How and When to Use Both Ethernet Ports on a Mac Pro

__________________

There are several reasons why one might want to utilize both of these Ethernet ports. This article is focused on the ones I'm familiar with and have tested. Other configurations include, for example, something called “link aggregation.” That's when two Ethernet ports are combined to achieve greater bandwidth. That's a subject for another time.

What I'm going to discuss here is a connection to two networks, simultaneously. That's a situation that doesn't usually arise in a home, but it could. It's more likely in a small office.

If course, at home, some typical configurations are:

  1. Cable Modem > Router > Mac
  2. Cable Modem > Router > Switch > AirPort, Macs, iPads, etc.
  3. Cable Modem > Wireless Router with ports > Macs, iPads etc.

Those scenarios are generally reflected in the top half of Figure #1 shown below, using just one Ethernet port on a Mac Pro.

Figure #1

However, it may happen that a home or, more often, a small business may have two separate networks. For example, one might be a production and the other an experimental network (or a back up). Or two small, co-located companies may be sharing resources. Now, let's look at the bottom half of Figure #1 above.

Option #1. (Dual Networks) In this case, the Mac Pro is connected to two separate networks, both on the Internet, and each Ethernet port has its own IP address. I've chosen to use two of the most popular private (non-routable) IP address schemes, 10.x.x.x and 192.168.x.x, in this example. The Mac Pro can access everything on both of those networks at the same time, and devices on those networks can see the Mac Pro.

For example, here's what the Mac's System Preferences > Network might look like for port #1 (called Ethernet).

Figure 2.

And here's what it might look like, in parallel, for port #2 (called Ethernet 2). In this case, a second IPv6 network is being used for testing.

Figure #3.

If there are times when there's a need for security, to isolate the Mac from one of the networks, that's managed with the geared popup at the bottom of the Network window. Select “Make Service Inactive.

Figure 4.

One example of how this would help is the following. Suppose Ethernet port #2 were not in use on the Mac Pro in Figure #1. Further suppose an AirPort base station is connected to switch #2, but the Mac Pro is acting as both the master iTunes library and as print server on port #1. Connecting the Mac Pro's port #2 to switch #2 allows all the Macs, iPads and iPhones connected to switch #2 to print with, for example, Printopia. Plus the iPad and iPhones can then do their Wi-Fi sync to iTunes.

This is just a simple example of how a Mac Pro can bridge two networks and provide simultaneous services.

Option #2. (Isolated LAN). In this case, the Mac Pro is acting as a file server. It has access to the Internet via the router on port #1. However, port #2 is connected to a LAN of Macs (and perhaps PCs) that use the file storage capacity of the Mac Pro server, (and perhaps other services) but they don't have access to the Internet. Some design/publication studios use this technique to isolate their production work from security risks coming from the Internet.

Because there is no router that invariably has a DHCP server when using Option #2, the Macs on that LAN have two options to obtain a unique IP address. 1) They can be manually assigned or 2) OS X client does have a built-in DHCP server capability. Note that OS X Server has a better GUI for managing that DHCP server.

We're done.  But for those without a Mac Pro, there is an intriguing way to achieve the same thing.

An iMac Alternative

This raises the question: what if one is using two networks in a small office or home and can't afford a Mac Pro? iMacs only have one Ethernet port. But they save the day by also having Wi-Fi — which can also be used simultaneously.

Again, referring to Figure #1 above with, say, an Apple AirPort base station connected to switch #2, Turning on the iMac's Wi-Fi in addition to the the existing Ethernet network on port #1 (the only port) would allow access to the second network via switch #2.

One can add to the existing Ethernet configuration by using the “+” button at the bottom of the Network window. Use the popup labeled Interface: and select Wi-Fi.

Figure 5

This mixed mode isn't as secure as using Ethernet cables, but it works.

Summary

The ability of a Mac to operate on two separate networks and have a simultaneous pair of IP addresses opens doors. Flexibility is introduced for service isolation, security, or redundancy. It's a really nifty capability of our modern Macs.

____________________________

My thanks to Jim Tanous who contributed to this article. Mac Pro image via AnandTech.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.