Linux routing newbie Help!!

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I need some help with a routing/shaping setup that is a bit beyond my
current linux routing knowledge. I've read the how-to and most of the
related mailing list topics, but I still need some help to solve this
problem. I've been asking questions on various lists, but it seems like the
answers just add additional confusion. I decided to just describe what I'm
trying to do with the hope that someone could point me in the right
direction. I've read a fair bit about the 2.4 kernel and it seems that linux
is capable of doing these things. I just need some help to get started. I
think if I could get the actual problem translated into a working config, it
would go a long way to helping me understand linux routing etc.

Here is the needed config:

Private net #1: 10.10.1.0 (Higher bandwidth priority)

Private net #2: 10.10.2.0

Private net #3: 10.10.3.0

Private net #4: 10.10.4.0

Private net #5: 10.10.5.0

Public net: 67.65.229.0

Goal:

1. Route the five private networks to the T1.
2. Run dhcpd and hand out dynamic ip addresses to private nets #2-#5
3. Do bandwidth sharing giving net #1 a higher priority
4. Do the usual firewall stuff (ICMP limiting, DOS attacks, etc.)
5. Do traffic shaping for interactive traffic, www, etc.
6. Do NAT for the private nets with the ability to add a specific public to
private ip mappings for net #1.
7. Set up public address pools for NAT on net #2-#5?


 We initially looked at a Cisco solution for this, but the price was simply
to high. I have installed a RedHat 9 on a pc with a sufficient number of
nics to do the job.

I'm just trying to get the routing and NAT to work right now, but I'm not
having much luck. Could anyone offer any advice on the best way to set this
up?

ip route
67.65.229.0/24 dev eth0  proto kernel  scope link  src 67.65.229.253
10.10.1.0/24 dev eth1  proto kernel  scope link  src 10.10.1.254
10.10.2.0/24 dev eth2  proto kernel  scope link  src 10.10.2.254
10.10.3.0/24 dev eth3  proto kernel  scope link  src 10.10.3.254
10.10.4.0/24 dev eth4  proto kernel  scope link  src 10.10.4.254
10.10.5.0/24 dev eth5  proto kernel  scope link  src 10.10.5.254
default via 67.65.229.254 dev eth0

I can ping addresses on all of the networks from the linux router machine,
but I can't ping from one private network to another or the internet.



Thanks in advance,
Gerry
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.576 / Virus Database: 365 - Release Date: 1/30/2004

_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux