On Apr 27 2007 15:11, Andres Paglayan wrote: > Hi, > > my ipcop box has 4 ports, > one of them, eth2 (with ip 192.168.50.1) connects to a different site through a > dedicated T1 > only couple of subnets are routed to that device, > > the route command I am using is: > > /sbin/route add -net 172.17.2.0/23 gw 192.168.50.1 > /sbin/route add -net 172.16.0.0/23 gw 192.168.50.1 > > > not sure how using: > > /sbin/route add -net 172.17.2.0/23 -i eth2 > > would affect the traffic, Perhaps not at all because -i is not a valid option. > and the same question applies for nating > > shall I nat by device? Depends on whether you need it. > > iptables -t nat -A CUSTOMPOSTROUTING -o eth2 -j SNAT --to 192.168.50.1 > > or by destination? (provided the destination is routed by either of the route > instructions at the top) Most likely you want "by device". But, YMMV. > /sbin/iptables -t nat -A CUSTOMPOSTROUTING -d 172.17.2.0/23 -j SNAT --to > 192.168.50.1 > > > Thank you for the enlightenment, > > > Andres > > > Jan --
