Two NIC Routing Question

Paul W. Frields stickster at gmail.com
Thu Jun 2 13:24:09 UTC 2005 

On Thu, 2005-06-02 at 10:33 +1000, Michael Mansour wrote:
> Hi Jake,
> 
> > I have a class two NIC firewall.  eth0 is my external interface 
> > connected to my cablemodem, eth1 is my internal interface connected 
> > to my hub.  I am using iptables-based firewall rules and using NAT 
> > so I can access the internet from all my desktops.  Everything is 
> > working correctly.
> > 
> > The problem is that it only works if I manually set up a default gateway
> > route through the external interface.  After I boot the system, I 
> > type the following command:
> > 
> >    route add default gw x.x.x.x
> > 
> > where x.x.x.x is the address assigned to my external interface. If I 
> > don't do this, I cannot access anything on the internet from any my 
> > internal machines. Once I execute this command it all works as 
> > expected.  I am certain, however, that as a RH 7.2 system, which is 
> > what I was before I started incrementally upgrading to FC1 where I 
> > am now, I did not need to do this for it to work.
> > 
> > How can I get this routing between two NICs to work correctly without
> > manually executing a 'route' command?  Please don't tell me to add this
> > command to rc.local.  My external IP address is dynamic so it can change
> > between reboots.  I need some mechanism that works dynamically.  I'm 
> > sure that it used to work this way!
> 
> I was actually surprised to find that out of so many replies to you, people
> seemed to have missed the answer to your problem.
> 
> In your /etc/sysconfig/network-scripts/ifcfg-ppp0 file, this is the file
> that's used to configure your link/routing when you dialup. There's a variable
> here you need to set:
> 
> DEFROUTE=yes
> 
> which will grab the default route information from your ISP and configure your
> routing for you. For this to work, you should _not_ set a GATEWAY variable in
> your /etc/sysconfig/network file. The GATEWAY flag adds a static default route
> to your routing table on system boot, which is not what you want in your
> situation. Within the /etc/sysconfig/network file remove the GATEWAY flag (if
> it's in there) and add:
> 
> GATEWAYDEV="ppp0"
> 
> which will tell the rc network script to use the default route supplied by the
> ifcfg-ppp0 script which picks that up from your ISP.
> 
> Other interesting variables you can use in ifcfg-ppp0 are:
> 
> ONBOOT
> PEERDNS
> CLAMPMSS
> FIREWALL
> 
> there's docs in the system somewhere (I forgot where I read all this when
> first doing it) which explains what each variable does, you should review it
> to allow you to better understand how the process works.

I would guess you're referring to
  /usr/share/doc/initscripts-*/sysconfig.txt.

-- 
Paul W. Frields, RHCE                          http://paul.frields.org/
  gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233  5906 ACDB C937 BD11 3717
 Fedora Documentation Project: http://fedora.redhat.com/projects/docs/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20050602/1435000a/attachment.sig>

More information about the fedora-legacy-list mailing list