All of lore.kernel.org
 help / color / mirror / Atom feed
From: Tom Diehl <tdiehl@rogueind.com>
To: lartc@vger.kernel.org
Subject: [LARTC] Re: Routing/NAT question
Date: Mon, 16 Sep 2002 16:35:19 +0000	[thread overview]
Message-ID: <marc-lartc-103219420631379@msgid-missing> (raw)
In-Reply-To: <marc-lartc-103193632028299@msgid-missing>

On Fri, 13 Sep 2002, Martin A. Brown wrote:

Hi Martin,

First I want to apologize for my inability to explain this correctly. I feel 
pretty stupid right now. I will try again.

>  : > (or use the traditional redhat ifcfg-eth1:0 technique)
>  : > 
>  : > and tell the internal machines that the default gateway is 10.140.227.245.
>  : 
>  : OK, but as I said in the diagram below my connection to the internet is
>  : on wan0 via iptables and NAT. Will not 2 default routes confuse things?
> 
> default gateway on the linux box
> - - - - - - - - - - - - - - - - - -
> I think you missed my drift--your linux box will have one default route to 
> the T1 (wan0) peer endpoint or ISP access router.  (Yes, Greg Scott is 
> right when he mentions that linux supports multiple routing tables, but 
> you do not need them for this scenario.)
> 
> default gateway on internal machines
> - - - - - - - - - - - - - - - - - -
> Each of your internal machines which is locally connected to the same
> ethernet/IP network as the linux box will use the linux box as its default
> gateway.  Machines in the 10.140.227.224/27 network will use
> 10.140.227.245 as a default gateway.  Machines in 192.168.101.0/24 will
> use 192.168.101.5 as a default gateway.

OK, I understand this but I want the 192.168.101.0/24 machines to be able to 
talk to the 10.140.227.224/27 network also but only for the subnets listed 
below. All other traffic goes out the default route to the internet (wan0).
I am trying to eliminate the 2nd pc on some desks and to do that 
the machines on the 192.168.* net must be able to talk to the 10.* net.

> 
>  : In addition I only want traffic for 8 the following specific subnets
>  : routed down the 10.140.x.x pipe. They are 10.140.0.0/16, 10.141.0.0/16,
>  : 10.142.0.0/16, 151.193.141.0/24, 162.92.160.0/24. All other traffic
>  : should go out to the internet via wan0.
>  : Does this make sense?
> 
> Sure....seems clear to me.  You have a couple of internal networks 
> behind a router on the locally connected 10.140.227.245/27 network.  
> So, assuming that 10.140.227.254 is the gateway to your remote 
> networks*:
> 
> # route add -net 10.140.0.0 netmask 255.255.0.0 gw  10.140.227.254
> # route add -net 10.141.0.0 netmask 255.255.0.0 gw  10.140.227.254
> # route add -net 10.142.0.0 netmask 255.255.0.0 gw  10.140.227.254
> # route add -net 151.193.141.0 netmask 255.255.255.0 gw  10.140.227.254
> # route add -net 162.92.160.0 netmask 255.255.255.0 gw  10.140.227.254
> 
> And repeat as necessary up to your eight subnets.
> 
> Really though, there's nothing LARTC about this setup--sure you are using
> Sangoma's (wonderful) T1 card, but you don't need any of the fancy routing
> tricks and tips usually discussed in this forum.

I really love the wanpipe cards. We bought and deployed almost a dozen of them.
As far as the fancy tricks discussed here I think I really do need them but
I am just not good at explaining what I am trying to do. Sorry. :-(

> 
> * If I recall correctly, you are using RedHat...you can append the
>   following lines to your /etc/sysconfig/static-routes file to have these
>   routes added at network restart (boot):
> 
>     eth0 net 10.141.0.0 netmask 255.255.0.0 gw  10.140.227.254
>     eth0 net 10.142.0.0 netmask 255.255.0.0 gw  10.140.227.254
>     eth0 net 151.193.141.0 netmask 255.255.255.0 gw  10.140.227.254   
>     eth0 net 162.92.160.0 netmask 255.255.255.0 gw  10.140.227.254
> 
>   Of course, you should use the correct ethernet interface.....

Understood.

Thanks for the help everyone. I am not ready to give up yet. Your patience
is appreciated.

-- 
.............Tom	"Nothing would please me more than being able to 
tdiehl@rogueind.com	hire ten programmers and deluge the hobby market 
			with good software." -- Bill Gates 1976

   			We are still waiting ....

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

  parent reply	other threads:[~2002-09-16 16:35 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-09-13 16:57 [LARTC] Re: Routing/NAT question Tom Diehl
2002-09-13 18:33 ` Greg Scott
2002-09-13 20:14 ` Jose Luis Domingo Lopez
2002-09-13 22:04 ` Martin A. Brown
2002-09-14  4:21 ` Greg Scott
2002-09-16 16:35 ` Tom Diehl [this message]
2002-09-16 23:48 ` Greg Scott

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=marc-lartc-103219420631379@msgid-missing \
    --to=tdiehl@rogueind.com \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.