On Fri, 20 Aug 2004 10:19:51 +0800, Jemy <(E-Mail Removed)> wrote:
> Hi all,
> We are running redhat 7.3 linux based firewall+nat+iptable server with 2
> nics, with 1 public ip + 1 internal network. However, due to our setup and
> upgrade recently, we cater additional public ip (belong to same network as
> previous public ip). Due to iptables do not work with ip aliases, we are now
> adding additional nic card to serve the new ip. Now, total 3 nics.
>
>
> |------- public ip 1 (same network as public ip 2) x.y.37.19
> (eth0)
> |
> |
> |------- public ip 2 (same network as public ip 1) x.y.37.22
> (eth2)
> |
> |
> |------- internal network 192.168.1.0 (eth1)
>
> We just tested the system and some mapping and routing do not work its way,
> many mapping do not work thru eth0 -> eth1, some work. The following is the
> routing table, generated automatically by the network service.
>
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> x.y.37.16 (broadcast) * 255.255.255.248 U 0 0 0
> eth2
> x.y.37.16 * 255.255.255.248 U 0 0 0 eth2
> 192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
> 169.254.0.0 * 255.255.0.0 U 0 0 0 eth2
> 127.0.0.0 * 255.0.0.0 U 0 0 0 lo
> default x.y.37.17 (gateway) 0.0.0.0 UG 0 0 0
> eth2
>
> Is there anything wrong or incomplete table? eth0 seems missing. Should it
> be there? I am a newbie in configuring routing, should anything be
> configured manually? Any suggestion is very much appreciated.
Whichever one of eth0 or eth2 that is your public interface (to internet)
should likely have netmask 255.255.255.255, host route to x.y.37.17, and
that as gateway. Whichever one of those is your public DMZ (public IPs
behind your router) should have the 255.255.255.248 netmask. You can
actually use the same IP for eth0 and eth2, as long as netmasks and
routing are correct (different).
--
David Efflandt - All spam ignored
http://www.de-srv.com/
Similar Threads
Linear Mode
