tiered network

Qwest gave us a tiered network setup for our server rack which is new to me.
The reason we chose for this setup is load balancing/redundancy/firewalling
and monitoring.

The networks we have:

63.146.190.144/29
gateway: 63.146.190.145
ips: 63.146.190.148 through 63.146.190.150 (they claim .146 and .147 are
unusable, haven't tested it)

And:
66.77.170.0/25

ips: 66.77.170.1 through 66.77.170.126


In the near future we are going to install an F5 router, but they are pretty
$$$, so has to wait for a little while.

So for now I need a temporarily router solution preferable based on Linux
(Debian) or OpenBSD and suggestions for other types of hardware based
solutions are welcome as well.

First question:
From what I understand now is that I have to setup some router with e.g.
external IP 63.146.190.148 and internal IP 66.77.170.1 which will be the
gateway for 66.77.170.2 through 66.77.170.126. Where to start if I use e.g.
Linux? I prefer not to usa NAT. Iptables, iproute or just forwarding is
sufficient?

Second question:
I like to connect the servers to each other over a local network to mount
drives, make backups etc. Do i need a router for this as well which serves
as a gateway?

Thanks for the advise!

Martijn Stam
Cistron ng is still alive :-)




Martijn Stam

Install http://support.microsoft.com/kb/900930 to read this message.
begin quote of Martijn Stam ((E-Mail Removed)):
> Qwest gave us a tiered network setup for our server rack which is new to me.
> The reason we chose for this setup is load balancing/redundancy/firewalling
> and monitoring.
>
> The networks we have:
>
> 63.146.190.144/29
> gateway: 63.146.190.145
> ips: 63.146.190.148 through 63.146.190.150 (they claim .146 and .147 are
> unusable, haven't tested it)

The reason for this is simple:

[ Router A 63.146.190.146 ] \
[switch] -> Virtual router 63.146.190.145
[ Router B 63.146.190.147 ] /

So, you're connected to a switch which is connected to two
routers with two ips and one virtual ip.

> And:
> 66.77.170.0/25
>
> ips: 66.77.170.1 through 66.77.170.126
>
>
> In the near future we are going to install an F5 router, but they are pretty
> $$$, so has to wait for a little while.
>
> So for now I need a temporarily router solution preferable based on Linux
> (Debian) or OpenBSD and suggestions for other types of hardware based
> solutions are welcome as well.
>
> First question:
> From what I understand now is that I have to setup some router with e.g.
> external IP 63.146.190.148 and internal IP 66.77.170.1 which will be the
> gateway for 66.77.170.2 through 66.77.170.126. Where to start if I use e.g.
> Linux? I prefer not to usa NAT. Iptables, iproute or just forwarding is
> sufficient?

Just forwarding. On the 66.77.170.0/25 side you can connect a
switch and use 66.77.170.1 as default gateway.

> Second question:
> I like to connect the servers to each other over a local network to mount
> drives, make backups etc. Do i need a router for this as well which serves
> as a gateway?

No, they can just connect over the local lan (66.77.170.0/25).

Note that you don't need a 'real' router, a layer 3 switch with
routing engine will do just fine. Simply define two VLANs on the
switch, create network interfaces on the VLANs and enable routing
on them.
The advantage of this sollution is that you can connect to Qwest
over two seperate cables to their routers, which is slightly more
reliable than connecting over just one cable to a Qwest switch.

Something like a 3com superstack 3 3250 will cost you less than
1000 euro and it has 48 100/10 ports and 2 gbit uplink ports.
Don't know how many machines you're initially going to connect
though.

--
Erik Hensema ((E-Mail Removed)) ICQ# 8280101
Registered Linux user #38371 -- http://counter.li.org

"Martijn Stam" <(E-Mail Removed)> wrote in message
news:42c6ad0a$0$4472$(E-Mail Removed)4al l.nl...
>

Simply enabling ip_forward and optional firwalling did the trick.
63.146.190.148 is main IP
66.77.170.1 is the gateway for 66.77.170.2 through 66.77.170.126

Martijn Stam