"Terrell Prudé, Jr."
microman at cmosnetworks.com
Tue Jun 29 02:45:28 UTC 2004
Sudev Barar wrote:
>On Mon, 2004-06-28 at 22:03, Sean Fichera wrote:
>>Routing is a problem
>>Linux Server acting as a router to 4 locations
>>eth3 broadband connection
>>we have a squid proxy that will be on the 172.20.20.25 line with an ip of 172.20.20.26
>>A client on the 172.21.21.25 line can't get to the proxy at 172.20.20.26
>>We need help we like using webmin so if you can tell us how to get it running that way that would be great if not then how do we get the router up and running.
>Will setting the netmask for eth0 and eth1 to 255.255.0.0 so that both
>172.20.20.xx and 172.20.21.xx are recognised as local networking address
>This is if the eth2 and eth3 do not fall within this netmask IP
No, that won't work, unfortunately. I made that mistake back when I was
first learning routing, and it drove me nuts for a whole day of
troubleshooting. What'll happen if you do that is that no packets will
pass in between eth0 and eth1, because the routing logic will never get
invoked. The reason for that is that the only time you ever invoke
routing logic is if you're crossing logical broadcast domains; in the
case of IP, this means crossing IP subnets. The kernel will not know
whether to direct traffic from eth2 and eth3 out either eth0 or eth1,
since both eth0 and eth1 would be on the same IP subnet. The result is
that, depending on the specific implementation of routing logic in a
given OS kernel, either nothing will happen, or you'll have half the
traffic going out eth0 and the other half out eth1. Either way,
communications ain't gonna take place. In the case of Windows NT/2000
Server acting as a router, no traffic will flow from one interface to
the other. Cisco routers won't even let you do it; they'll throw up an
error message and refuse to execute the command.
Give us all your subnet mask information (this is *very* important!),
and also check my previous response about enabling packet forwarding in
One last suggestion: consider learning the command-line way first, then
going to Webmin, for when you get caught in situations just like this.
Yes, it's the "hard" way, but the command line has saved me so many
times across so many operating systems that I stopped counting years
ago. Just a thought.
More information about the K12OSN