[LARTC] Public Router using Private Links

[LARTC] Public Router using Private Links

[Walter D. Wyndroski]

[-- Attachment #1: Type: text/plain, Size: 958 bytes --]

I am running a public core router using private links from my provider.

Details:
RH7.3
9 interfaces (all Intel)
eth0 is default gateway and has a private IP address
all other interfaces are links to other routers or networks
eth3 has a public IP address

The core router will rarely need to access sites out on the internet, but when it does it cannot get there because the eth0 has a private IP address. Is there a way to force the router to use the ip address from eth3 to access sites on the internet? If so, how would I route traffic originating from eth3 to the internet? I have tried a few policy statements coupled with some separate rules and tables to no avail. All I am getting is Destination host unreachable when I issue the command "ping -v -I eth3 www.yahoo.com".

Please advise. Thank you in advance.

Walt
-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



[-- Attachment #2: Type: text/html, Size: 1932 bytes --]

Re: [LARTC] Public Router using Private Links

[Martin A. Brown]

Walt,

Try this....the "src" keyword is a hint to the kernel about what address
to select on a given route.  This will only work if the kernel is asked to
select the source IP based on a route.

# ip route change default via $CURRENTGATEWAY src $IP_ON_ETH3

This might work before the change:

# ping -n -v -I $IP_ON_ETH3 www.yahoo.com

See also:

  http://linux-ip.net/html/routing-saddr-selection.html
  http://linux-ip.net/gl/ip-cref/node155.html

Good luck,

-Martin

 : I am running a public core router using private links from my provider.
 :
 : Details:
 : RH7.3
 : 9 interfaces (all Intel)
 : eth0 is default gateway and has a private IP address
 : all other interfaces are links to other routers or networks
 : eth3 has a public IP address
 :
 : The core router will rarely need to access sites out on the internet,
 : but when it does it cannot get there because the eth0 has a private IP
 : address. Is there a way to force the router to use the ip address from
 : eth3 to access sites on the internet? If so, how would I route traffic
 : originating from eth3 to the internet? I have tried a few policy
 : statements coupled with some separate rules and tables to no avail. All
 : I am getting is Destination host unreachable when I issue the command
 : "ping -v -I eth3 www.yahoo.com".
 :
 : Please advise. Thank you in advance.
 :
 : Walt
 :

-- 
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Public Router using Private Links

[Walter D. Wyndroski]

Thank you sooo much!!! That worked perfectly. Also thanks for the links to
the nice documentation. I've been looking for similar documentation for a
couple of weeks now.

Walt

----- Original Message -----
From: "Martin A. Brown" <mabrown-lartc@securepipe.com>
To: "Walter D. Wyndroski" <wdwrn@friendlycity.net>
Cc: <lartc@mailman.ds9a.nl>
Sent: Tuesday, March 25, 2003 11:50 AM
Subject: Re: [LARTC] Public Router using Private Links


> Walt,
>
> Try this....the "src" keyword is a hint to the kernel about what address
> to select on a given route.  This will only work if the kernel is asked to
> select the source IP based on a route.
>
> # ip route change default via $CURRENTGATEWAY src $IP_ON_ETH3
>
> This might work before the change:
>
> # ping -n -v -I $IP_ON_ETH3 www.yahoo.com
>
> See also:
>
>   http://linux-ip.net/html/routing-saddr-selection.html
>   http://linux-ip.net/gl/ip-cref/node155.html
>
> Good luck,
>
> -Martin
>
>  : I am running a public core router using private links from my provider.
>  :
>  : Details:
>  : RH7.3
>  : 9 interfaces (all Intel)
>  : eth0 is default gateway and has a private IP address
>  : all other interfaces are links to other routers or networks
>  : eth3 has a public IP address
>  :
>  : The core router will rarely need to access sites out on the internet,
>  : but when it does it cannot get there because the eth0 has a private IP
>  : address. Is there a way to force the router to use the ip address from
>  : eth3 to access sites on the internet? If so, how would I route traffic
>  : originating from eth3 to the internet? I have tried a few policy
>  : statements coupled with some separate rules and tables to no avail. All
>  : I am getting is Destination host unreachable when I issue the command
>  : "ping -v -I eth3 www.yahoo.com".
>  :
>  : Please advise. Thank you in advance.
>  :
>  : Walt
>  :
>
> --
> Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
>



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/