Hi! I cant use aliases. Too much networks and too often changes... It works with zebra: # sh ip route Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, B - BGP, > - selected route, * - FIB route S 0.0.0.0/0 [1/0] via 217.195.78.46, eth1 K>* 0.0.0.0/0 via 217.195.78.46, eth1 K * 127.0.0.0/8 is directly connected, lo C>* 127.0.0.0/8 is directly connected, lo0 C>* 192.168.0.0/24 is directly connected, eth0 S 192.168.1.0/25 [1/0] via 192.168.0.254, eth0 S>* 192.168.254.0/24 [1/0] via 192.168.0.254, eth0 C>* 217.195.78.32/28 is directly connected, eth1 And packets from 192.168.1.0/24 now can reach this computer... Heh.. Now I trying to up ospf between ciscos and linuxes... This computer is not a router but need to have routes to other network not through default gw. Net information is not so static to keep routes manually... Hehhh... 7 linuses and 9 ciscos... :-| So, EIGRP is much faster then OSPF I choose for linux. I hope I can use EIGRP between ciscos and OSPF between linuxes and one cisco 'main router'. Sergei Keler General DataComm IT-manager tel.: +7(812)325-1085 fax: +7(812)325-1086 On 22.11.2005, at 18:24, Dana Hudes wrote:
Your linux box can't send packets outside the LAN unless you use NAT on the router since your diagram does not include a proxy (cisco can NAT but it isn't a proxy).
EIGRP is not going to work on a Linux system it is proprietary. Futhermore the Linux system is a host. It is not supposed to run dynamic routing protocol. The Cisco router is supposed to have routes for all your other subnets -- interface routes not dynamic ones. This can be from subinterfaces or physical ones.
The linux host gets 1 static route: default , with gw 192.168.0.254
I cant do it. I need default gw to real address :-(
Send packets to router let it do its job. Don't go running zebra and stuff on linux unless you want it to be a router. that only makes sense for more sophisticated situaitons where the cost of a cisco interface is much more expensive than a PC. Also remember that a cisco router WILL forward packets MUCH faster than a PC. It has special hardware inside for this purpose.
On Tue, 22 Nov 2005, Sergei Keler wrote:
Yes. Thats right.
But.. 217.x.x.y Internet --- [ cisco router ] -----------------+ eth0 217.x.x.x |192.168.0.254 [linux box] [switch] --------------------+ eth1 192.168.0.1/24 | Several LANs including 192.168.1.0/24 for example...
Linux box dont need to route outside LAN. It must use specified GW for route other LAN networks. If I use YAST to add rotes it works strange. Manual adding route like: route add -net 192.168.1.0/24 gw 192.168.0.254 works! [censored]! Still [censored] with yast and its environment to keep reached configuration :-)
Next step will be adding dynamic routing driven by cisco :-(
Sergei Keler General DataComm IT-manager tel.: +7(812)325-1085 fax: +7(812)325-1086
On 22.11.2005, at 17:38, Dana Hudes wrote:
192.168.0.254 is a legitimate RFC1918 address. Its not publicly routable but its fine to use behind a proxy or NAT gateway in a private network.
On Tue, 22 Nov 2005, Dirk Schreiner wrote:
Hi*,
anyway there will never be a net 192.168.0.254/24.
Syv Ritch wrote:
Sergei Keler wrote:
Next, what you recommend as linux implementation of Cosco's EIGRP? Ciscos use EiGRP to keep routes between them using 192.168.0.254/24 net.
1. EIGRP is proprietary to Cisco, and only runs on Cisco gear. 2. There is nothing in EIGRP that "keep routes between them using 192.168.0.254/24 net". For a simplified explanation of EIGRP: [...]
Dirk
TRIA IT-consulting GmbH Joseph-Wild-Straц÷e 20 81829 Mц╪nchen Germany Tel: +49 (89) 92907-0 Fax: +49 (89) 92907-100 http://www.tria.de
Registergericht Mц╪nchen HRB 113466 USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600 Geschц╓ftsfц╪hrer: Richard Hofbauer kaufm. Geschц╓ftsleitung: Rosa Igl-------------------------------------------------------- Nachricht von: Dirk.Schreiner@tria.de Nachricht an: suse@911networks.com, skiller@gdc.ru, suse- security@suse.com # Dateianhц╓nge: 0
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here