On Thu, 2002-09-26 at 20:58, Matthew Boeckman wrote: > > I'm setting up a linux router to fit in the topology below: > This is straight IP addresses, I'm using NAT addresses to protect the > innocent. Please note that this box does not do/need to do any NAT or MASQ > > Upstream linux router internal network > 10.1.1.1/30 eth0 10.1.1.2/30 > 255.255.255.252 eth1 10.1.5.1/27 10.1.5.2-30 > eth1:0 10.1.6.1/28 > 10.1.6.2-14 > > I have enabled packet forwarding, and my routing table looks like this: > destination gateway genmask iface > 10.1.1.0 0.0.0.0 255.255.255.252 eth0 > 10.1.5.0 0.0.0.0 255.255.255.224 eth1 > 10.1.6.0 0.0.0.0 255.255.255.240 eth1 > 0.0.0.0 10.1.1.1 0.0.0.0 eth0 > > Now, whenever I try to add a route statement the way i _think_ it should > be added, I get "Network Unreachable". When I add them reverse from what I > think, route doesn't complain, but stuff still doesn't work. For example > > route add -net 10.1.5.0 netmask 255.255.255.224 gw 10.1.5.1 dev eth0 > (associating a route to 10.1.5.0 with gateway 10.1.5.1 on eth0, so that > packets it receives bound for that network are passed to eth1 !) > gives me: SIOCADDRT: Network is unreachable. >
Not sure about the Network unreachable but I do not think you need a gw on the router since the route is already attached to the network. THe gateway is to tell a machine ," since you don;t know anything about this network, here is where to send these packets. > However if I do it as I have seen described in some howtow's: > route add -net 10.1.5.0 netmask 255.255.255.224 gw 10.1.1.2 > > route does not complain, but i cannot ping eth0 from eth1 or vice versa > with a destination host unreachable! you have told the machine to send packets destined for 10.1.5.0 to 10.1.1.2 and since it is the same machine, it just loops. or pukes I guess. > > I guess my question is: Am I over-complexifying this? With forwarding > enabled, and the proper subnets defined on each interface, will the kernel > just say "oh, yeah that network is on eth0 or that network is on eth1" and > pass it on? Yep. Your original routing table looks ok to me but then I have never done the aliasing thing so I don't know what the eth1:0 should look like. I would probably try it with eth0 and eth1 first and then bring up eth1:0 after I got it working but I am a break a problem into chunks kind of guy. What happens with just the two interfaces up? also make sure that forwarding is turned on via /etc/sysctrl.conf this line needs to read : net.ipv4.ip_forward = 1 Also are there any firewall rules in the way? HTH Bret -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
