Re: routing problem i think

[Bret Hughes <bhughes elevating com>]

Patrick Lavallee wrote:
> 
> hello. I have a RH 7.1 server use for gateway between my private lan and the
> internet. On that server i have 2 interface called eth0 wich is connect to
> the
> private lan (private ip adress) and eth1 wich is connect to the router
> (public
> ip adress, set as default gateway).
> in my private lan i have 3 other server with each a public adress. My
> problem
> is i cant access those adress from the web. How must i define my routing
> table to
> ennable that ?
> 
> I am already using IP Masquerading and port forwarding. All my workstation
> and server can access the web.
> 
> thanks
> 

Patrick -

I am a little confused with the terminolgoy of your post or maybe what
you are trying to do.  It sounds like you are trying to put both private
IPs and public ips on the same subnet behind your firewall.  Not a good
idea.  Routing nightmares and aliased NICs are required and a whole lot
more than I can help with althought I think I understand why it does not
work under normal circumstances.

If you want the three public ipaddress machines to be visible, and there
are no private ipaddresses on the lan then I would get rid of masq open
it all up.  There is probably an issue with the upstream router not
knowing to send the packets to your firewall anyway.

If you want to have a combination of private ip and public ip addressed
machines read up on DMZ type setups. where the public stuff is
accessible from both sides of the firewall but the private stuff is
masqueraded.  You will still need to have your upstream router from your
isp set up to use the firewall as your gateway to the other public ip
machines.

Perhaps a more detailed explanation of what you are trying to do would
help.

HTH

Bret