[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ip Routing Through Cluster

T. 'Nifty New Hat' Mitchell wrote:

On Fri, Jun 11, 2004 at 05:54:54AM -0400, gswallow cfl rr com wrote:

Am successfully bonding two dual PII266 machines via crossover
cables to make a workstation out of the hardware I have 'round the
house. node1 and node2 on network.com ( can ping between
eachother just fine on each machine's bond0 NIC
( node1/node2). eth0 and eth1 in each machine
are SLAVE of bond0 device.

node1 can access internet fine...

What amm I getting wrong here? And, please let me know if ya need more infor.

Remember that private internets are not routed!

 # The Internet Assigned Numbers Authority (IANA) has reserved the
 #    following three blocks of the IP address space for private internets:
 #        -  (10/8 prefix)
 #      -  (172.16/12 prefix)
 #     - (192.168/16 prefix)

What this means is that there should never be a published route
between net 192.168.2.xx and your 192.168.1.xx net (or any other
private internet).
You are correct if the route would cross any portion of the public network/internet. However, private networks can be and often are routed within an intranet.

Host routes and gateway hosts may solve the problem.  Check the man
page for route I see some examples at this URL that look close


Note the gw (gateway)
   Adding and Removing a Network in Linux

   route add -net gw
   route del -net gw

   Adding and Removing a specific host in Linux

   route add -host gw
   route del -host gw

See /etc/sysconfig/static-routes
This URL may have hints...


Note that the DHCP server must communicate the correct routes if DHCP
is used.  Both directions need routes and in some cases routing more
than one private network is impossible.

Some tricks like FIREWALL_IP translation might help.

See also bridging and proxy arp....
See  /etc/gateways  if a dynamic routed is active.

The key is that private nets are not routed and very special actions
are needed to get to and from the Internet from the second private
"private <--> public" is common and easy

"private <--> private <--> public" is trouble.
Not when using NAT or MASQ at the interface to the public. A properly configured NAT router will handle this as easily (in my experience) as the first one above. YMMV depending on config and hardware.

I also note that you have IPV6 networking active -- you might wish to
turn that off and simplify your task.  Eventually IPV6 will simplify
this stuff.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]