On Mon, 20 May 2002, Ramin Alidousti wrote:
> Hi Matthew,
>
> He's asking this question for the internal hosts. Your answer is meant
> for the services running on the gateway itself (I assume).
Yep - in fact Roberto offlined me and we got that worked out. (insert
below)
> Can you shed some light as to how to do this for his set up. Would it
> be sufficient if your rules below change to:
>
> ip rule add from 1.1.1.1/24 table 1 prio 15000
> ip rule add from 2.2.2.2/24 table 2 prio 16000
Similar - but the 'dev lo' is still needed due to his using one NIC card -
I agree with your reasoning but I suspect because of the one NIC card that
the host is involved in the pathing thus the packets 'appear' to come from
the host. Here is what ended up working for Roberto:
---
> > Roberto
> Matthew
> > I do have to implement this solutions through this NIC.
> > Let's say i have only one nic, so how does it solves the pozzle?
>
> If you have only one NIC card and you want to route both networks then you
> simply have to do the following:
>
> Assume NET1 = 1.1.1.0/24 with address 1.1.1.1
> NET2 = 2.2.2.0/24 with address 2.2.2.2
>
> Then you have:
>
> ip addr add 1.1.1.1/24 dev eth0 brd +
> ip addr add 2.2.2.2/24 dev eth0 brd +
>
> ip route add default via 1.1.1.254 src 1.1.1.1 table 1
> ip route add default via 2.2.2.254 src 2.2.2.2 table 2
>
> ip rule add from 1.1.1.1/32 dev lo table 1 prio 15000
> ip rule add from 2.2.2.2/32 dev lo table 2 prio 15500
>
> And make sure you do NOT have any default routes in table 254 (the main
> routing table)
---
> I'm asking you for this answer because you can explain so well.
<blush>...
> BTW, the default routes below don't have a "via" part. For a
> broadcast medium like Ethernet is it not a must. And if not,
> how would the gateway know which MAC it needs the frames to
> send to as a next hop.
Originally on purpose - although not a good answer :-{. The answer below
was a quick crib from my response to the "Weak Host" issue on BugTraq.
There I was pointing out that such a route structure would bounce back
requests through the appropriate interface thus 'emulating' a strong host.
In that type of situation there is a default gateway associated with the
network/interface combo already existing in table 254 (main). That is why
in the response above to Roberto I stressed that table 254 (main) should
not have any default routes but also added in the 'via' commands.
I have not tried to trace out the packet path under routing for the case
where the default route merely specifies an interface but I have mostly
concluded that there are two cases:
1: There exists a 'default router' associated with the PREFIX in
table 254 with an appropriate 'via'
2: There does not exist any other default route but there is multicast
and a router query mechanism available.
#1 is my suspicion where the initial lookup in the RPDB obtains the
interface default route and then a second lookup obtains the first viable
'via' from 254. #2 is somewhat obvious but needs to be complete. Hmmmm...
> Ramin
Thanks!
--------------------------------------------------
Matthew G. Marsh, President
Paktronix Systems LLC
1506 North 59th Street
Omaha NE 68104
Phone: (402) 932-7250 x101
Email: [EMAIL PROTECTED]
WWW: http://www.paktronix.com
--------------------------------------------------
