Hello,
This may be a very basic question, but it still seems to have gotten
beyond me in a hurry.
I'd like to create a new network using IP Aliasing to allow us some
growth. Our existing network is 192.168.100.0 and we use 192.168.100.10
as our gw on the clients. I'd like to create a new network 192.168.200.0
and allow access to both networks regardless of their ip (192.168.100.xxx
or 192.168.200.xxx) and also allow them internet access through
192.168.100.10 (inetgw)
I have a box that's used for internet access that we can't modify (I'll
call this box 'inetgw') with an ip address of say 192.168.100.10
I went to my Linux box (we'll call this timbox) that has an internal ip of
192.168.100.225 and an alias (eth0:0) of 192.168.200.10.
What I'd like to do is create this new network (192.168.200.0) using IP
Alias and be able to see both networks (100.0 and 200.0) from any machine.
Here's what I've done so far:
timbox:
/sbin/ifconfig eth0:0 192.168.200.0 netmask 255.255.255.0 up
/sbin/route add -net 192.168.200.0 netmask 255.255.255.0 dev eth0
(not sure if the above is necessary)
At this point from timbox I can successfully ping both nets without any
problems.
Now I'd like to be able to go to my laptop (timlaptop) with an IP Address
of 192.168.100.50 and see both the 100.0 and 200.0 networks. I've set the
gw of timlaptop to 192.168.100.225, but everytime I try to ping
192.168.200.10 it ends up going out to the internet via 192.168.100.10
which is the inetgw box that I can't do anything with, but has
masquerading installed for our Internet Acces.
I tried adding some 'ipchain' rules, but got nowhere.
I added (to timbox):
ipchains -P forward DENY
ipchains -A forward -s 192.168.200.0/24 -j MASQ
Then I ran tcpdump host 192.168.100.50 and tried to ping 192.168.200.10
and watched all the trffic go right out to the Internet when I had hoped
that everything would stay in house and actually find the 192.168.200.0
network.
If I go to timlaptop (192.168.100.50) and add the following:
route add 192.168.200.0 mask 255.255.255.0 192.168.100.225
I can then hit all 3 nets: 192.168.100.0, 200.0, and the Internet w/out
any problems? Why must I do this, and can I get around it? What have I
not done on timbox to allow for this?
I'm lost and don't know what to do.
Can anyone offer any assistance? Are my ifconfig and route statements
correct? Am I doing something wrong with the ipchains rules? Can I set
up timbox to give everyone internally access to both 192.168.100.0 and
192.168.200.0 networks when I can't touch the 192.168.100.10 (inetgw) box
that is now the gw on all machines in house?
If anyone can offer suggestions (examples on what syntax I should be
using) on what it is that I need to do or am doing wrong I would greatly
appreciate any and all guidance.
Best Regards,
Tim
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
