Tom,
: FYI $CIDR_MASK=27
Right--got it.
: > (or use the traditional redhat ifcfg-eth1:0 technique)
: >
: > and tell the internal machines that the default gateway is 10.140.227.245.
:
: Ok, but as I said in the diagram below my connection to the internet is
: on wan0 via iptables and NAT. Will not 2 default routes confuse things?
default gateway on the linux box
- - - - - - - - - - - - - - - - - -
I think you missed my drift--your linux box will have one default route to
the T1 (wan0) peer endpoint or ISP access router. (Yes, Greg Scott is
right when he mentions that linux supports multiple routing tables, but
you do not need them for this scenario.)
default gateway on internal machines
- - - - - - - - - - - - - - - - - -
Each of your internal machines which is locally connected to the same
ethernet/IP network as the linux box will use the linux box as its default
gateway. Machines in the 10.140.227.224/27 network will use
10.140.227.245 as a default gateway. Machines in 192.168.101.0/24 will
use 192.168.101.5 as a default gateway.
: In addition I only want traffic for 8 the following specific subnets
: routed down the 10.140.x.x pipe. They are 10.140.0.0/16, 10.141.0.0/16,
: 10.142.0.0/16, 151.193.141.0/24, 162.92.160.0/24. All other traffic
: should go out to the internet via wan0.
: Does this make sense?
Sure....seems clear to me. You have a couple of internal networks
behind a router on the locally connected 10.140.227.245/27 network.
So, assuming that 10.140.227.254 is the gateway to your remote
networks*:
# route add -net 10.140.0.0 netmask 255.255.0.0 gw 10.140.227.254
# route add -net 10.141.0.0 netmask 255.255.0.0 gw 10.140.227.254
# route add -net 10.142.0.0 netmask 255.255.0.0 gw 10.140.227.254
# route add -net 151.193.141.0 netmask 255.255.255.0 gw 10.140.227.254
# route add -net 162.92.160.0 netmask 255.255.255.0 gw 10.140.227.254
And repeat as necessary up to your eight subnets.
Really though, there's nothing LARTC about this setup--sure you are using
Sangoma's (wonderful) T1 card, but you don't need any of the fancy routing
tricks and tips usually discussed in this forum.
-Martin
* If I recall correctly, you are using RedHat...you can append the
following lines to your /etc/sysconfig/static-routes file to have these
routes added at network restart (boot):
eth0 net 10.141.0.0 netmask 255.255.0.0 gw 10.140.227.254
eth0 net 10.142.0.0 netmask 255.255.0.0 gw 10.140.227.254
eth0 net 151.193.141.0 netmask 255.255.255.0 gw 10.140.227.254
eth0 net 162.92.160.0 netmask 255.255.255.0 gw 10.140.227.254
Of course, you should use the correct ethernet interface.....
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
