>> I have two public networks here, 62.220.237.x and 62.236.221.x. I want >> to build a xen system, where some guests connect to one network, some >> guest to the other one, and some to both. To reduce cabling, I would >> like to do this with only two nics. On 10.5.2010 15.48, Les Mikesell wrote: > How do you handle the default route on the 'connect to both' guests? Normally > you only want one default gateway and it should be the same one where the > connections are coming in. Otherwise you have to do some very tricky things to > make return packets go back the same path they came in, although asymmetrical > routes are supposed to work if you don't have NAT or stateful firewalls in the way. On that dual-network xen-guest, I don't handle the routing in any special way. Now only one nw connection works (because of these routing problems), but if they would both work, packets still might leave from only one interface (default route). I don't see why this would be a problem, though, even if it may not be very elegant. Here is "ip route show" from that host: 62.236.221.64/28 dev eth0 proto kernel scope link src 62.236.221.71 62.220.237.96/27 dev eth1 proto kernel scope link src 62.220.237.111 169.254.0.0/16 dev eth1 scope link default via 62.220.237.126 dev eth1 - Jussi -- Jussi Hirvi * Green Spot Topeliuksenkatu 15 C * 00250 Helsinki * Finland Tel. +358 9 493 981 * Mobile +358 40 771 2098 (only sms) jussi.hirvi@xxxxxxxxxxxx * http://www.greenspot.fi _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: Not firewall, but what?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: Not firewall, but what?
- From: Jussi Hirvi <listmember@xxxxxxxxxxxx>
- Date: Mon, 10 May 2010 16:03:28 +0300
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <4BE800B4.1040900@xxxxxxxxx>
- References: <4BE30AFA.8010808@xxxxxxxxxxxx> <20100506183544.GZ7070@xxxxxxxxxxxxxxxxx> <4BE30DAB.7030400@xxxxxxxxxxx> <4BE311D8.4070501@xxxxxxxxxxx> <4BE39955.6030709@xxxxxxxxxxxx> <4BE4183A.8030901@xxxxxxxxxxx> <4BE42317.7060101@xxxxxxxxxxxx> <4BE4BF0A.8000004@xxxxxxxxxxxxxx> <4BE51503.4010209@xxxxxxxxxxxx> <4BE52727.6070207@xxxxxxxxxxxxxx> <4BE5526C.1060906@xxxxxxxxxxxx> <1273325306.9249.9.camel@ethies> <4BE6967F.5070105@xxxxxxxxxxxxxx> <4BE7B6EC.4040102@xxxxxxxxxxxx> <4BE800B4.1040900@xxxxxxxxx>
- User-agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4
- Follow-Ups:
- Re: Not firewall, but what?
- From: Kahlil Hodgson
- Re: Not firewall, but what?
- From: John R Pierce
- Re: Not firewall, but what?
- References:
- Not firewall, but what?
- From: Jussi Hirvi
- Re: Not firewall, but what?
- From: Gavin Carr
- Re: Not firewall, but what?
- From: Ryan Manikowski
- Re: Not firewall, but what?
- From: Benjamin Franz
- Re: Not firewall, but what?
- From: Jussi Hirvi
- Re: Not firewall, but what?
- From: Benjamin Franz
- Re: Not firewall, but what?
- From: Jussi Hirvi
- Re: Not firewall, but what?
- From: Kahlil Hodgson
- Re: Not firewall, but what?
- From: Jussi Hirvi
- Re: Not firewall, but what?
- From: Kahlil Hodgson
- Re: Not firewall, but what?
- From: Jussi Hirvi
- Re: Not firewall, but what?
- From: JohnS
- Re: Not firewall, but what?
- From: Kahlil Hodgson
- Re: Not firewall, but what?
- From: Jussi Hirvi
- Re: Not firewall, but what?
- From: Les Mikesell
- Not firewall, but what?
- Prev by Date: Re: measuring kernel speed
- Next by Date: Re: ibmasm service
- Previous by thread: Re: Not firewall, but what?
- Next by thread: Re: Not firewall, but what?
- Index(es):
 |