聲gel, I agree with Stef's remark--it looks like your default route should be 213.250.143.241, but we don't know exactly why you chose to set up a default route to 172.16.16.254 (your internal router). Please tell us what networks are behind 172.16.16.254. I suspect that you may have a handful of networks behind 172.16.16.254, all of which can be entered as static routes on your Debian box. Then you can set the default route on this machine to 213.250.143.241. Let's assume that you have the network 172.16.0.0/16 reachable behind your router 172.16.16.254. You should be able to do this: # ip route add 172.16.0.0/16 via 172.16.16.254 # ip route change default via 213.250.143.241 In that case, you will no longer need "ip rule" at all. -Martin : My little route only manage the range 172.16.16.0/24 and my public route : only manages the range 213.250.143.240/28. I cannot add new rules because : these routers are administer by other company and this company cannot : colaborate me. : : Please can you help me, please? : : : 聲gel : : -----Mensaje original----- : De: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]En : nombre de Stef Coene : Enviado el: jueves, 24 de octubre de 2002 21:58 : Para: 聲gel Carrasco; lartc@mailman.ds9a.nl : Asunto: Re: NETWORK ROUTES : : : On Thursday 24 October 2002 14:29, 聲gel Carrasco wrote: : > Ok: : > : > My office network is: 172.16.16.0/24 and his IP is: 172.16.16.1. : > My web network is: 172.16.8.0/24 and his IP is: 172.16.8.1 : > My service network is: 172.16.4.0/24 and his IP is: 172.16.4.1 : > My public network is:213.250.143.240/28 and his IP is: 213.250.143.242. : > : > The public router is 213.250.143.241 (and only works with the range : > 213.250.143.240/28) : > The office router is 172.16.16.254 (and only works with the range : > 172.16.16.0/24) : > : > The static default route is 172.16.16.254 : > : > This is my route -n : > Kernel IP routing table : > Destination Gateway Genmask Flags Metric Ref Use : > Iface : > 213.250.143.240 0.0.0.0 255.255.255.240 U 0 0 0 : > eth0 172.16.4.0 0.0.0.0 255.255.255.0 U 0 0 : > 0 eth1 172.16.16.0 0.0.0.0 255.255.255.0 U 0 0 : > 0 eth3 172.16.8.0 0.0.0.0 255.255.255.0 U 0 0 : > 0 eth2 0.0.0.0 172.16.16.254 0.0.0.0 UG 0 0 : > 0 eth3 : > : > And my dinamic route to using the public network is: : > ip rule add from 213.250.143.242 table publica : > ip route add from default via 213.250.143.241 dev eth0 table publica : > ip route flush cache : > : > : > And the problem is when I try to use 213.250.143.242 in my internals : > networks doesnt run because the information goes by 213.250.143.241 and : not : > in the normal routes. : I suppose you pinged from on of your internal hosts to 213.250.143.242 ?? : 213.250.143.242 is local, so no routing rule will route the packets to : somewhere else. : : > : > Can you help me, please? : I'm not a rouing specialist, but shouldn't your default gateway be : 213.250.143.24 ?? : And I suppose you already enabled ip-forwarding? : Stef : : -- : : stef.coene@docum.org : "Using Linux as bandwidth manager" : http://www.docum.org/ : #lartc @ irc.oftc.net : : _______________________________________________ : LARTC mailing list / LARTC@mailman.ds9a.nl : http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ : : _______________________________________________ : LARTC mailing list / LARTC@mailman.ds9a.nl : http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ : -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/