TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TCLUG:10339] Possible solution



On Sun, 21 Nov 1999, Brian Ackermann wrote:

> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> 205.218.57.25   *               255.255.255.255 UH    0      0        0 eth1
> 192.168.6.48    *               255.255.255.255 UH    0      0        0 eth0
> %%%%%%
> 205.218.57.16   205.218.57.25   255.255.255.240 UG    0      0        0 eth1
> %%%%%%
> 205.218.57.16   *               255.255.255.240 U     0      0        0 eth1
> 192.168.6.0     192.168.6.48    255.255.255.0   UG    0      0        0 eth0
> 192.168.6.0     *               255.255.255.0   U     0      0        0 eth0
> 127.0.0.0       *               255.0.0.0       U     0      0        0 lo
> default         gw.bbros.com    0.0.0.0         UG    0      0        0 eth1
> 
> 
> The line in question is this one....
> %%%%%%
> 205.218.57.16   205.218.57.25   255.255.255.240 UG    0      0        0 eth1
> %%%%%%
> 
> Now, what I WANT to happen is to have all of these addresses behind the
> firewall, which would be behind eth0.  So, if I got this line changed to use the
> eth0 interface, would that do what I want it to, or am I misreading it?

I don't know if this has already been answered, or what. Here is my
attempt at an answer.

Frankly, this seems a bit of a mess. I think you should start clean --
clear out any init scripts that set networking parameters, and then go
through them one by one, and fix them by hand. I think that long tweaking
has perhaps muddled things (e.g., the duplicate destinations).

Be sure that for each interface, gateway, netmask and perhaps broadcast
are specified explicitly -- don't let the system fill in its defaults, we
don't trust it. This is what you want:

1. Traffic to the internal network (192.168.6.0) has the internal network
   interface (eth0, 192.168.6.48) as its gw.
2. Traffic to the Internet (0.0.0.0) has gw.bbros.com as its gateway.
3. /etc/hosts and/or DNS are properly configured so that using a name
   (gw.bbros.com) in your routing table will work. Alternatively, you can
   use gw.bbros.com's IP address in your table.
4. IPv4 Forwarding is enabled in your kernel, so that traffic from the
   internal network (whose nodes have your eth0/192.168.6.48 listed as
   their gateway) destined for the Internet will find its way out.

Read the ifconfig(8) and route(8) man pages closely, to get an idea of how
ifconfig(8) shapes the routing table, and to learn how you can poke the
routing table by hand if required.

I hope this helps. If anyone can find any flaws in my reasoning or factual
errors in my explanation, please correct them.

--
  Christopher Reid Palmer : http://www.innerfireworks.com/