[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: MultiNetting a Fedora Core 4 machine



On Sat September 10 2005 11:16 pm, Patrick Kobly wrote:
> On Sat, Sep 10, 2005 at 11:57:38AM -0400, Scot L. Harris wrote:
> > On Sat, 2005-09-10 at 11:15, Brent wrote:
> > > Right. I have the routes, but it doesn't seem to help, everything still
> > > seems to head back out the cable modem.  I guess because it is the
> > > default, it takes precedence over the others.
> > > Brent
> >
> > No, the default route will be used last.  It would help if you posted
> > the output from:
> >
> > netstat -rn
> >
> > This will show us the routing table on your system.  If you have other
> > networks behind the one interface you will need specific routes to get
> > to those via the router on that network.  Any routes that are not local
> > directly connected networks or do not have a specific route entry will
> > use the default route.
>
> Which is exactly the problem.  He is getting traffic from the private
> if originating from the Internet (right?).  He is getting traffic from
> the public if also originating from the Internet.  Standard routing
> can only differentiate on the basis of destination address.
>
> You're in luck though!  Take a look at:
>
> http://www.lartc.org/howto/
>
> Look at routing for multiple uplinks/providers
>
> assuming you look like this
>
> (10.11.12.13 is your cable modem address, public routable)
> (10.11.12.1 is your gateway for the cable modem)
> (192.168.0.50 is your private address)
> (192.168.0.1 is your firewall private IP)
> (10.11.12.15 is your firewall's public IP)
>
>     eth1
> (10.11.12.13)  --->  Internet
>
>     eth0       ---> 192.168.0.0/24    <--- int  firewall ext --->   
> Internet (192.168.0.50)                    (192.168.0.1)     (10.11.12.15)
>
> The following will reply to traffic on the interfaces it originated
> from, and will use eth1 for new traffic.  (I used a setup like this to
> wean my mail/web servers off of one provider onto another while DNS
> updated and propagated - zero downtime)
>
>
> # create tables for each provider
> echo 200 pref >> /etc/iproute2/rt_tables
> echo 201 fw  >> /etc/iproute2/rt_tables
>
> ip route add 10.11.12.0/24 dev eth1 src 10.11.12.13 table pref
> ip route add default via 10.11.12.1 table pref
>
> ip route add 192.168.0.0/24 dev eth0 src 192.168.0.50 table fw
> ip route add default via 192.168.0.1 table fw
>
> ip route add 10.11.12.0/24 dev eth1 src 10.11.12.13
> ip route add 192.168.0.0/24 dev eth0 src 192.168.0.50
>
> ip route add default via 10.11.12.1
>
> ip rule add from 10.11.12.13 table pref
> ip rule add from 192.168.0.50 table fw

-- 
Claude Jones
Bluemont, VA, USA


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]