Re: [SLE] Routing issues with eth1(internal) & eth2(external)
From: Merton Campbell Crockett (mcc_at_CATO.GD-AIS.COM)
Date: 05/18/05
- Previous message: Dave Driscoll: "Re: [SLE] no nfs sever for 9.1"
- In reply to: Mark A. Taff: "[SLE] Routing issues with eth1(internal) & eth2(external)"
- Next in thread: Ken Schneider: "Re: [SLE] Routing issues with eth1(internal) & eth2(external)"
- Reply: Ken Schneider: "Re: [SLE] Routing issues with eth1(internal) & eth2(external)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 18 May 2005 06:42:31 -0700 (PDT) To: "Mark A. Taff" <marktaff@comcast.net>
On Tue, 17 May 2005, Mark A. Taff wrote:
> All,
> I sure hope someone can enlighten me. I am having a weird
> routing issue. Everything works OK, except I can't access the the
> external interface from a machine on my internal network.
In addition, you have a weird network configuration.
> See network map pdf at http://www.marktaff.com/network.map.pdf
> See output of `ifconfig` and `route` below.
>
> >From any internal (192.168...) machine, I can't ping/ssh liberty1-ext, but I
> can ping/ssh to liberty1-int.
>
> >From each internal machine, I can reach all the other internal machines, and
> the router's external ip, but not liberty1's external ip.
>
> >From outside my private network, I can ping/ssh liberty1-ext just fine.
>
> I want to be able to access the machine via liberty1-ext both at home and
> while traveling, yet still be able to access the private network from
> liberty1 via liberty1-int interface.
This is the part that is hard to understand: Why do you want to do this?
If all of the "internal" systems can access LIBERTY1 from the internal
network, why would you want them to go through two firewalls to access
LIBERTY1?
You appear to have two Comcast networks assigned to you. Does Comcast
allow routing between the two networks? For security reasons, it would be
reasonable for them not to as it would provide a pathway to deliver
malware.
> Could the problem be my hub? Do I need to replace it with a switch, or
> perhaps a separate router? Seems like the hub should work?
From a simple routing perspective, you shouldn't be able to communicate
between the 24.22.122/20 and the 24.22.190/24 networks, at least locally,
without some routing information being provided.
You could add a static host route to LIBERTY1 and your D-Link Wireless
Router. On LIBERTY1 add 24.22.190.86 with the gateway as being your eth1
interface. On the wireless router add a host route for 24.16.122.35 and
specify it's ethernet interface as the gateway. This would identify that
there are two networks on the "external" LAN. This should allow the
traffic between the networks to be routed locally through the hub.
Still, it doesn't make sense to do this. What are you trying to
accomplish?
Merton Campbell Crockett
-- BEGIN: vcard VERSION: 3.0 FN: Merton Campbell Crockett ORG: General Dynamics Advanced Information Systems; Intelligence and Exploitation Systems N: Crockett;Merton;Campbell EMAIL;TYPE=internet: mcc@CATO.GD-AIS.COM TEL;TYPE=work,voice,msg,pref: +1(805)497-5045 TEL;TYPE=work,fax: +1(805)497-5050 TEL;TYPE=cell,voice,msg: +1(805)377-6762 END: vcard
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
- Previous message: Dave Driscoll: "Re: [SLE] no nfs sever for 9.1"
- In reply to: Mark A. Taff: "[SLE] Routing issues with eth1(internal) & eth2(external)"
- Next in thread: Ken Schneider: "Re: [SLE] Routing issues with eth1(internal) & eth2(external)"
- Reply: Ken Schneider: "Re: [SLE] Routing issues with eth1(internal) & eth2(external)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
