routes are killing me - how to?

[Keary Suska]

on 11/6/02 10:30 PM, jeglin@4pi.com purportedly said:

> Done years ago, public network, static IPs. Now I have this Linux box
> with two NICs: eth1 is 63.220.231.132 and is connected to a physical
> router. eth0 is 192.168.0.1 and is connected to another physical
> router. Obviously, I want the private network connected to the
> private router to see the public network connected to the public
> router and vice versa.

There may be some issues regarding your configuration that you don't
mention, but I will try to address what we know. IMHO, using hardware
routers only overcomplicates your network topology unless you have at least
hundreds of machines. If you are concerned about network performance, use
switches instead. If you are concerned about security, use firewalls
instead. Just from what you have provided, it seems to me that the private
network router is simply redundant. It would be simpler to remove it from
the network entirely. (Now, you do mean *router* vs hub or switch?)

Anyway, I will assume that your YDL box is acting as a router between the
192.168.0.0 network (through eth1) and the public network (through eth0). By
simply bringing up the two interfaces should set up routes for these two
networks. The default gateway for your private router should be 192.168.0.1.
On a side note, make sure that none of your private routers use the network
address (e.g. 192.168.0.0--depends on your netmask)

Now, get the firewall script found at:
http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/firewall-examples.html#RC.FIRE
WALL-2.4.X

edit according to your configuration, then execute the script. That should
be all there is to it. The script will set up forwarding and masquerading
for you.

If that doesn't work, we will need to see the whole network topology (up to
your Internet connection), including IP's and corresponding netmasks, to
diagnose any further.

Keary Suska
Esoteritech, Inc.
"Leveraging Open Source for a better Internet"