If you have a working proxyARP setup, will you please post it? I've tried to insert a Linux box between the DSL connection and the switch, but I'm getting nowhere. Everything works correctly when all the servers in this network use the switch to get to the DSL. Any box directly connected to the DSL also works correctly. http://www.sjdjweis.com/linux/proxyarp/ makes it sound easy, but none of the machines except the new one can get out when I set this up. From any computer except the intended proxyARP box, 'traceroute -n ANYTHING' stops after the first hop (.96) succeeds; 'ping .97' fails. I don't know (or care yet) if anything gets in. (I really have a /29 network, but for consistency I'm showing a /28): gypsy> ifconfig eth0 x.x.x.96 broadcast x.x.x.111 netmask 255.255.255.240 gypsy> ifconfig eth1 x.x.x.96 broadcast x.x.x.111 netmask 255.255.255.240 gypsy> route add default gw x.x.x.97 metric 1 Weis> # interface definitions Weis> BAD_IFACE=eth0 Weis> Weis> DMZ_IFACE=eth1 Weis> DMZ_ADDR=x.x.x.96/28 Weis> Weis> ip route del x.x.x.96/28 dev $BAD_IFACE Weis> ip route del x.x.x.96/28 dev $DMZ_IFACE Weis> ip route add x.x.x.97 dev $BAD_IFACE Weis> ip route add x.x.x.96/28 dev $DMZ_IFACE Weis> Weis> # we need proxy arp for the dmz network Weis> echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp Weis> echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp Weis> Weis> # turn on ip forwarding Weis> echo 1 > /proc/sys/net/ipv4/ip_forward The kernel is 2.4.26, iproute2 is 2-2.6.8 -- Call me stumped, gypsy _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
