Re: Routing from private to bridge

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

If you use bridge, doesn't it mean the gateway of public ips is located on
your ISP or DSL modem? Because this way the
120.40.60.193<http://120.40.60.193>also needs to know about
192.168.1.0 <http://192.168.1.0> to forward packets to you. Why don;t you
just ask an ip from your ISP and that subnet will be routed to that ip. This
way you won't need bridge.

On 10/22/05, Tom Gaudasinski <cetus@xxxxxxxxxxxxxxxx> wrote:
>
> Greetings,
> I have a problem in regards to the routing i've set up. I have a
> public subnet bridged from my ISP(DSL), it's a full bridge. So in order
> to use this subnet i have created a bridge out of two eth interfaces so
> that i may also firewall what will be behind the router. In addition to
> this I have a private subnet (192.168.1.x) that I NAT to the public IP
> of the router. My setup looks like this:
>
> DSL Modem (in bridge mode)
> |
> / eth0 \
> <br0> 120.40.60.194/29 <http://120.40.60.194/29>
> \ eth1 /
> / \__ Publically addresses machines
> eth2
> 192.168.1.1___Privately NATted machines
>
> So eth0 and eth1 are part of the bridge (which has 1 ip address), and
> eth2 has a private address. eth0 plugs directly into the dsl modem, eth1
> into a switch that contains publically addressed computers and eth2
> logically so as well. I've set the rules up so that the users behind
> eth2 get natted and the public users also get internet. This works, what
> doesn't work however is that the 192.168.1.x users cannot communicate
> with the publically addressed users through the router. Even when the
> firewall has been cleared out (of natting rules) they still cannot ping
> or communicate. It seems there's a different procedure for routing to a
> bridge. my route -n output is:
>
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 120.40.60.192 <http://120.40.60.192> 0.0.0.0 <http://0.0.0.0>
> 255.255.255.248 <http://255.255.255.248> U 0 0 0 br0
> 192.168.1.0 <http://192.168.1.0> 0.0.0.0 <http://0.0.0.0> 255.255.255.0<http://255.255.255.0>U 0 0 0 eth2
> 0.0.0.0 <http://0.0.0.0> 120.40.60.193 <http://120.40.60.193> 0.0.0.0<http://0.0.0.0>UG 0 0 0 br0
>
> How can i get the private LAN users to route to the publically bridged
> subnet?
>
> Thankyou.
>
>
>
>


--
Bla bla
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux