|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Routing problem?
|
each ethernet device on the firewall has a separate IP address like
follows:
ifconfig
eth0 Link encap:Ethernet HWaddr 00:40:05:3A:33:A5
inet addr:64.194.227.197 Bcast:64.194.227.199
Mask:255.255.255.252
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1837337 errors:0 dropped:0 overruns:0 frame:0
TX packets:1131075 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2583099925 (2.4 GiB) TX bytes:87953992 (83.8 MiB)
Interrupt:3 Base address:0x300
eth1 Link encap:Ethernet HWaddr 00:80:C8:FE:6D:CC
inet addr:192.168.1.10 Bcast:192.168.1.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1278034 errors:0 dropped:0 overruns:0 frame:0
TX packets:1940154 errors:0 dropped:0 overruns:0 carrier:0
collisions:155 txqueuelen:100
RX bytes:161038404 (153.5 MiB) TX bytes:2594028072 (2.4 GiB)
Interrupt:12 Base address:0x6800
eth2 Link encap:Ethernet HWaddr 00:50:BA:56:AC:87
inet addr:192.168.10.10 Bcast:192.168.1.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:164267 errors:0 dropped:0 overruns:0 frame:0
TX packets:190580 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:31802342 (30.3 MiB) TX bytes:97163467 (92.6 MiB)
Interrupt:5 Base address:0x2000
also the routing table for the firewall looks like:
/sbin/route -vn
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
64.194.227.196 0.0.0.0 255.255.255.252 U 0 0 0
eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
eth1
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0
eth2
0.0.0.0 64.194.227.198 0.0.0.0 UG 0 0 0
eth0
Now the tricky part is the routing tables from the internal boxes.
Destination Gateway Genmask Flags Metric Ref Use
Iface
64.194.227.197 0.0.0.0 255.255.255.255 UH 0 0 0
eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
eth0
0.0.0.0 64.194.227.197 0.0.0.0 UG 0 0 0
eth0
to set this up you have to tell the system that the eth0 actually has 2
IP addresses
# Configure the ethernet device or start SLIP/PPP below.
IPADDR="192.168.1.1" # Your IP address.
NETMASK="255.255.255.0" # Your netmask.
NETWORK="192.168.1.0" # Your network address.
BROADCAST="192.168.1.255" # Your broadcast address (blank if
none).
GATEWAY="" # Your gateway address.
ifconfig eth0 ${IPADDR} netmask ${NETMASK} broadcast ${BROADCAST}
[ "$ADDROUTE" ] && route add -net ${NETWORK}
[ "$GATEWAY" ] && route add default gw ${GATEWAY}
route add -host 64.194.227.197 eth0
route add default gw 64.194.227.197 eth0
The default is for eazch deviuce to only have one IP address, but with
private IP addresses, NAT, and port forwarding each internal card needs
to be configured with a private IP address through ifconfig while your
real IP address which is added to the card along with the gateway. I
know that this works, but it seems goofy.
"Brent R. Matzelle" wrote:
>
> Hello Everyone,
>
> I just setup a firewall with RH 7.2. I am using the Comcast @Home
> service to get access. I turned on routing echo "1" >
> /proc/.../ip_forward . The Linux box can ping any internal and
> external IP address and the win32 clients can ping the gateway (eth1)
> 192.168.0.1. Unfortunately the win32 machines cannot ping any
> external addresses. A tracert shows that it goes to the firewall but
> gets no further than 192.168.0.1.
>
> On the firewall if I try to ping the external card from the internal
> card (ping -I eth1 68.80.22.26) I get no reply. This suggest to me a
> routing problem.
>
> Here are some configuration stats:
>
> eth0 Link encap:Ethernet HWaddr 00:60:97:B6:58:B2
> inet addr:68.80.22.26 Bcast:68.80.23.255
> Mask:255.255.248.0
> UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1
> RX packets:82015 errors:0 dropped:0 overruns:0 frame:0
> TX packets:3214 errors:0 dropped:0 overruns:0 carrier:0
> collisions:1 txqueuelen:100
> RX bytes:5331816 (5.0 Mb) TX bytes:424036 (414.0 Kb)
> Interrupt:10 Base address:0xfe80
>
> eth1 Link encap:Ethernet HWaddr 00:60:08:08:FD:C2
> inet addr:192.168.0.1 Bcast:192.168.0.255
> Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:3363 errors:0 dropped:0 overruns:0 frame:0
> TX packets:4447 errors:0 dropped:0 overruns:0 carrier:1
> collisions:0 txqueuelen:100
> RX bytes:325564 (317.9 Kb) TX bytes:407916 (398.3 Kb)
> Interrupt:10 Base address:0xff00
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:259 errors:0 dropped:0 overruns:0 frame:0
> TX packets:259 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:25781 (25.1 Kb) TX bytes:25781 (25.1 Kb)
>
> Here is route -n:
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
> 68.80.16.0 0.0.0.0 255.255.248.0 U 0 0 0 eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
> 0.0.0.0 68.80.16.1 0.0.0.0 UG 0 0 0 eth0
>
> Any suggestions for solving this problem?
>
> Warm regards,
>
> Brent
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Tax Center - online filing with TurboTax
> http://taxes.yahoo.com/
>
> ______________________________________________________________________
> Philadelphia Linux Users Group - http://www.phillylinux.org
> Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
> General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
--
Rev. LeRoy D. Cressy mailto:lcressy@telocity.com /\_/\
http://www.netaxs.com/~ldc ( o.o )
Phone: 215-535-4037 > ^ <
Jesus saith unto him, I am the way, the truth, and the life:
no man cometh unto the Father, but by me. (John 14:6)
______________________________________________________________________
Philadelphia Linux Users Group - http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
|
|