On Fri, 13 Sep 2002, Martin A. Brown wrote: Hi Martin, First I want to apologize for my inability to explain this correctly. I feel pretty stupid right now. I will try again. > : > (or use the traditional redhat ifcfg-eth1:0 technique) > : > > : > and tell the internal machines that the default gateway is 10.140.227.245. > : > : OK, but as I said in the diagram below my connection to the internet is > : on wan0 via iptables and NAT. Will not 2 default routes confuse things? > > default gateway on the linux box > - - - - - - - - - - - - - - - - - - > I think you missed my drift--your linux box will have one default route to > the T1 (wan0) peer endpoint or ISP access router. (Yes, Greg Scott is > right when he mentions that linux supports multiple routing tables, but > you do not need them for this scenario.) > > default gateway on internal machines > - - - - - - - - - - - - - - - - - - > Each of your internal machines which is locally connected to the same > ethernet/IP network as the linux box will use the linux box as its default > gateway. Machines in the 10.140.227.224/27 network will use > 10.140.227.245 as a default gateway. Machines in 192.168.101.0/24 will > use 192.168.101.5 as a default gateway. OK, I understand this but I want the 192.168.101.0/24 machines to be able to talk to the 10.140.227.224/27 network also but only for the subnets listed below. All other traffic goes out the default route to the internet (wan0). I am trying to eliminate the 2nd pc on some desks and to do that the machines on the 192.168.* net must be able to talk to the 10.* net. > > : In addition I only want traffic for 8 the following specific subnets > : routed down the 10.140.x.x pipe. They are 10.140.0.0/16, 10.141.0.0/16, > : 10.142.0.0/16, 151.193.141.0/24, 162.92.160.0/24. All other traffic > : should go out to the internet via wan0. > : Does this make sense? > > Sure....seems clear to me. You have a couple of internal networks > behind a router on the locally connected 10.140.227.245/27 network. > So, assuming that 10.140.227.254 is the gateway to your remote > networks*: > > # route add -net 10.140.0.0 netmask 255.255.0.0 gw 10.140.227.254 > # route add -net 10.141.0.0 netmask 255.255.0.0 gw 10.140.227.254 > # route add -net 10.142.0.0 netmask 255.255.0.0 gw 10.140.227.254 > # route add -net 151.193.141.0 netmask 255.255.255.0 gw 10.140.227.254 > # route add -net 162.92.160.0 netmask 255.255.255.0 gw 10.140.227.254 > > And repeat as necessary up to your eight subnets. > > Really though, there's nothing LARTC about this setup--sure you are using > Sangoma's (wonderful) T1 card, but you don't need any of the fancy routing > tricks and tips usually discussed in this forum. I really love the wanpipe cards. We bought and deployed almost a dozen of them. As far as the fancy tricks discussed here I think I really do need them but I am just not good at explaining what I am trying to do. Sorry. :-( > > * If I recall correctly, you are using RedHat...you can append the > following lines to your /etc/sysconfig/static-routes file to have these > routes added at network restart (boot): > > eth0 net 10.141.0.0 netmask 255.255.0.0 gw 10.140.227.254 > eth0 net 10.142.0.0 netmask 255.255.0.0 gw 10.140.227.254 > eth0 net 151.193.141.0 netmask 255.255.255.0 gw 10.140.227.254 > eth0 net 162.92.160.0 netmask 255.255.255.0 gw 10.140.227.254 > > Of course, you should use the correct ethernet interface..... Understood. Thanks for the help everyone. I am not ready to give up yet. Your patience is appreciated. -- .............Tom "Nothing would please me more than being able to tdiehl@rogueind.com hire ten programmers and deluge the hobby market with good software." -- Bill Gates 1976 We are still waiting .... _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
