Pawel wrote: > > Hi, I have a little problem to setup iproute in my network > It looks like this: > > ---- ----- ------ > R1 R2 R3 > ---- ----- ------ > | | | > | | | > ------------------------------- > ETH1 ETH2 ETH3 > > ETH0 ETH4 -------------> DMZ > ------------------------------ > | > | > | > -------------- > Internal Router > -------------- > > LAN1 LAN2 LAN3 > > I've add 3 records to rt_tables file T1, T2 and T3, and wrote scritp: > > ## > -------------------------------- > #1ISP > P1_NET1="83.16.76.112" > ETH1="eth1" > IP1="83.16.76.114" > R1="83.16.76.113" > > #2ISP > P2_NET2="80.55.42.32" > ETH2="eth2" > IP2="80.55.42.34" > R2="80.55.42.33" > > #3ISP > P3_NET3=212.160.117.112 > ETH3="eth3" > IP3="212.160.117.114" > R3="212.160.177.113" > > #INTERNAL LAN > P0_NET="192.168.100.0" > ETH0="eth0" > IP0="192.168.100.1 > > #DMZ > P4_NET="10.1.1.0" > ETH4="eth4" > IP4="10.1.1.1" > > ip route add $P1_NET1 dev $ETH1 src $R1 table T1 > ip route add default via $IP1 table T1 > > ip route add $P2_NET2 dev $ETH2 src $R2 table T2 > ip route add default via $IP2 table T2 > > ip route add $P3_NET dev $ETH3 src $R3 table T3 > ip route add default via $R3 table T3 > > ip route add $P1_NET1 dev $ETH1 src $IP1 > ip route add $P2_NET2 dev $ETH2 src $IP2 > ip route add $P3_NET3 dev $ETH3 src $IP3 > > ip rule add from $IP1 table T1 > ip rule add from $IP2 table T2 > ip rule add from $IP3 table T3 > > ip route add default scope global nexthop via $R1 dev $ETH1 weight 1 \ > nexthop via $R2 dev $ETH2 weight 1 \ > nexthop via $R3 dev $ETH3 weight 1 > --------------------------------------------- > > Using this script i have conection from my NAT to the all ISPs, but not to LANs. > I know that this script have a lack of routing to my LANs > but i have no idea, how build that routing using iproute. > In present configuration i use route command > /sbin/route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.100.2 dev eth0 > /sbin/route add -net 192.168.20.0 netmask 255.255.255.0 gw 192.168.100.2 dev eth0 > /sbin/route add -net 192.168.30.0 netmask 255.255.255.0 gw 192.168.100.2 dev eth0 > but this doesnt work with iprote command. > > Thanks for any answer. > > ---------------------------------------------------------------------- > Znajdz swoja milosc na wiosne... >>> http://link.interia.pl/f187a This works for me: ip link set lo up ip addr flush dev lo ip addr add 127.0.0.1/8 brd + dev lo # Can now ping localhost ip link set $IFI up ip addr flush dev $IFI ip addr add dev $IFI local $IPI/32 brd $BRDI # Can now ping any host on the internal interface. -- gypsy _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
