I think you want to take a look at a bridging router. I would be
tempted to set up a bridge between eth0 and eth1 on the Linux router and
then use ebtables to decide if the traffic should be bridged through or
sent up to the higher layers of the protocol stacks. I have a feeling
that you would have to move all IP addresses from eth0 to br0 (the new
bridge interface). I think you would have a command like this to decide
if an IP needed to be routed or bridged.
ebtables -t broute -A BROUTING -d 5.6.7.201-j ACCEPT
ebtables -t broute -A BROUTING -s 5.6.7.201 -j ACCEPT
ebtables -t broute -A BROUTING -j DROP
An excerpt from the EBTables man page:
*broute*, is used to make a brouter, it has one built-in chain:
*BROUTING*. The targets *DROP* and *ACCEPT* have special meaning in the
broute table. *DROP* actually means the frame has to be routed, while
*ACCEPT* means the frame has to be bridged. The *BROUTING* chain is
traversed very early. It is only traversed by frames entering on a
bridge enslaved NIC that is in forwarding state. Normally those frames
would be bridged, but you can decide otherwise here. The *redirect*
target is very handy here.
Give this a whirl and see if it will do any thing for you. If you need
more specifics just ask.
Grant. . . .
panca sorin wrote:
Hello! I have the following setup:
1) a connection to my ISP with a public IP (1.2.3.4)
with the gateway 1.2.3.1
2) an allocated IP class with 64 addresses
(5.6.7.192/26)
3) two LANs connected through two NICs:
a) 192.168.0.0/24 on eth1 (192.168.0.1)
b) 10.0.0.0/24 on eth2 (10.0.0.1)
The IPs from the allocated class are all assigned to
eth0.
The networks are SNATed to the external IP and to all
IPs in the allocated class in a round-robin fashion.
(-j SNAT --to 1.2.3.4 lowest_IP_in_class
highest_IP_in_class)
My question is:
Is it possible to assign one IP from my allocated
class to an internal machine without changing eth1 or
eth2 IPs *OR* without adding a subclass of my
allocated class to eth1 or eth2 in order to give an ip
to an internal networked machine?
What command should i give if that setup is possible?
Desired Network Diagram:
----------
/---|Internet|
| ----------
|eth0 192.168.0.1 10.0.0.1
| ---------- eth1 eth2
\--| Linux |--------------v--------------------v
| Router | | |
---------- | |
| |
------------- | ---------- |
|192.168.0.2|--------< |10.0.0.2|----<
------------- | ---------- |
. | . |
. | . |
. | . |
--------------- | ------------ |
|192.168.0.254|-------< |10.0.0.254|--<
--------------- | ------------
|
|
----------- |
|5.6.7.201|-----------<
-----------
I would de-assign some of the addresses from eth0 to
re-assign them to locally connected computers...
Thank you in advance for your help!
____________________________________________________
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
