Hi, I have a small network setup but can't seem to get the routing right. I have tried reading the documentation, but its still not right. So I was wondering if anyone can provide some help. The server has 2 ethernet cards setup: eth0 (192.168.1.53) points to an adsl router 192.168.1.2, which in turn points to the outside world. eth1 (192.168.2.1) points to the internal network. I would like to have the internal network on eth1 route through eth0 to the outside world. Currently the routing table is configured as: 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.1.2 0.0.0.0 UG 0 0 0 eth0 I know this is not right, as the 192.168.2.0 network can't see the 192.168.1.0 network. I thought that by virtue of the fact both cards were on the same machine it would be able to route packets between them, but i guess not. If anyone can point out what I have to do to achieve this I'd be grateful regards Jeff
On 18 Jun 2003 12:43:34 +1200
Jeff Hoare
Hi, I have a small network setup but can't seem to get the routing right. I have tried reading the documentation, but its still not right. So I was wondering if anyone can provide some help.
The server has 2 ethernet cards setup: eth0 (192.168.1.53) points to an adsl router 192.168.1.2, which in turn points to the outside world.
eth1 (192.168.2.1) points to the internal network.
I would like to have the internal network on eth1 route through eth0 to the outside world.
Currently the routing table is configured as: 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.1.2 0.0.0.0 UG 0 0 0 eth0
I know this is not right, as the 192.168.2.0 network can't see the 192.168.1.0 network. I thought that by virtue of the fact both cards were on the same machine it would be able to route packets between them, but i guess not. What you want to do is NAT. This is supported in Linux by a feature called IP masquerading. IP Masquerading is part of the firewall. I suggest you look at the docs for SuSE Firewall.
The routing table above should allow all systems on your 192.168.2
communicate with the 192.168.1.53 machine, but not get out of your
network.
--
Jerry Feldman
On Wed, 2003-06-18 at 13:55, Jerry Feldman wrote:
On 18 Jun 2003 12:43:34 +1200 Jeff Hoare
wrote: Hi, I have a small network setup but can't seem to get the routing right. I have tried reading the documentation, but its still not right. So I was wondering if anyone can provide some help.
The server has 2 ethernet cards setup: eth0 (192.168.1.53) points to an adsl router 192.168.1.2, which in turn points to the outside world.
eth1 (192.168.2.1) points to the internal network.
I would like to have the internal network on eth1 route through eth0 to the outside world.
Currently the routing table is configured as: 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.1.2 0.0.0.0 UG 0 0 0 eth0
I know this is not right, as the 192.168.2.0 network can't see the 192.168.1.0 network. I thought that by virtue of the fact both cards were on the same machine it would be able to route packets between them, but i guess not. What you want to do is NAT. This is supported in Linux by a feature called IP masquerading. IP Masquerading is part of the firewall. I suggest you look at the docs for SuSE Firewall.
The routing table above should allow all systems on your 192.168.2 communicate with the 192.168.1.53 machine, but not get out of your network. I tried to make 192.168.1.53 the default gw for the 192.168.2.0 network. However when I add the route it says "network unreachable". This is what I'm doing:
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.53 dev eth1 Jeff
You need to make the default gateway for your internal network to be
192.168.2.1. Then you need to enable routing and masquerading in
/etc/sysconfig/SuSEfirewall2. Then make sure your machine is connected to
the outside world. If you do not need masquerading (connecting to a private
network), then just enable routing. The default gateway should still be the
same for all your internal machines.
----- Original Message -----
From: "Jeff Hoare"
On Wed, 2003-06-18 at 13:55, Jerry Feldman wrote:
On 18 Jun 2003 12:43:34 +1200 Jeff Hoare
wrote: Hi, I have a small network setup but can't seem to get the routing right. I have tried reading the documentation, but its still not right. So I was wondering if anyone can provide some help.
The server has 2 ethernet cards setup: eth0 (192.168.1.53) points to an adsl router 192.168.1.2, which in turn points to the outside world.
eth1 (192.168.2.1) points to the internal network.
I would like to have the internal network on eth1 route through eth0 to the outside world.
Currently the routing table is configured as: 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.1.2 0.0.0.0 UG 0 0 0 eth0
I know this is not right, as the 192.168.2.0 network can't see the 192.168.1.0 network. I thought that by virtue of the fact both cards were on the same machine it would be able to route packets between them, but i guess not. What you want to do is NAT. This is supported in Linux by a feature called IP masquerading. IP Masquerading is part of the firewall. I suggest you look at the docs for SuSE Firewall.
The routing table above should allow all systems on your 192.168.2 communicate with the 192.168.1.53 machine, but not get out of your network. I tried to make 192.168.1.53 the default gw for the 192.168.2.0 network. However when I add the route it says "network unreachable". This is what I'm doing:
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.53 dev eth1
Jeff
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
Hi, ok well I well confused. I have updated the routing table, as below is this what you mean? Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.2.0 192.168.2.1 255.255.255.0 UG 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.1.2 0.0.0.0 UG 0 0 0 eth0 the netwrok I have is: 192.168.2.0 --eth1--server--eth0-192.168.1.0 | | | 192.168.2.1 192.168.1.53 | | 192.168.1.2 router--wan To test this I'm using traceroute traceroute -S 192.168.2.1 <some outside address> and getting nothing, although I notice its resolving host names to IP addresses. Jeff On Wed, 2003-06-18 at 15:15, Alexander Klayman wrote:
You need to make the default gateway for your internal network to be 192.168.2.1. Then you need to enable routing and masquerading in /etc/sysconfig/SuSEfirewall2. Then make sure your machine is connected to the outside world. If you do not need masquerading (connecting to a private network), then just enable routing. The default gateway should still be the same for all your internal machines.
----- Original Message ----- From: "Jeff Hoare"
To: "SuSE Mailing List-e" Sent: Tuesday, June 17, 2003 10:42 PM Subject: Re: [SLE] routing question On Wed, 2003-06-18 at 13:55, Jerry Feldman wrote:
On 18 Jun 2003 12:43:34 +1200 Jeff Hoare
wrote: Hi, I have a small network setup but can't seem to get the routing right. I have tried reading the documentation, but its still not right. So I was wondering if anyone can provide some help.
The server has 2 ethernet cards setup: eth0 (192.168.1.53) points to an adsl router 192.168.1.2, which in turn points to the outside world.
eth1 (192.168.2.1) points to the internal network.
I would like to have the internal network on eth1 route through eth0 to the outside world.
Currently the routing table is configured as: 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.1.2 0.0.0.0 UG 0 0 0 eth0
I know this is not right, as the 192.168.2.0 network can't see the 192.168.1.0 network. I thought that by virtue of the fact both cards were on the same machine it would be able to route packets between them, but i guess not. What you want to do is NAT. This is supported in Linux by a feature called IP masquerading. IP Masquerading is part of the firewall. I suggest you look at the docs for SuSE Firewall.
The routing table above should allow all systems on your 192.168.2 communicate with the 192.168.1.53 machine, but not get out of your network. I tried to make 192.168.1.53 the default gw for the 192.168.2.0 network. However when I add the route it says "network unreachable". This is what I'm doing:
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.53 dev eth1
Jeff
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
Another tip: It looks like your adsl router might be doing its own NAT. If
this is so, then you'll need to configure that on the router and turn off
masquerading on your linux box..
----- Original Message -----
From: "Jeff Hoare"
On Wed, 2003-06-18 at 13:55, Jerry Feldman wrote:
On 18 Jun 2003 12:43:34 +1200 Jeff Hoare
wrote: Hi, I have a small network setup but can't seem to get the routing right. I have tried reading the documentation, but its still not right. So I was wondering if anyone can provide some help.
The server has 2 ethernet cards setup: eth0 (192.168.1.53) points to an adsl router 192.168.1.2, which in turn points to the outside world.
eth1 (192.168.2.1) points to the internal network.
I would like to have the internal network on eth1 route through eth0 to the outside world.
Currently the routing table is configured as: 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.1.2 0.0.0.0 UG 0 0 0 eth0
I know this is not right, as the 192.168.2.0 network can't see the 192.168.1.0 network. I thought that by virtue of the fact both cards were on the same machine it would be able to route packets between them, but i guess not. What you want to do is NAT. This is supported in Linux by a feature called IP masquerading. IP Masquerading is part of the firewall. I suggest you look at the docs for SuSE Firewall.
The routing table above should allow all systems on your 192.168.2 communicate with the 192.168.1.53 machine, but not get out of your network. I tried to make 192.168.1.53 the default gw for the 192.168.2.0 network. However when I add the route it says "network unreachable". This is what I'm doing:
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.53 dev eth1
Jeff
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
Under SuSE 8.0, the file is in /etc/sysconfig/SuSEfirewall2. You can also
use Yast2 to setup your adsl modem, just remember to use ppp0 for external
device in the firewall setup in SuSEfirewall2, if you have to use ppp.
Otherwise use eth0, if your adsl modem connects straight through. You will
also want to enable routing in the same SuSEfirewall2 file.
----- Original Message -----
From: "Jeff Hoare"
Hi, I have a small network setup but can't seem to get the routing right. I have tried reading the documentation, but its still not right. So I was wondering if anyone can provide some help.
The server has 2 ethernet cards setup: eth0 (192.168.1.53) points to an adsl router 192.168.1.2, which in turn points to the outside world.
eth1 (192.168.2.1) points to the internal network.
I would like to have the internal network on eth1 route through eth0 to the outside world.
Currently the routing table is configured as: 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.1.2 0.0.0.0 UG 0 0 0 eth0
I know this is not right, as the 192.168.2.0 network can't see the 192.168.1.0 network. I thought that by virtue of the fact both cards were on the same machine it would be able to route packets between them, but i guess not.
If anyone can point out what I have to do to achieve this I'd be grateful
regards Jeff
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
participants (3)
-
Alexander Klayman
-
Jeff Hoare
-
Jerry Feldman