I guess you should add routes: On the incoming machine: (10.0.0.1 / 11.0.0.1)
10.0.0.0 * 255.255.255.0 .... eth0 11.0.0.0 * 255.255.255.192 .... eth1 Instead of 10.0.0.2 and 11.0.0.2 Ron Rademaker On Tue, 2 May 2000, Fraser Campbell wrote: > I have added an extra ethernet card to one of our Linux servers so that it > can route packets between our two public Internet networks. It has been > performing the job just fine for a few weeks but I have just noticed that > one of the interfaces does not respond from outside our networks. > > To illustrate I'll use some fictitious IPs: > > eth0: 10.0.0.2 (network is 10.0.0.0/24) > eth1: 11.0.0.2 (network is 11.0.0.0/26) > > Here is the routing table: > 10.0.0.2 * 255.255.255.0 U 0 0 0 eth0 > 11.0.0.2 * 255.255.255.192 U 0 0 0 eth1 > default 11.0.0.1 0.0.0.0 UG 0 0 0 eth1 > > All hosts within either of our networks can talk with all hosts on their > own network (through this gateway), all hosts on our other network (through > this gateway), they can also reach the Internet through their default route > (either 10.0.0.1 or 11.0.0.1). The gateway itself can also reach both > networks and the Internet correctly regardless of it's default route. > > The problem is that one of the interfaces is always unreachable from "the > Internet" depending on how I set the default route. In the case above the > interface 10.0.0.2 is unreachable. If I change the default route to > 10.0.0.1 then the interace 10.0.0.2 becomes reachable but the 11.0.0.2 > interface becomes unreachable. > > I'm pretty sure the kernel is dropping the packets when it tries sending > them to the Internet because the source address does not match the network > address. > > How can I tell the server to send packets for a 10.0.0.2 connection through > 10.0.0.1 (on the eth0 LAN) and send packets for 11.0.0.2 connections > through 11.0.0.1 (on the eth1 LAN)? I need this because I want to run > various services on both the networks from this machine. > > I have tried several methods of adding multiple gateways but haven't come > up with anything that corrects the problem yet. > > Thanks for any ideas! > > Fraser > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null >