* [LARTC] Network Routing
@ 2005-12-07 15:47 Paul Lewis
2005-12-07 15:58 ` Peter Surda
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Paul Lewis @ 2005-12-07 15:47 UTC (permalink / raw)
To: lartc
Hi,
I have a linux router with 4 ethernet cards; eth0 through eth3. Basically,
all I want to do is route all traffic from eth2 to eth0, and all traffic
from eth1 to eth3.
I've looked through the LARTC how-to, specifically at chapter 4, about
multiple providers. However, I am still a bit confused, and not sure how to
set up my routing tables, as my scenario differs from the one in the
example.
Any help would be appreciated.
Many thanks,
Paul
---
Paul Lewis (paul.lewis@st-annes.ox.ac.uk)
Part II Student
Materials Science
University of Oxford
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [LARTC] Network Routing
2005-12-07 15:47 [LARTC] Network Routing Paul Lewis
@ 2005-12-07 15:58 ` Peter Surda
2005-12-07 17:12 ` Edmundo Carmona
2005-12-07 17:17 ` Edmundo Carmona
2 siblings, 0 replies; 4+ messages in thread
From: Peter Surda @ 2005-12-07 15:58 UTC (permalink / raw)
To: lartc
On Wed, 7 Dec 2005 15:47:00 -0000 "Paul Lewis"
<paul.lewis@st-annes.oxford.ac.uk> wrote:
>Hi,
hi
>I have a linux router with 4 ethernet cards; eth0 through eth3. Basically,
>all I want to do is route all traffic from eth2 to eth0, and all traffic
>from eth1 to eth3.
This is easy, just set up 2 new routing tables and add rules to assign the
packets to the correct one.
Let's say you have
eth0: 1.2.0.2/30 (gateway 10.2.0.1)
eth1: 192.168.0.1/24
eth2: 192.168.1.1/24
eth3: 1.3.0.2/30 (gateway 10.3.0.1)
Then you do something like:
ip rule add from 192.168.0.0/24 table 101
ip rule add from 192.168.1.0/24 table 102
ip route add 192.168.0.0/24 dev eth1 table 101
ip route add 192.168.1.0/24 dev eth2 table 101
ip route add 127.0.0.1/8 dev lo table 101
ip route add default via 10.3.0.1 dev eth3 table 101
ip route add 192.168.0.0/24 dev eth1 table 102
ip route add 192.168.1.0/24 dev eth2 table 102
ip route add 127.0.0.1/8 dev lo table 102
ip route add default via 10.2.0.1 dev eth0 table 102
(it's likely I forgot some detail or have a typo there, it's just an example)
>Paul
Yours sincerely,
Peter
--
http://www.shurdix.org - Linux distribution for routers and firewalls
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Network Routing
2005-12-07 15:47 [LARTC] Network Routing Paul Lewis
2005-12-07 15:58 ` Peter Surda
@ 2005-12-07 17:12 ` Edmundo Carmona
2005-12-07 17:17 ` Edmundo Carmona
2 siblings, 0 replies; 4+ messages in thread
From: Edmundo Carmona @ 2005-12-07 17:12 UTC (permalink / raw)
To: lartc
I wouldn't make it more difficult with separate routing tables. Just
set the firewall to allow traffic between the interfaces you want,
drop the rest and that's it. I mean:
iptables -A FORWARD -i eth0 -o eth2 -j ACCEPT
iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth3 -j ACCEPT
iptables -A FORWARD -i eth3 -o eth1 -j ACCEPT
# default policy
iptables -P FORWARD DROP
That should make it.... only of this router is their default gw or at
least the router to the other network the hosts want to reach.
On 12/7/05, Paul Lewis <paul.lewis@st-annes.oxford.ac.uk> wrote:
> Hi,
>
> The output from route -n is shown below:
>
> 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
> 192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3
> 192.168.14.0 0.0.0.0 255.255.254.0 U 0 0 0 eth4
> 192.168.4.0 0.0.0.0 255.255.252.0 U 0 0 0 eth2
> 192.168.0.0 0.0.0.0 255.255.252.0 U 0 0 0 eth1
> 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth4
> 0.0.0.0 192.168.100.254 0.0.0.0 UG 0 0 0 eth0
>
> And here is the output from ifconfig (edited down to save space):
>
> eth0 Link encap:Ethernet HWaddr 00:14:22:09:FB:1A
> inet addr:192.168.100.253 Bcast:192.168.100.255
> Mask:255.255.255.0
> inet6 addr: fe80::214:22ff:fe09:fb1a/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>
> eth1 Link encap:Ethernet HWaddr 00:04:23:BB:89:9C
> inet addr:192.168.3.253 Bcast:192.168.3.255 Mask:255.255.252.0
> inet6 addr: fe80::204:23ff:febb:899c/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>
> eth2 Link encap:Ethernet HWaddr 00:04:23:BB:89:9D
> inet addr:192.168.7.253 Bcast:192.168.7.255 Mask:255.255.252.0
> inet6 addr: fe80::204:23ff:febb:899d/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>
> eth3 Link encap:Ethernet HWaddr 00:14:22:09:FB:1B
> inet addr:192.168.20.253 Bcast:192.168.20.255 Mask:255.255.255.0
> inet6 addr: fe80::214:22ff:fe09:fb1b/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> inet6 addr: ::1/128 Scope:Host
> UP LOOPBACK RUNNING MTU:16436 Metric:1
>
> Cheers,
>
> Paul
>
> ---
> Paul Lewis (paul.lewis@st-annes.ox.ac.uk)
> Part II Student
> Materials Science
> University of Oxford
>
>
>
> -----Original Message-----
> From: Edmundo Carmona [mailto:eantoranz@gmail.com]
> Sent: 07 December 2005 16:00
> To: Paul Lewis
> Subject: Re: [LARTC] Network Routing
>
> to start with: what is the output of route -n or ip route show default
>
> On 12/7/05, Paul Lewis <paul.lewis@st-annes.oxford.ac.uk> wrote:
> > Hi,
> >
> > I have a linux router with 4 ethernet cards; eth0 through eth3. Basically,
> > all I want to do is route all traffic from eth2 to eth0, and all traffic
> > from eth1 to eth3.
> >
> > I've looked through the LARTC how-to, specifically at chapter 4, about
> > multiple providers. However, I am still a bit confused, and not sure how
> to
> > set up my routing tables, as my scenario differs from the one in the
> > example.
> >
> > Any help would be appreciated.
> >
> > Many thanks,
> >
> > Paul
> >
> > ---
> > Paul Lewis (paul.lewis@st-annes.ox.ac.uk)
> > Part II Student
> > Materials Science
> > University of Oxford
> >
> >
> >
> >
> > _______________________________________________
> > LARTC mailing list
> > LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> >
>
>
>
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Network Routing
2005-12-07 15:47 [LARTC] Network Routing Paul Lewis
2005-12-07 15:58 ` Peter Surda
2005-12-07 17:12 ` Edmundo Carmona
@ 2005-12-07 17:17 ` Edmundo Carmona
2 siblings, 0 replies; 4+ messages in thread
From: Edmundo Carmona @ 2005-12-07 17:17 UTC (permalink / raw)
To: lartc
oh... and of course: echo 1 > /proc/sys/net/ipv4/ip_forward
On 12/7/05, Edmundo Carmona <eantoranz@gmail.com> wrote:
> I wouldn't make it more difficult with separate routing tables. Just
> set the firewall to allow traffic between the interfaces you want,
> drop the rest and that's it. I mean:
>
> iptables -A FORWARD -i eth0 -o eth2 -j ACCEPT
> iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT
> iptables -A FORWARD -i eth1 -o eth3 -j ACCEPT
> iptables -A FORWARD -i eth3 -o eth1 -j ACCEPT
>
> # default policy
> iptables -P FORWARD DROP
>
> That should make it.... only of this router is their default gw or at
> least the router to the other network the hosts want to reach.
>
> On 12/7/05, Paul Lewis <paul.lewis@st-annes.oxford.ac.uk> wrote:
> > Hi,
> >
> > The output from route -n is shown below:
> >
> > 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
> > 192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3
> > 192.168.14.0 0.0.0.0 255.255.254.0 U 0 0 0 eth4
> > 192.168.4.0 0.0.0.0 255.255.252.0 U 0 0 0 eth2
> > 192.168.0.0 0.0.0.0 255.255.252.0 U 0 0 0 eth1
> > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth4
> > 0.0.0.0 192.168.100.254 0.0.0.0 UG 0 0 0 eth0
> >
> > And here is the output from ifconfig (edited down to save space):
> >
> > eth0 Link encap:Ethernet HWaddr 00:14:22:09:FB:1A
> > inet addr:192.168.100.253 Bcast:192.168.100.255
> > Mask:255.255.255.0
> > inet6 addr: fe80::214:22ff:fe09:fb1a/64 Scope:Link
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> >
> > eth1 Link encap:Ethernet HWaddr 00:04:23:BB:89:9C
> > inet addr:192.168.3.253 Bcast:192.168.3.255 Mask:255.255.252.0
> > inet6 addr: fe80::204:23ff:febb:899c/64 Scope:Link
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> >
> > eth2 Link encap:Ethernet HWaddr 00:04:23:BB:89:9D
> > inet addr:192.168.7.253 Bcast:192.168.7.255 Mask:255.255.252.0
> > inet6 addr: fe80::204:23ff:febb:899d/64 Scope:Link
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> >
> > eth3 Link encap:Ethernet HWaddr 00:14:22:09:FB:1B
> > inet addr:192.168.20.253 Bcast:192.168.20.255 Mask:255.255.255.0
> > inet6 addr: fe80::214:22ff:fe09:fb1b/64 Scope:Link
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> >
> > lo Link encap:Local Loopback
> > inet addr:127.0.0.1 Mask:255.0.0.0
> > inet6 addr: ::1/128 Scope:Host
> > UP LOOPBACK RUNNING MTU:16436 Metric:1
> >
> > Cheers,
> >
> > Paul
> >
> > ---
> > Paul Lewis (paul.lewis@st-annes.ox.ac.uk)
> > Part II Student
> > Materials Science
> > University of Oxford
> >
> >
> >
> > -----Original Message-----
> > From: Edmundo Carmona [mailto:eantoranz@gmail.com]
> > Sent: 07 December 2005 16:00
> > To: Paul Lewis
> > Subject: Re: [LARTC] Network Routing
> >
> > to start with: what is the output of route -n or ip route show default
> >
> > On 12/7/05, Paul Lewis <paul.lewis@st-annes.oxford.ac.uk> wrote:
> > > Hi,
> > >
> > > I have a linux router with 4 ethernet cards; eth0 through eth3. Basically,
> > > all I want to do is route all traffic from eth2 to eth0, and all traffic
> > > from eth1 to eth3.
> > >
> > > I've looked through the LARTC how-to, specifically at chapter 4, about
> > > multiple providers. However, I am still a bit confused, and not sure how
> > to
> > > set up my routing tables, as my scenario differs from the one in the
> > > example.
> > >
> > > Any help would be appreciated.
> > >
> > > Many thanks,
> > >
> > > Paul
> > >
> > > ---
> > > Paul Lewis (paul.lewis@st-annes.ox.ac.uk)
> > > Part II Student
> > > Materials Science
> > > University of Oxford
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > LARTC mailing list
> > > LARTC@mailman.ds9a.nl
> > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > >
> >
> >
> >
>
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2005-12-07 17:17 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-12-07 15:47 [LARTC] Network Routing Paul Lewis
2005-12-07 15:58 ` Peter Surda
2005-12-07 17:12 ` Edmundo Carmona
2005-12-07 17:17 ` Edmundo Carmona
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.