Routing problems...2 different distros
I'm at wits end - Looking for some help: 1st box: SuSE 9.0 Professional 2 NIC's eth0 to Firewall (7.3) DNAT'd http server (my DMZ) 172.x.x.x eth1 to Internal network for only SSH and updates right now.... 192.x.45.x Problem with 1st box - I can't run Yast without changing default route to eth1 (I currently have no intent to do FTP to this webserver, but would like to be able to do my own mail in the future) So....currently to update I edit the /etc/sysconfig/network/routes and change default and do an rcnetwork restart ... then I can do the updates... I then change "default" route back to eth0 and rcnetwork restart again... I'm back in "production" How do I avoid this ? =================================================== 2nd box: SuSE 8.2 Professional 3 NIC's eth0 to Firewall (7.3) (same "Firewall" as above, different NIC) 192.x.35.x eth1 to Switch and "the rest" of the network 192.x.45.x eth2 to ISDN modem to work 10.x.x.x This 2nd box is my name server, squid server (for internal network) and secondary firewall I want traffic to the internet masqueraded eth0 I want internal traffic to "flow" freely I want any traffic on any part of the LAN intened for the 10.x.x.x network to be routed through eth2 to work I can NOT get the routing to work eth2 to work I have tried edit of /etc/sysconfig/network/routes in various flavors of: 10.x.x.y 10.x.x.z 255.255.255.255 eth2 10.x.x.0 10.x.x.z 255.255.255.0 eth2 10.x.x.0 0.0.0.0 255.255.255.0 eth2 (10.x.x.y is ISDN modem 10.x.x.z is eth2 static) Order seems to make a difference whether route -n (yes I know it's deprecated) reports UGH - UH - U ... bottom line, I can get two of what I thought was 3 of the required UGH-UH-U combo's In /etc/sysconfig/network/ifcfg-eth2 I've experimented with two "REMOTE" addresses (null and the address of the ISDN modem) with no success. I "upgraded" (actually a complete install of 8.2) over what was a working 7.3 box, but these routing differences are killing me, the best I have ever gotten is a connection to work from this box only... I had it all working as desired under 7.3. Yes, it is also a firewall (shorewall 1.4.7) and I am trying the routing AFTER "shorewall clear" which takes the firewall part out of the picture. ================================== Thoughts, ideas, examples, suggestions ?
----- Original Message -----
From:
I'm at wits end - Looking for some help:
1st box: SuSE 9.0 Professional 2 NIC's
eth0 to Firewall (7.3) DNAT'd http server (my DMZ) 172.x.x.x eth1 to Internal network for only SSH and updates right now.... 192.x.45.x
Problem with 1st box - I can't run Yast without changing default route to eth1 (I currently have no intent to do FTP to this webserver, but would like to be able to do my own mail in the future) So....currently to update I edit the /etc/sysconfig/network/routes and change default and do an rcnetwork restart ... then I can do the updates... I then change "default" route back to eth0 and rcnetwork restart again... I'm back in "production"
How do I avoid this ?
===================================================
2nd box: SuSE 8.2 Professional 3 NIC's
eth0 to Firewall (7.3) (same "Firewall" as above, different NIC) 192.x.35.x eth1 to Switch and "the rest" of the network 192.x.45.x eth2 to ISDN modem to work 10.x.x.x
This 2nd box is my name server, squid server (for internal network) and secondary firewall
I want traffic to the internet masqueraded eth0 I want internal traffic to "flow" freely I want any traffic on any part of the LAN intened for the 10.x.x.x network to be routed through eth2 to work
I can NOT get the routing to work eth2 to work
I have tried edit of /etc/sysconfig/network/routes
in various flavors of:
10.x.x.y 10.x.x.z 255.255.255.255 eth2 10.x.x.0 10.x.x.z 255.255.255.0 eth2 10.x.x.0 0.0.0.0 255.255.255.0 eth2
(10.x.x.y is ISDN modem 10.x.x.z is eth2 static)
Order seems to make a difference whether route -n (yes I know it's deprecated) reports UGH - UH - U ... bottom line, I can get two of what I thought was 3 of the required UGH-UH-U combo's
In /etc/sysconfig/network/ifcfg-eth2 I've experimented with two "REMOTE" addresses (null and the address of the ISDN modem) with no success.
I "upgraded" (actually a complete install of 8.2) over what was a working 7.3 box, but these routing differences are killing me, the best I have ever gotten is a connection to work from this box only... I had it all working as desired under 7.3.
Yes, it is also a firewall (shorewall 1.4.7) and I am trying the routing AFTER "shorewall clear" which takes the firewall part out of the picture.
==================================
Thoughts, ideas, examples, suggestions ?
A simple network of four computers is maintained at home. The server has two network cards, one connected to the "Wired" LAN and the other is a Wireless USB adapter connected to the internet. After booting, as the USB adapter is probably not present when the boot process starts, no internet connections are possible. Restarting the firewall restores this connection. I have set the "DHCLIENT" flag as was suggested but many times the connection is not set. The wired ethernet cable is connected to a hub. If the hub is not switeched on before the PC boots, the internet connection will not work even though it is a separate device. In this case, the hub to be switched on and the network restarted together with the firewall. On the other machines, the default route has to be set to the wired lan either manually or by inserting a router option in the DHCP configuration file. On this setup, the route option is not set as otherwise the children will have unfettered access to the internet. Their access is through a proxy server, which can be turned on and off as necessary. The firewall is set to recognise eth0 (wired Lan) as an internal network and wlan0 (wireless internet connection) as the external untrusted network. The IP forwarding and masquarding is switched on to enable routing through this machine. The set up is not as sophisichated as yours and is easier to configure. Hope this helps. LW999.
participants (2)
-
Bill.Light@kp.org
-
LinuxWorld999