We currently have a RH ES 5 server with 4 nics.
Currently eth0 will be the primary nic for users trying to access our
ERP system. We have no current need for eth2 or eth3
-----------------------------
[root@solo devices]# more ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
HWADDR=00:21:28:3D:72:96
ONBOOT=yes
NETMASK=255.255.255.0
IPADDR=172.20.2.80
GATEWAY=172.20.2.136
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
-----------------------------
We want to install squid on this server and use eth1 for that. It would
also require a virtual eth1:1. We want to use the squid proxy to send
http traffic to our dsl line so our T1 is just VoIP and Email.
Our workstations are on the 172.20.2.0 subnet and default to the
172.20.2.136 gateway.
However our DSL router is on a 172.20.4.0 subnet.
We want to make eth1 as follows
I made an ifcfg-eth1 as follows
-----------------------------
[root@solo devices]# more ifcfg-eth1
DEVICE=eth1
BOOTPROTO=none
HWADDR=00:21:28:3D:72:97
ONBOOT=no
NETMASK=255.255.255.0
IPADDR=172.20.4.81
GATEWAY=172.20.4.249
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
-----------------------------
As soon as I do an ifup eth1 all networking dies. have to delete our
ifcfg-eth1 file and restart networking to recover.
So at this point we haven't even gotten eth1 to work so we haven't gone
on to making an eth1:1 entry.
In our other office we have similar working scenario with a squid proxy
server. It's a ubuntu box though and it only has one physical nic.
-----------------------------
aaron@anduril:~$ more /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 172.20.5.108
netmask 255.255.255.0
gateway 172.20.5.1
auto eth0:1
iface eth0:1 inet static
address 172.20.1.108
netmask 255.255.255.0
up route add -net 172.20.2.0/24 gw 172.20.1.136 dev eth0:1
-----------------------------
So we're trying to recreate that on the redhat ES 5 server but with eth1
and eth1:1. The last line in that entry is just for routing to the
172.20.2.0 subnet via a vpn.
So if you were in the office with the ubuntu proxy server and you're
computer was 172.20.1.9 and you wanted to go to www.redhat.com routing
looks something like
172.20.1.9 --> 172.20.1.108 --> 172.20.5.108 --> 172.20.5.1 --> Internet
--> www.redhat.com
and if wanted to go to a website located in our other office with ip
address 172.20.2.99 that route add makes it look something like
172.20.1.5 --> 172.20.1.108 --> 172.20.1.136 --> 172.20.2.136 -->
172.20.2.99
So all traffic goes to our dsl router 172.20.5.1, except if it's a
172.20.2.0 address which then goes to the 172.20.1.136 router
So regardless of what office I am in and I want the ERP system, I just
ssh 172.20.2.80 (eth0)
If i'm browsing the web then the proxy server ip address is 172.20.2.81
(eth1:1)
If my computer is 172.20.2.10 trying to browse www.redhat.com it needs
to look like:
172.20.2.10 --> 172.20.2.81 --> 172.20.4.81 --> 172.20.4.249 -->
Internet --> www.redhat.com
Also on occasion a user there would need to browse a website at the
172.20.1.0 subnet
172.20.2.10 --> 172.20.2.81 --> 172.20.2.136 --> 172.20.1.136 -->
172.20.1.99
Hope that wasn't too long and difficult to understand :)
Wasn't easy trying to put that into words.
Thanks,
Aaron
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
