[K12OSN] Routing

"Terrell Prudé, Jr." microman at cmosnetworks.com
Tue Jun 29 02:45:28 UTC 2004 

Sudev Barar wrote:

>On Mon, 2004-06-28 at 22:03, Sean Fichera wrote:
>  
>
>>Routing is a problem
>>
>>We have
>>Linux Server acting as a router to 4 locations
>>
>>eth0 172.20.20.25
>>eth1 172.21.21.25
>>eth2 xxx.xxx.xxx.xxx
>>eth3 broadband connection
>>
>>we have a squid proxy that will  be on the 172.20.20.25 line with an ip of 172.20.20.26
>>
>>A client on the 172.21.21.25 line can't get to the proxy at 172.20.20.26
>>
>>We need help  we like using webmin so if you can tell us how to get it running that way that would be great if not then how do we get the router up and running.
>>    
>>
>Will setting the netmask for eth0 and eth1 to 255.255.0.0 so that both
>172.20.20.xx and 172.20.21.xx are recognised as local networking address
>range help?
>This is if the eth2 and eth3 do not fall within this netmask IP
>addressing?
>  
>

No, that won't work, unfortunately.  I made that mistake back when I was 
first learning routing, and it drove me nuts for a whole day of 
troubleshooting.  What'll happen if you do that is that no packets will 
pass in between eth0 and eth1, because the routing logic will never get 
invoked.  The reason for that is that the only time you ever invoke 
routing logic is if you're crossing logical broadcast domains; in the 
case of IP, this means crossing IP subnets.  The kernel will not know 
whether to direct traffic from eth2 and eth3 out either eth0 or eth1, 
since both eth0 and eth1 would be on the same IP subnet.  The result is 
that, depending on the specific implementation of routing logic in a 
given OS kernel, either nothing will happen, or you'll have half the 
traffic going out eth0 and the other half out eth1.  Either way, 
communications ain't gonna take place.  In the case of Windows NT/2000 
Server acting as a router, no traffic will flow from one interface to 
the other.  Cisco routers won't even let you do it; they'll throw up an 
error message and refuse to execute the command.

Give us all your subnet mask information (this is *very* important!), 
and also check my previous response about enabling packet forwarding in 
the kernel.

One last suggestion:  consider learning the command-line way first, then 
going to Webmin, for when you get caught in situations just like this.  
Yes, it's the "hard" way, but the command line has saved me so many 
times across so many operating systems that I stopped counting years 
ago.  Just a thought.

--TP

More information about the K12OSN mailing list