* [LARTC] routing 2 internal & 2 external nic's
@ 2002-11-21 9:00 virdzek, roman
2002-11-21 16:10 ` Martin A. Brown
0 siblings, 1 reply; 2+ messages in thread
From: virdzek, roman @ 2002-11-21 9:00 UTC (permalink / raw)
To: lartc
hi all,
i have one problem with routing.
what i will do is this: ISP router
|
ISP switch
| | | ( we have 3 ports)
| | |
Our switch
| |
| |
eth0 eth1
firewall-1 | |
(4 nics) eth2 eth3
| |
| |
DMZ switch ( one network )
|
|
DMZ linux router(SNAT all
outgoing connection from LAN to one IP,
|
in the same network as DMZ ,default route to eth3 )
|
LAN
i will that all outgoing traffic from DMZ get over eth2 - eth0 NIC's to
ISP and over eth2 back to DMZ.
And all outgoing traffic from LAN get over eth3 - eth1 NIC's to ISP switch.
But allways i send packet from eth3 get away over eth0 (default route) ...
which ip rule i must set to do this routing?
thanks in advace
roman
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [LARTC] routing 2 internal & 2 external nic's
2002-11-21 9:00 [LARTC] routing 2 internal & 2 external nic's virdzek, roman
@ 2002-11-21 16:10 ` Martin A. Brown
0 siblings, 0 replies; 2+ messages in thread
From: Martin A. Brown @ 2002-11-21 16:10 UTC (permalink / raw)
To: lartc
Roman,
: i will that all outgoing traffic from DMZ get over eth2 - eth0 NIC's to
: ISP and over eth2 back to DMZ.
: And all outgoing traffic from LAN get over eth3 - eth1 NIC's to ISP switch.
This should give you some idea of how to solve this problem, although this
is not a complete solution:
http://mailman.ds9a.nl/pipermail/lartc/2002q3/005003.html
You'll probably want to use "ip rule add iif eth0 table ISPA" or something
similar.
You should read up and understand the how and why of multiple routing
tables:
http://plorf.net/linux-ip/html/routing-tables.htm
Additionally, you'll need to read up on "ip rule":
http://plorf.net/linux-ip/html/tools-ip-rule.htm
Good luck,
-Martin
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-11-21 16:10 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-11-21 9:00 [LARTC] routing 2 internal & 2 external nic's virdzek, roman
2002-11-21 16:10 ` Martin A. Brown
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.