MultiNetting a Fedora Core 4 machine

Brent brent at linux.wku.edu
Sat Sep 10 15:15:05 UTC 2005 

Craig White wrote:

>On Sat, 2005-09-10 at 09:47 -0500, Brent wrote:
>  
>
>>I have a Fedora Core 4 box that sits on two networks and I need it to 
>>access both networks at the same time.
>>
>>One interface (ext_cm, eth1) connects to a cable modem and out to the 
>>internet. I need this to be the default gateway for the machine, meaning 
>>any traffic originating from the machine goes out this connection.
>>
>>The other interface (ext_sh, eth0) sits inside a private network on one 
>>subnet connected to several other subnets. Also this whole network is 
>>able to get to the internet through a state wide firewall/NAT. The 
>>machine has a DNS entry on this firewall so when traffic comes in 
>>through the firewall it gets routed to this machine.
>>
>>The problem is that when the machine goes to reply to HTTP requests 
>>coming in on ext_sh it sends the replies out ext_cm and thus when the 
>>packets get to the clients they reject them as coming from the wrong host.
>>
>>I need to know how to get the machine to send replies out the interface 
>>that the requests come in so that they machine is available via its DNS 
>>address through the ext_sh network.
>>
>>It looks something like this:
>>
>>Net <->cable modem<->FC4 Box<->ext_sh network<->router<->firewall<->net
>>
>>and I need packets that come in from one side to go back out the same 
>>side, but instead they are all getting sent out the default gateway 
>>cable modem.
>>
>>Anyone have any bright ideas?
>>    
>>
>----
>most of my bright ideas don't seem to have anything to do with Linux as
>there are too many people way ahead of me.
>
>In your case, you need some static routes to tell your system how to get
>there. As you have surmised, all attempts to communicate to systems
>other than the subnet on eth0 will go through your default gateway.
>
>man route would be helpful here...
>
>let's say eth0 is 192.168.1.1 subnet mask 255.255.255.0
>and you have a network 192.168.2.0 subnet mask 255.255.255.0 which is
>accessible via a router machine at 192.168.1.254, then you would want
>to...
>
>route add -net 192.168.2.0 netmask 255.255.255.0 gateway 192.168.1.254
>
>I think - this of course is untested but I think you should be able to
>glean what you need.
>
>Craig
>
>
>  
>
Right. I have the routes, but it doesn't seem to help, everything still 
seems to head back out the cable modem.  I guess because it is the 
default, it takes precedence over the others.
Brent

More information about the fedora-list mailing list