Re: [SLE] Routing problems...2 different distros

• Previous message: LinuxWorld999: "Re: [SLE] QT Designer with SuSE 9.0"
• In reply to: Bill.Light_at_kp.org: "[SLE] Routing problems...2 different distros"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: <suse-linux-e@suse.com>
Date: Fri, 7 Nov 2003 09:23:34 -0000

----- Original Message -----
From: <Bill.Light@kp.org>
To: <suse-linux-e@suse.com>
Sent: Thursday, November 06, 2003 9:51 PM
Subject: [SLE] Routing problems...2 different distros

> I'm at wits end - Looking for some help:
>
> 1st box: SuSE 9.0 Professional 2 NIC's
>
> eth0 to Firewall (7.3) DNAT'd http server (my DMZ) 172.x.x.x
> eth1 to Internal network for only SSH and updates right now....
> 192.x.45.x
>
> Problem with 1st box - I can't run Yast without changing default route to
> eth1 (I currently have no intent to do FTP to this webserver, but would
> like to be able to do my own mail in the future) So....currently to
> update I edit the /etc/sysconfig/network/routes and change default and do
> an rcnetwork restart ... then I can do the updates... I then change
> "default" route back to eth0 and rcnetwork restart again... I'm back in
> "production"
>
> How do I avoid this ?
>
> ===================================================
>
> 2nd box: SuSE 8.2 Professional 3 NIC's
>
> eth0 to Firewall (7.3) (same "Firewall" as above, different NIC)
> 192.x.35.x
> eth1 to Switch and "the rest" of the network 192.x.45.x
> eth2 to ISDN modem to work 10.x.x.x
>
>
> This 2nd box is my name server, squid server (for internal network) and
> secondary firewall
>
> I want traffic to the internet masqueraded eth0
> I want internal traffic to "flow" freely
> I want any traffic on any part of the LAN intened for the 10.x.x.x network
> to be routed through eth2 to work
>
> I can NOT get the routing to work eth2 to work
>
> I have tried edit of /etc/sysconfig/network/routes
>
> in various flavors of:
>
> 10.x.x.y 10.x.x.z 255.255.255.255 eth2
> 10.x.x.0 10.x.x.z 255.255.255.0 eth2
> 10.x.x.0 0.0.0.0 255.255.255.0 eth2
>
> (10.x.x.y is ISDN modem
> 10.x.x.z is eth2 static)
>
> Order seems to make a difference whether route -n (yes I know it's
> deprecated) reports UGH - UH - U ... bottom line, I can get two of what I
> thought was 3 of the required UGH-UH-U combo's
>
> In /etc/sysconfig/network/ifcfg-eth2 I've experimented with two "REMOTE"
> addresses (null and the address of the ISDN modem) with no success.
>
> I "upgraded" (actually a complete install of 8.2) over what was a working
> 7.3 box, but these routing differences are killing me, the best I have
> ever gotten is a connection to work from this box only... I had it all
> working as desired under 7.3.
>
> Yes, it is also a firewall (shorewall 1.4.7) and I am trying the routing
> AFTER "shorewall clear" which takes the firewall part out of the picture.
>
> ==================================
>
> Thoughts, ideas, examples, suggestions ?
>

A simple network of four computers is maintained at home. The server has
two network cards, one connected to the "Wired" LAN and the other is a
Wireless USB adapter connected to the internet. After booting, as the USB
adapter is probably not present when the boot process starts, no internet
connections are possible. Restarting the firewall restores this connection.
I have set the "DHCLIENT" flag as was suggested but many times the
connection is not set.

The wired ethernet cable is connected to a hub. If the hub is not switeched
on before the PC boots, the internet connection will not work even though it
is a separate device. In this case, the hub to be switched on and the
network restarted together with the firewall.

On the other machines, the default route has to be set to the wired lan
either manually or by inserting a router option in the DHCP configuration
file. On this setup, the route option is not set as otherwise the children
will have unfettered access to the internet. Their access is through a
proxy server, which can be turned on and off as necessary.

The firewall is set to recognise eth0 (wired Lan) as an internal network and
wlan0 (wireless internet connection) as the external untrusted network.
The IP forwarding and masquarding is switched on to enable routing through
this machine.

The set up is not as sophisichated as yours and is easier to configure.

Hope this helps.

LW999.

-- 
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com

• Previous message: LinuxWorld999: "Re: [SLE] QT Designer with SuSE 9.0"
• In reply to: Bill.Light_at_kp.org: "[SLE] Routing problems...2 different distros"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]