Forgive me if this is something so simple that i
should already know it, but i need to understand
if i can accomplish this with Linux routing.
We have a /26 subnet from our ISP, and we have
been using a Linux box as a firewall to put all
our workstations behind NAT, with port forwarding
for any box that's providing a service to the
whole world.
We now need to implement a system which will not
support any kind of NAT - it requires having an external IP.
Is it possible to use Linux routing to break up
the /26 subnet into two /27 subnets, and to do
NAT on addresses in one of the /27 subnets and to
route addresses on the other /27 subnet straight
through to that internal network?
This is what i've tried, which i haven't gotten to work:
ISP
[x.y.z.193/26]
|
|
[x.y.z.194/27 eth0]
[x.y.z.225/27 eth0:0]
Linux Firewall
[192.168.0.0/24 eth1] (for NAT connections through
the x.y.z.192/27 subnet)
[x.y.z.226/27 eth1:0] (for straight through routing
of IP addresses in the
x.y.z.224/27 subnet)
I've added rules to the routing table to create the
connection, but i cannot get a packet with an address
in the x.y.z.224/27 range to cross over between
eth0 and eth1 in either direction. (Connections using
NAT work fine) And the firewall is not stopping them,
because the packets still don't go through even when
i turn the firewall off.
I'm definitely a newbie to the routing area, so maybe
my routing table is wrong. What would i need in it?
BTW, i'm running Mandrake Linux 8.2 right out of the
box. Do i have to recompile the kernel to get some
of these options?
Thanks! I can't tell you how much i'd appreciate
some light on this problem!
Larry
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
