Hi Jake, > I have a class two NIC firewall. eth0 is my external interface > connected to my cablemodem, eth1 is my internal interface connected > to my hub. I am using iptables-based firewall rules and using NAT > so I can access the internet from all my desktops. Everything is > working correctly. > > The problem is that it only works if I manually set up a default gateway > route through the external interface. After I boot the system, I > type the following command: > > route add default gw x.x.x.x > > where x.x.x.x is the address assigned to my external interface. If I > don't do this, I cannot access anything on the internet from any my > internal machines. Once I execute this command it all works as > expected. I am certain, however, that as a RH 7.2 system, which is > what I was before I started incrementally upgrading to FC1 where I > am now, I did not need to do this for it to work. > > How can I get this routing between two NICs to work correctly without > manually executing a 'route' command? Please don't tell me to add this > command to rc.local. My external IP address is dynamic so it can change > between reboots. I need some mechanism that works dynamically. I'm > sure that it used to work this way! I was actually surprised to find that out of so many replies to you, people seemed to have missed the answer to your problem. In your /etc/sysconfig/network-scripts/ifcfg-ppp0 file, this is the file that's used to configure your link/routing when you dialup. There's a variable here you need to set: DEFROUTE=yes which will grab the default route information from your ISP and configure your routing for you. For this to work, you should _not_ set a GATEWAY variable in your /etc/sysconfig/network file. The GATEWAY flag adds a static default route to your routing table on system boot, which is not what you want in your situation. Within the /etc/sysconfig/network file remove the GATEWAY flag (if it's in there) and add: GATEWAYDEV="ppp0" which will tell the rc network script to use the default route supplied by the ifcfg-ppp0 script which picks that up from your ISP. Other interesting variables you can use in ifcfg-ppp0 are: ONBOOT PEERDNS CLAMPMSS FIREWALL there's docs in the system somewhere (I forgot where I read all this when first doing it) which explains what each variable does, you should review it to allow you to better understand how the process works. Regards, Michael. -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
