ip Routing Through Cluster

Jeff Vian jvian10 at charter.net
Mon Jun 14 03:37:43 UTC 2004



T. 'Nifty New Hat' Mitchell wrote:

>On Fri, Jun 11, 2004 at 05:54:54AM -0400, gswallow at cfl.rr.com wrote:
>
>  
>
>
>  
>
>>Am successfully bonding two dual PII266 machines via crossover
>>cables to make a workstation out of the hardware I have 'round the
>>house. node1 and node2 on network.com (192.168.2.0) can ping between
>>eachother just fine on each machine's bond0 NIC
>>(192.168.2.1/192.168.2.2 node1/node2). eth0 and eth1 in each machine
>>are SLAVE of bond0 device.
>>    
>>
>....
>
>  
>
>>node1 can access internet fine...
>>    
>>
>....
>
>  
>
>>What amm I getting wrong here? And, please let me know if ya need more infor.
>>    
>>
>
>Remember that private internets are not routed!
>
>  # The Internet Assigned Numbers Authority (IANA) has reserved the
>  #    following three blocks of the IP address space for private internets:
>  #
>  #       10.0.0.0        - 10.255.255.255  (10/8 prefix)
>  #       172.16.0.0      - 172.31.255.255  (172.16/12 prefix)
>  #       192.168.0.0     - 192.168.255.255 (192.168/16 prefix)
>
>What this means is that there should never be a published route
>between net 192.168.2.xx and your 192.168.1.xx net (or any other
>private internet).
>  
>
You are correct if the route would cross any portion of the public 
network/internet.  However, private networks can be and often are routed 
within an intranet.

>Host routes and gateway hosts may solve the problem.  Check the man
>page for route I see some examples at this URL that look close
>
>   http://www.cpqlinux.com/routes.html
>
>Note the gw (gateway) 
>
>    Adding and Removing a Network in Linux
>
>    route add -net 10.10.10.0/24 gw 192.168.0.1
>    route del -net 10.10.10.0/24 gw 192.168.0.1
>
>    Adding and Removing a specific host in Linux
>
>    route add -host 10.10.10.45 gw 192.168.0.1
>    route del -host 10.10.10.45 gw 192.168.0.1
>
>See /etc/sysconfig/static-routes 
>
>This URL may have hints...
>
>  http://www.comptechdoc.org/os/linux/usersguide/linux_ugrouting.html
>
>Note that the DHCP server must communicate the correct routes if DHCP
>is used.  Both directions need routes and in some cases routing more
>than one private network is impossible.
>
>Some tricks like FIREWALL_IP translation might help.
>   http://projectfiles.com/firewall/isp.htm
>
>See also bridging and proxy arp....
>See  /etc/gateways  if a dynamic routed is active.
>
>
>The key is that private nets are not routed and very special actions
>are needed to get to and from the Internet from the second private
>net.
>   
>    "private <--> public" 
>is common and easy
>
>    "private <--> private <--> public" 
>is trouble.
>  
>
Not when using NAT or MASQ at the interface to the public. A properly 
configured NAT router will handle this as easily (in my experience) as 
the first one above. YMMV depending on config and hardware.

>I also note that you have IPV6 networking active -- you might wish to
>turn that off and simplify your task.  Eventually IPV6 will simplify
>this stuff.
>
>  
>





More information about the fedora-list mailing list