MultiNetting a Fedora Core 4 machine
Claude Jones
claude_jones at levitjames.com
Sun Sep 11 06:12:42 UTC 2005
On Sat September 10 2005 11:16 pm, Patrick Kobly wrote:
> On Sat, Sep 10, 2005 at 11:57:38AM -0400, Scot L. Harris wrote:
> > On Sat, 2005-09-10 at 11:15, Brent wrote:
> > > Right. I have the routes, but it doesn't seem to help, everything still
> > > seems to head back out the cable modem. I guess because it is the
> > > default, it takes precedence over the others.
> > > Brent
> >
> > No, the default route will be used last. It would help if you posted
> > the output from:
> >
> > netstat -rn
> >
> > This will show us the routing table on your system. If you have other
> > networks behind the one interface you will need specific routes to get
> > to those via the router on that network. Any routes that are not local
> > directly connected networks or do not have a specific route entry will
> > use the default route.
>
> Which is exactly the problem. He is getting traffic from the private
> if originating from the Internet (right?). He is getting traffic from
> the public if also originating from the Internet. Standard routing
> can only differentiate on the basis of destination address.
>
> You're in luck though! Take a look at:
>
> http://www.lartc.org/howto/
>
> Look at routing for multiple uplinks/providers
>
> assuming you look like this
>
> (10.11.12.13 is your cable modem address, public routable)
> (10.11.12.1 is your gateway for the cable modem)
> (192.168.0.50 is your private address)
> (192.168.0.1 is your firewall private IP)
> (10.11.12.15 is your firewall's public IP)
>
> eth1
> (10.11.12.13) ---> Internet
>
> eth0 ---> 192.168.0.0/24 <--- int firewall ext --->
> Internet (192.168.0.50) (192.168.0.1) (10.11.12.15)
>
> The following will reply to traffic on the interfaces it originated
> from, and will use eth1 for new traffic. (I used a setup like this to
> wean my mail/web servers off of one provider onto another while DNS
> updated and propagated - zero downtime)
>
>
> # create tables for each provider
> echo 200 pref >> /etc/iproute2/rt_tables
> echo 201 fw >> /etc/iproute2/rt_tables
>
> ip route add 10.11.12.0/24 dev eth1 src 10.11.12.13 table pref
> ip route add default via 10.11.12.1 table pref
>
> ip route add 192.168.0.0/24 dev eth0 src 192.168.0.50 table fw
> ip route add default via 192.168.0.1 table fw
>
> ip route add 10.11.12.0/24 dev eth1 src 10.11.12.13
> ip route add 192.168.0.0/24 dev eth0 src 192.168.0.50
>
> ip route add default via 10.11.12.1
>
> ip rule add from 10.11.12.13 table pref
> ip rule add from 192.168.0.50 table fw
--
Claude Jones
Bluemont, VA, USA
More information about the fedora-list
mailing list