Re: Dual NICs, Routing Problem
- From: "Tom Kersten" <tomkersten98@xxxxxxxxx>
- Date: 28 Dec 2005 15:00:05 -0800
Moe,
Thank you for the response...answers are below....
Moe Trin wrote:
> On 27 Dec 2005, in the Usenet newsgroup alt.os.linux.suse, in article
> <1135720510.901593.264060@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>, Tom Kersten wrote:
>
> >eth0 Link encap:Ethernet HWaddr 00:14:22:17:AB:C9
> > inet addr:192.1.36.11 Bcast:192.1.36.255 Mask:255.255.255.0
>
> Do you have permission from BBN Communications to be using these
> addresses?
I have modified the IP addresses that my node is using. I am actually
on a corporate network and the subnet is 10.x.x.x. So, for example,
instead of 192.1.34, my subnet is actually 10.1.x.x. I changed the IP's
just because it makes me leary...probably not necessary and may have
created more harm than good. If so, I apologize. I will stick with the
modified IP's just to prevent the confusion of switching to totally
different range.
>
> >eth1 Link encap:Ethernet HWaddr 00:14:22:17:AB:CA
> > inet addr:192.1.34.205 Bcast:192.1.34.255 Mask:255.255.255.0
>
> Same
>
Same....
> ># routing table
> ># route -n
> >Kernel IP routing table
> >Destination Gateway Genmask Flags Metric Ref Use Iface
> >192.1.36.0 192.1.36.1 255.255.255.0 UG 0 0 0 eth0
>
> Wrong. 192.1.36.0 is directly attached to eth0 - no gateway needed.
I don't understand why it won't work then. Having it set up the way it
is listed above does not work. If I remove this entry, it still does
not make it work. But if I make the default gateway of the machine
192.1.36.1 it does work, but no external web requests are resolved
correctly. I give more details on the setup below.
>
> 192.1.36.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
>
> Note that there can not be TWO gateways to the world, unless you are using
> >192.1.34.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
> >169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
>
> Windoze compatibility "LinkLocal" aslo called "ZeroConf". Not needed, but
> shouldn't be hurting anything.
I am assuming you are referring to the 169.x address. I have removed
that numerous times, but when I go into yast and modify the routing
table (to troubleshoot), it puts this entry back in, so I have just
left it because I was assuming it was not causing an issue.
>
> >127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
> >0.0.0.0 192.1.34.254 0.0.0.0 UG 0 0 0 eth1
>
> You are saying that the way to the _world_ is via 192.1.34.254. If that's
> not the case, you shouldn't have this entry, replacing it with specific
> network routes that you can reach via that gateway.
This gateway is the way to the world. I am considering 'the world' as
the internet. This gateway does not know anything about the 36 network.
>
> >Let me know if there are any others you'd be interested in.
>
> Do all the hosts on 192.1.36.0 know that if they want to talk to any host on
> 192.1.34.0, they have to send the packets to the gateway at 192.1.36.11?
Just to make sure, I am assuming you meant 192.1.36.1. The 192.1.36.11
IP is the IP I have assigned to eth0, which has just been given a
static IP on the 192.1.36.x subnet.
I don't really want all of the hosts on 192.1.36.0 to be able to talk
to that network, if that's possible. I only want one node on the
192.1.34.0 network to be able to talk to another single node on the
192.1.36.0 network. If it ends up that the node in the DMZ (192.1.34.0
network) has to be able to talk to any machine in the private VLAN
(192.1.36.0 network), that will be OK, but I only need it to talk to
our DB server...and would ideally only want that channel of
communication open between the networks.
> Do all the hosts on 192.1.34.0 know that if they want to talk to any host on
> 192.1.36.0, they have to send the packets to the gateway at 192.1.34.205?
The 192.1.34.205 IP is the IP that is set on eth1 of this web server.
This is the IP that the network maps external web requests to as they
come in. The gateway of the 192.1.34.0 network is 192.1.34.254.
Because I can't make ascii art ever turn out, here is a brief
explanation of what I am trying to accomplish.
I have a server in the DMZ that has two NICs. I want to recieve web
requests on one of those nics and respond to them. When a web request
comes in, I want the server to be able to make remote database calls to
another network that the 192.1.34.0 network switches do not have
permission to (it's a private VLAN, isolated from the 34 network). So,
I was told I could assign another IP to the other ethernet card in the
server and use it to communicate with this other network (the
192.1.36.0) network. So I assigned a static IP to that card
(eth0-192.1.36.11, private VLAN IP) and another static IP to the other
card (eth1-192.1.34.205).
So, the 'thought' was that I would be able to set up a rule that any
traffic that was headed to the 192.1.36.0 network would use gateway #1
(192.1.36.1) and all other traffic would be sent out gateway #2 (the
default gateway, 192.1.34.254).
Is this possible? I was told by our IT guys that it is not a problem in
Windows, so I assumed it was an option in SuSe also. I am beginning to
think it is not the correct way to set it up, but am not sure...
>
> If so, run 'tcpdump' on this host, and see what traffic is going where.
>
> Old guy
.
- Follow-Ups:
- Re: Dual NICs, Routing Problem
- From: JohnK
- Re: Dual NICs, Routing Problem
- From: houghi
- <LONG>Re: Dual NICs, Routing Problem
- From: Moe Trin
- Re: Dual NICs, Routing Problem
- References:
- Dual NICs, Routing Problem
- From: Tom Kersten
- Re: Dual NICs, Routing Problem
- From: Tom Kersten
- Re: Dual NICs, Routing Problem
- From: Moe Trin
- Dual NICs, Routing Problem
- Prev by Date: Re: What configuration files does Firefox use?
- Next by Date: Re: Question ; Video Settings for SUSE 10.0
- Previous by thread: Re: Dual NICs, Routing Problem
- Next by thread: <LONG>Re: Dual NICs, Routing Problem
- Index(es):
Relevant Pages
|
