Linux router w/3 nics - need help with routing

10-31-2003, 02:07 AM

Howdy

I am setting up a RedHat 7.3 router on a Dell gmt5100 (i586). When
I boot up the machine the routing table shows (2) entries for eth2.
How dose this happen? Is there a file somewhere that contains this
information?

I have been trying to delete the unwanted routing information and
then install the route I want. While I can easily install the route I
want I have not been able to find the magic combo to delete the
unwanted routes for eth2.
Can someone tell me what form the route del -net 63.225.xxx.0 dev
eth2 command should take.

I have printed out the route man page and read it too many times.
HELP!

-=-
contains of /etc/sysconfig/network-scripts/ifcfg-eth*

DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.0.1
NETMASK=255.255.255.0
GATEWAY=63.225.xxx.x8

DEVICE=eth1
ONBOOT=yes
IPADDR=63.225.xxx.x6
NETMASK=255.255.255.0

DEVICE=eth2
ONBOOT=yes
IPADDR=63.225.xxx.x7
NETMASK=255.255.255.0

-=-
output of ifconfig
eth0 Link encap:Ethernet HWaddr 00:A0:C9:84:02:36
inet addr:192.168.0.1 Bcast:192.168.0.255
Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:4 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:168 (168.0 b)
Interrupt:11

eth1 Link encap:Ethernet HWaddr 00:50:BA:54:F8:3D
inet addr:63.225.xxx.x6 Bcast:63.225.xxx.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:960 (960.0 b)
Interrupt:10 Base address:0x8400

eth2 Link encap:Ethernet HWaddr 00:40:05:59:9F:03
inet addr:63.225.xxx.x7 Bcast:63.225.xxx.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:240 (240.0 b)
Interrupt:5 Base address:0x240

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:70 errors:0 dropped:0 overruns:0 frame:0
TX packets:70 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4892 (4.7 Kb) TX bytes:4892 (4.7 Kb)

-=-
output of route -n
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref
Use Iface 63.225.xxx.0 0.0.0.0 255.255.255.0 U 0 0 0
eth2
63.225.xxx.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 63.225.xxx.x8 0.0.0.0 UG 0 0 0 eth1

-=-
containts of /etc/rc.d/rc.local

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

touch /var/lock/subsys/local
echo 1 > /proc/sys/net/ipv4/conf/eth2
echo 1 > /proc/sys/net/ipv4/conf/all/proxy-arp
echo 1 > /proc/sys/net/ipv4/tcp-syscookies
-==-

using iptables and shorewall 1.4.10a

TIA

Bob

11-01-2003, 02:02 AM

On 30 Oct 2003 19:07:36 -0800, bob <(E-Mail Removed)> wrote:
> Howdy
>
> I am setting up a RedHat 7.3 router on a Dell gmt5100 (i586). When
> I boot up the machine the routing table shows (2) entries for eth2.
> How dose this happen? Is there a file somewhere that contains this
> information?

You have the same network on 2 different interfaces (same netmask and
broadcast). One of them either needs to be configured with different
netmask and broadcast, or if one (eth1?) leads only to the default gw, it
should have netmask 255.255.255.255, broadcast same as its IP, a host
route to 63.225.xxx.x8, and default gw 63.225.xxx.x8 (listing that gw
under eth0 with 192.168.0.0/24 network is wrong).

Or if you actually have multiple hosts on eth1 & eth2 (using proxy_arp)
you need to figure out the maximum IPs you need in one of them and set
that one to a more limited subnet of your main subnet. For example my
wireless subnet is a 255.255.255.248 portion of my main LAN subnet with
proxy_arp enabled on the main LAN interface.

For example to split the proxy_arp network in half:
eth1 63.225.xxx.x6 netmask 255.255.255.0
eth2 63.225.xxx.129 netmask 255.255.255.127

> I have been trying to delete the unwanted routing information and
> then install the route I want. While I can easily install the route I
> want I have not been able to find the magic combo to delete the
> unwanted routes for eth2.
> Can someone tell me what form the route del -net 63.225.xxx.0 dev
> eth2 command should take.

route del -net 63.225.xxx.0 netmask 255.255.255.0 dev eth2
But that might delete both of them, and you might have to add one back.
But if you properly configure your subnets, you would not have that
problem.

BTW, what is the point of writing 1 to a directory in your rc.local (see
below)?

> I have printed out the route man page and read it too many times.
> HELP!
>
> -=-
> contains of /etc/sysconfig/network-scripts/ifcfg-eth*
>
> DEVICE=eth0
> ONBOOT=yes
> BOOTPROTO=static
> IPADDR=192.168.0.1
> NETMASK=255.255.255.0
> GATEWAY=63.225.xxx.x8
>
> DEVICE=eth1
> ONBOOT=yes
> IPADDR=63.225.xxx.x6
> NETMASK=255.255.255.0
>
> DEVICE=eth2
> ONBOOT=yes
> IPADDR=63.225.xxx.x7
> NETMASK=255.255.255.0
>
> -=-
> output of route -n
> Kernel IP routing table Destination Gateway Genmask Flags Metric Ref
> Use Iface 63.225.xxx.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth2
> 63.225.xxx.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
> 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
> 0.0.0.0 63.225.xxx.x8 0.0.0.0 UG 0 0 0 eth1
>
> -=-
> containts of /etc/rc.d/rc.local
>
> #!/bin/sh
>
> touch /var/lock/subsys/local
> echo 1 > /proc/sys/net/ipv4/conf/eth2

Why do you echo 1 to a directory above?

> echo 1 > /proc/sys/net/ipv4/conf/all/proxy-arp
> echo 1 > /proc/sys/net/ipv4/tcp-syscookies
> -==-
>
> using iptables and shorewall 1.4.10a
>
> TIA
>
> Bob

--
David Efflandt - All spam ignored http://www.de-srv.com/

11-01-2003, 10:39 PM

David

The network is a classic 3 nic router providing the following setup.

Internet
|
cisco
router
63.225.xxx.x8
|
net
|
63.225.xxx.x6
eth1
============
| fw | 63.225.xxx.x7
| linux | eth2 ------ dmz----- 63.225.xxx.x3
| router | 63.225.xxx.x4
============ 63.225.xxx.x5
eth0
192.168.0.1
|
loc
|
192.168.0.2/12

The setup is probably originally from a 5.2 firewall set some years
back and has just migrated with each upgrade of machine and os.
Why I am echoing 1 to the sub-directory /eth2 I don't know. Looks
like I can safely remove that line.

I used the route command twice and removed both eth2 lines from the
route output. Then added lines to route eth1 and eth2.
below is the new state of the system. Does this look correct?

output of route -n
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref
Use Iface
63.225.xxx.x7 0.0.0.0 255.255.255.255 UH 0 0 0 eth2
63.225.xxx.x6 0.0.0.0 255.255.255.255 UH 0 0 0 eth1
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 63.225.xxx.x8 0.0.0.0 UG 0 0 0 eth1

containts of /etc/rc.d/rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

touch /var/lock/subsys/local
route del -net 63.225.xxx.0 netmask 255.255.255.0 dev eth2
route del -net 63.225.xxx.0 netmask 255.255.255.0 dev eth2
echo 1 > /proc/sys/net/ipv4/conf/all/proxy-arp
echo 1 > /proc/sys/net/ipv4/tcp-syscookies
route add 63.225.xxx.x6 eth1
route add 63.225.xxx.x7 eth2

Thanks
Bob

(E-Mail Removed) (David Efflandt) wrote in message news:<(E-Mail Removed)>...
> On 30 Oct 2003 19:07:36 -0800, bob <(E-Mail Removed)> wrote:
> > Howdy
> >
> > I am setting up a RedHat 7.3 router on a Dell gmt5100 (i586). When
> > I boot up the machine the routing table shows (2) entries for eth2.
> > How dose this happen? Is there a file somewhere that contains this
> > information?
>
> You have the same network on 2 different interfaces (same netmask and
> broadcast). One of them either needs to be configured with different
> netmask and broadcast, or if one (eth1?) leads only to the default gw, it
> should have netmask 255.255.255.255, broadcast same as its IP, a host
> route to 63.225.xxx.x8, and default gw 63.225.xxx.x8 (listing that gw
> under eth0 with 192.168.0.0/24 network is wrong).
>
> Or if you actually have multiple hosts on eth1 & eth2 (using proxy_arp)
> you need to figure out the maximum IPs you need in one of them and set
> that one to a more limited subnet of your main subnet. For example my
> wireless subnet is a 255.255.255.248 portion of my main LAN subnet with
> proxy_arp enabled on the main LAN interface.
>
> For example to split the proxy_arp network in half:
> eth1 63.225.xxx.x6 netmask 255.255.255.0
> eth2 63.225.xxx.129 netmask 255.255.255.127
>
> > I have been trying to delete the unwanted routing information and
> > then install the route I want. While I can easily install the route I
> > want I have not been able to find the magic combo to delete the
> > unwanted routes for eth2.
> > Can someone tell me what form the route del -net 63.225.xxx.0 dev
> > eth2 command should take.
>
> route del -net 63.225.xxx.0 netmask 255.255.255.0 dev eth2
> But that might delete both of them, and you might have to add one back.
> But if you properly configure your subnets, you would not have that
> problem.
>
> BTW, what is the point of writing 1 to a directory in your rc.local (see
> below)?
>
> > I have printed out the route man page and read it too many times.
> > HELP!
> >
> > -=-
> > contains of /etc/sysconfig/network-scripts/ifcfg-eth*
> >
> > DEVICE=eth0
> > ONBOOT=yes
> > BOOTPROTO=static
> > IPADDR=192.168.0.1
> > NETMASK=255.255.255.0
> > GATEWAY=63.225.xxx.x8
> >
> > DEVICE=eth1
> > ONBOOT=yes
> > IPADDR=63.225.xxx.x6
> > NETMASK=255.255.255.0
> >
> > DEVICE=eth2
> > ONBOOT=yes
> > IPADDR=63.225.xxx.x7
> > NETMASK=255.255.255.0
> >
> > -=-
> > output of route -n
> > Kernel IP routing table Destination Gateway Genmask Flags Metric Ref
> > Use Iface 63.225.xxx.0 0.0.0.0 255.255.255.0 U 0 0 0
> > eth2
> > 63.225.xxx.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
> > 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
> > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
> > 0.0.0.0 63.225.xxx.x8 0.0.0.0 UG 0 0 0 eth1
> >
> > -=-
> > containts of /etc/rc.d/rc.local
> >
> > #!/bin/sh
> >
> > touch /var/lock/subsys/local
> > echo 1 > /proc/sys/net/ipv4/conf/eth2
>
> Why do you echo 1 to a directory above?
>
> > echo 1 > /proc/sys/net/ipv4/conf/all/proxy-arp
> > echo 1 > /proc/sys/net/ipv4/tcp-syscookies
> > -==-
> >
> > using iptables and shorewall 1.4.10a
> >
> > TIA
> >
> > Bob

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Routing with Multiple NICs.	Brian Patterson	Windows Networking	4	04-22-2008 02:32 PM
routing behaviour with two nics on same subnet	spip_yeah@yahoo.com	Linux Networking	5	11-12-2006 08:49 PM
If I replace my existing Linksys box with Linux Router, how can I know what kind of Routing to be enabled on my Linux Box?	santa19992000@yahoo.com	Linux Networking	3	01-06-2005 01:18 PM
2 NICs and routing	bucrepus	Windows Networking	5	08-16-2004 09:32 PM
itx 3 nics with flash drive linux router anyone?	Joseph	Linux Networking	4	07-29-2004 11:58 PM