From mboxrd@z Thu Jan  1 00:00:00 1970
From: Stef Coene <stef.coene@docum.org>
Date: Tue, 02 Nov 2004 20:04:01 +0000
Subject: Re: [LARTC] Howto route through
Message-Id: <200411022104.01526.stef.coene@docum.org>
List-Id: <lartc.vger.kernel.org>
References: <41850B0D.9000409@draxinusom.ch>
In-Reply-To: <41850B0D.9000409@draxinusom.ch>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
To: lartc@vger.kernel.org

On Monday 01 November 2004 15:44, Rene Gallati wrote:
> Hm that is a solution, however how do I "attract" the traffic for the
> PCs in the LAN? I can either assign all IPs as aliases which looks a bit
> crude or use proxyArp or bridging to convey the traffic over from one
> side to the other.
The isp should route all traffic for your 1.2.3.0/28 range to 1.2.3.1.

>From your example: Range is 1.2.3.0/28 (1.2.3.0 - 1.2.3.15)

           eth0:  1.2.3.1   eth1: 1.2.3.1
---- Internet ------- FW Box ------ LAN (1.2.3.0/28)

default gw lan machines: 1.2.3.1
default gw firewall: assigned gw from your isp (in 1.2.3.0/28)
  ip route add default via 1.2.3.X dev eth0

routes on your firewall: for each lan, going out on eth1:=20
   ip route add 1.2.3.1 dev eth0
       (don't know if this works, but it's to make sure packets for the lan=
=20
host 1.2.3.1 are leaving out on eth1)

> At the moment, transparent bridge filter looks like the best idea to me,
> however the lan nic is a gigE card so I don't know if running it in
> promiscous all the time would be a good idea.

Stef

--=20
stef.coene@docum.org
=A0"Using Linux as bandwidth manager"
=A0 =A0 =A0http://www.docum.org/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/