en1'
VOTSERVER:~ chrisc4

What am I missing here ?

I checked my /etc/hostconfig file and it already has the

IPFORWARDING=-YES-

by default.



Mac mini Mac OS X (10.4.5)

"Yes I copied it from the Terminal on the server and pasted from there? Isn't it as it should be?"

There's only mentioning of en0 in there. You can't have en1 configured correctly.

To solve your problems - start by setting en1 up (and paste a new netstat -rn here afterwards). Don't enter a default gw/router (or nameserver) info for en1.

In Retrospect (at least in the "server" version) you can setup/add remotes by IP-number or "configure a subnet for broadcast".

I've never used any flags when using ping.

If the interfaces are "lined up" correctly: WAN interface on top of the interface list in Network setup the computer will know what interface to use to send packets out on.

Make sure the LAN interface doesn't have the "router" field filled in (or if you have used "GW setup" has the same ip as the interface have).

There should only be one default gw.

This article may help:
http://www.afp548.com/article.php?story=2006021714061633

Jeff

That article is "overkill" for your setup.

It's not the server that needs extra routes it's the routers (or each client). If you configure two interfaces on different subnets (only one default gw/router) routing will work if IPFORWARDING=-YES- in /etc/hostconfig.

Really, why not make just one subnet out of it and use the different internet routers on the "right" computers? Static IP number machines use the fast Internet and DHCP setup machines the "slow"?

If still you want to add routes to all clients you need to have them activated at boot. StartupItems still work under Tiger but you might prefer a Launchd script.