* [LARTC] routing 2 internal & 2 external nic's
@ 2002-11-21 9:00 virdzek, roman
2002-11-21 16:10 ` Martin A. Brown
0 siblings, 1 reply; 2+ messages in thread
From: virdzek, roman @ 2002-11-21 9:00 UTC (permalink / raw)
To: lartc
hi all,
i have one problem with routing.
what i will do is this: ISP router
|
ISP switch
| | | ( we have 3 ports)
| | |
Our switch
| |
| |
eth0 eth1
firewall-1 | |
(4 nics) eth2 eth3
| |
| |
DMZ switch ( one network )
|
|
DMZ linux router(SNAT all
outgoing connection from LAN to one IP,
|
in the same network as DMZ ,default route to eth3 )
|
LAN
i will that all outgoing traffic from DMZ get over eth2 - eth0 NIC's to
ISP and over eth2 back to DMZ.
And all outgoing traffic from LAN get over eth3 - eth1 NIC's to ISP switch.
But allways i send packet from eth3 get away over eth0 (default route) ...
which ip rule i must set to do this routing?
thanks in advace
roman
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: [LARTC] routing 2 internal & 2 external nic's 2002-11-21 9:00 [LARTC] routing 2 internal & 2 external nic's virdzek, roman @ 2002-11-21 16:10 ` Martin A. Brown 0 siblings, 0 replies; 2+ messages in thread From: Martin A. Brown @ 2002-11-21 16:10 UTC (permalink / raw) To: lartc Roman, : i will that all outgoing traffic from DMZ get over eth2 - eth0 NIC's to : ISP and over eth2 back to DMZ. : And all outgoing traffic from LAN get over eth3 - eth1 NIC's to ISP switch. This should give you some idea of how to solve this problem, although this is not a complete solution: http://mailman.ds9a.nl/pipermail/lartc/2002q3/005003.html You'll probably want to use "ip rule add iif eth0 table ISPA" or something similar. You should read up and understand the how and why of multiple routing tables: http://plorf.net/linux-ip/html/routing-tables.htm Additionally, you'll need to read up on "ip rule": http://plorf.net/linux-ip/html/tools-ip-rule.htm Good luck, -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-11-21 16:10 UTC | newest] Thread overview: 2+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2002-11-21 9:00 [LARTC] routing 2 internal & 2 external nic's virdzek, roman 2002-11-21 16:10 ` Martin A. Brown
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.