Two network interfaces, how separate them?

thiagoaos · Sep 11, 2009

Hi,

I have two network interfaces in one location, both has internet access.

One is throuth airport and another is throuth iPhone tethering.

With airport interface i connect in my work lan, but the internet access provide by my company is very slow and so many websites is blocked.

Then i want to use the airport interface only to access only 10.* address (intranet) and the iPhone tethering to access internet.

How can i do this?

* If i change order in interface list, putting first iPhone interface and later airpot, i can connect in internet but i can't connect in database, email smtp ..., services the is in my local network.

* If i change order in interface list, putting first airpot and later iPhone interface, i can connect in internet by the company interface access using proxy and access all intranet services, but i can't use iPhone internet access.

* My company use authentication proxy to internet access

thiagoaos · Sep 15, 2009

Hi, can i help me?

I still don't fix this.

Tex-Twil · Sep 16, 2009

Hi,
interesting question.

I think there must be some routing configuration done. Si that all the 10.0.0.0/8 traffic goes through the en1 interface, the rest through the tethered iface.

Wait, what is the network mask of your company's network ?

You could try:

Code:

route add -net 10.0.0.0/8 -interface en1 
route add default -interface [I]name_tether_iface[/I]

I haven't tried it though and I will have a closer look at this when I'm home.

Tex

Tex-Twil · Sep 17, 2009

Hi,
again. So here is what I did so that my iPhone is the "default" interface and my airport is used only for the networks 192.168.100.0/24 and 10.0.1.0/24

I had my airport configured by DHCP and internet working.
The I plugged the iPhone and enabled tethering.
Open a root Terminal and display the configured routes

Code:

~ root# netstat -rn -f inet
Routing tables

Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default           [B] 10.0.1.1 [/B]          UGSc            3        0     [B]en1[/B]
default           [B] 192.168.20.1[/B]       UGScI           1        0     [B]en2[/B]

Here we can see that we have two default routes which is not good.
The en1 interface is the Airport
The en2 is the iphone.
Note the default gateway of the iphone which is here 192.168.20.1

Now let's delete both routes (I'm not sure if the flush command is really necessary):

Code:

~ root# route delete  default 192.168.20.1
~ root# route delete  default 10.0.1.1
~ root# route flush

And add again the default route through the iPhone

Code:

~ root# route add default 192.168.20.1

Now you should have a working internet connection.

Let's add the route to the 192.168.100.0/24 and 10.0.1.0/24 networks:

Code:

~ root# route add -net 192.168.100.1/24 [B]10.0.1.1[/B]
~ root# route add -net 10.0.1/24 -interface en1

I think the last command is not necessary because the en1 interface has an IP in the 10.0.1/24 network so it should find the way there. Note that for the 192... network, I also specify the gateway 10.0.1.1, which is the router needed to reach that network through the en1 interface.

Hope it helps.

Tex

Collin Bl · Sep 17, 2009

Hi Tex, have been reading thru your post and is there a digit missing in one of the addresses above? In last para should it be 10.0.1.1/24?

Tex-Twil · Sep 17, 2009

Collin Bl said:
Hi Tex, have been reading thru your post and is there a digit missing in one of the addresses above? In last para should it be 10.0.1.1/24?

Hi,
since there is a 24-bit net mask, the last "digit" (8 bits) does not matter when you write the network address.

But you're right, is is more clear to write the entire address 10.0.1.0/24 but in this case I prefer to write a 0

Tex

Collin Bl · Sep 17, 2009

Thanks Tex - not an area i know much about, but your reply helps.