On Sun, 9 Sep 2001, Jeff Newmiller wrote:
> On Sun, 9 Sep 2001, Jack Coates wrote:
>
> > Hey,
> >
> > I've been trying off-and-on to get multi-interface routing working on my
> > ES2B system... during the off periods there's been a lot of trying to
> > restart from scratch with another LEAF distro or stripping a full
> > distro, but these efforts have been stymied by bad hardware and software
> > problems and just not having the time or energy to learn a new OS, so
> > I'm back to the first router.
> >
> > Hardware:
> > 486/33 with 24MB RAM and two 1680KB floppies, two NE2000s, one USR
> > Courier v.Everything.
> >
> > Diagram (IP's not obfuscated because it just takes dig to find them):
> >
> > TSOFT SPRINT
> > | |
> > --------PPP0 ETH0--------
> > 198.144.201.9 66.1.155.123
> > EigerStein2BETA
> > 192.168.1.254
> > ETH1
> > |
> > HUB
> >
> > Goal:
> > So, I've got Kenneth Hadley's PPP package working pretty well, and I've
> > modified Charles' scripts pretty extensively (see attachments). The goal
> > is to have inbound DNS, SMTP, SSH, and maybe IRC sent to the modem via
> > DNS records. I can then catch those protocols on the outbound trip and
> > send them through the modem as well (see
> > http://www.linuxdoc.org/HOWTO/Adv-Routing-HOWTO.html for how to do this
> > -- I haven't gotten 100% there yet but close enough that I do think it
> > will work). There are a number of design problems to look out for here
> > but I'll deal with them later as they are easy (for instance, multiple
> > mail servers sending mail from the proper public IP addresses).
>
> Motivation: Sprint doesn't want you to provide those services?
The AUP of course says no, but they don't care enough to block service.
Yet.
Because it's there (though starting to look like it'll need oxygen
bottles and a Sherpa).
So I can write it up for the load-balancing howto if it's doable.
>
> >
> > Problem:
> > It don't route from PPP0 to ETH1.
> > 207.201.34.1 dev ppp0 proto kernel scope link src 198.144.201.9
>
> Do you really mean to limit yourself to one and only one host connection
> through the ppp link?
>
No, but I also don't want to have two default routes because Linux won't
use both of them -- basically I want to route by protocol rather than
address, which is where the rub is because that's not what the systems
(or Internet) are designed to do.
> > 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.254
> > 66.1.155.0/24 dev eth0 proto kernel scope link src 66.1.155.123
> > default via 66.1.155.122 dev eth0
> >
> > The packets aren't being blocked by ipchains, so I think I have the
> > filters right -- I also think the routing looks right. So I'm
> > thinking the problem is the fact that I'm trying to do two ipmasq
> > statements... But I don't know for sure what the problem is. Any ideas?
>
> Nor I, but guesses are free.
>
> are your masquerades interface-specific? In particular, making the ppp if
> masq specific to eth1 would seem to be a good idea.
>
# Masquerade internal network to world
if [ "$MASQ_SWITCH" = "YES" -o "$MASQ_SWITCH" = "Yes" \
-o "$MASQ_SWITCH" = "yes" ]; then
for NET in $INTERN_NET; do
$IPCH -A forward -j MASQ -p all -s $NET -d 0/0 -i
$EXTERN_IF
$IPCH -A forward -j MASQ -p all -s $NET -d 0/0 -i
$EXTERN_IF2
done; unset NET
seems that this is masq'ing from the inside out, which ought to have the
intended effect.
> Then again, why would you route betwee ppp0 and eth0?
If I'm not careful with default route, I could imagine this happening,
which would be not good.
>
> ---------------------------------------------------------------------------
> Jeff Newmiller The ..... ..... Go Live...
> DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go...
> Live: OO#.. Dead: OO#.. Playing
> Research Engineer (Solar/Batteries O.O#. #.O#. with
> /Software/Embedded Controllers) .OO#. .OO#. rocks...2k
> ---------------------------------------------------------------------------
>
--
Jack Coates
Monkeynoodle: A Scientific Venture...
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
