Two physical Nics, one virtual nic. Two subnets, two gateways

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



We currently have a RH ES 5 server with 4 nics.

Currently eth0 will be the primary nic for users trying to access our ERP system. We have no current need for eth2 or eth3

-----------------------------
[root@solo devices]# more ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
HWADDR=00:21:28:3D:72:96
ONBOOT=yes
NETMASK=255.255.255.0
IPADDR=172.20.2.80
GATEWAY=172.20.2.136
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
-----------------------------

We want to install squid on this server and use eth1 for that. It would also require a virtual eth1:1. We want to use the squid proxy to send http traffic to our dsl line so our T1 is just VoIP and Email.

Our workstations are on the 172.20.2.0 subnet and default to the 172.20.2.136 gateway.

However our DSL router is on a 172.20.4.0 subnet.

We want to make eth1 as follows

I made an ifcfg-eth1 as follows
-----------------------------
[root@solo devices]# more ifcfg-eth1
DEVICE=eth1
BOOTPROTO=none
HWADDR=00:21:28:3D:72:97
ONBOOT=no
NETMASK=255.255.255.0
IPADDR=172.20.4.81
GATEWAY=172.20.4.249
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
-----------------------------

As soon as I do an ifup eth1 all networking dies. have to delete our ifcfg-eth1 file and restart networking to recover.

So at this point we haven't even gotten eth1 to work so we haven't gone on to making an eth1:1 entry.





In our other office we have similar working scenario with a squid proxy server. It's a ubuntu box though and it only has one physical nic.

-----------------------------
aaron@anduril:~$ more /etc/network/interfaces
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 172.20.5.108
netmask 255.255.255.0
gateway 172.20.5.1

auto eth0:1
iface eth0:1 inet static
address 172.20.1.108
netmask 255.255.255.0

up route add -net 172.20.2.0/24 gw 172.20.1.136 dev eth0:1
-----------------------------

So we're trying to recreate that on the redhat ES 5 server but with eth1 and eth1:1. The last line in that entry is just for routing to the 172.20.2.0 subnet via a vpn.

So if you were in the office with the ubuntu proxy server and you're computer was 172.20.1.9 and you wanted to go to www.redhat.com routing looks something like

172.20.1.9 --> 172.20.1.108 --> 172.20.5.108 --> 172.20.5.1 --> Internet --> www.redhat.com

and if wanted to go to a website located in our other office with ip address 172.20.2.99 that route add makes it look something like

172.20.1.5 --> 172.20.1.108 --> 172.20.1.136 --> 172.20.2.136 --> 172.20.2.99

So all traffic goes to our dsl router 172.20.5.1, except if it's a 172.20.2.0 address which then goes to the 172.20.1.136 router


So regardless of what office I am in and I want the ERP system, I just ssh 172.20.2.80 (eth0)

If i'm browsing the web then the proxy server ip address is 172.20.2.81 (eth1:1)

If my computer is 172.20.2.10 trying to browse www.redhat.com it needs to look like:

172.20.2.10 --> 172.20.2.81 --> 172.20.4.81 --> 172.20.4.249 --> Internet --> www.redhat.com

Also on occasion a user there would need to browse a website at the 172.20.1.0 subnet

172.20.2.10 --> 172.20.2.81 --> 172.20.2.136 --> 172.20.1.136 --> 172.20.1.99

Hope that wasn't too long and difficult to understand  :)

Wasn't easy trying to put that into words.




Thanks,

Aaron

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux