[NTLUG:Discuss] Dual NIC Firewall - Problems with the external NIC

Mon Mar 24 21:17:19 CST 2003

Chris J Albertson wrote:
>  
>  So here is the ultimate question. Can I even have a default gw when I have two
>  NICs? Is that causing too much confusion? I'm adding the default route like
>  this: (Forget about the IP address not being legal for now....)
>  route add default gw 10.10.0.1
>  I would think that if I add the default gw with that IP address, it would
>  realize that it needs to go thru the external nic (eth1) to reach it and all
>  will be fine.
>  
>  Any help you guys can provide would be most excellent!
>  Thanks!
>  
>  --
>  Chris Albertson

Chris,

Make sure the following lines are in /etc/sysconfig/network

NETWORKING=yes
GATEWAY=w.x.y.z
GATEWAYDEV=eth1
FORWARD_IPV4=true

in /etc/sysconfig/network-scripts you have ifcfg-eth0 and ifcfg-eth1 
files that look like

NETMASK=255.255.0.0
BOOTPROTO=none
BROADCAST=w.x.255.255
IPADDR=w.x.y.z
NETWORK=w.x.0.0
ONBOOT=yes
DEVICE=eth0

/etc/sysconfig/static-routes looks something like

eth0 net w.x.0.0 netmask 255.255.0.0 gw w.x.y.z

gw is the same as the GATEWAY from network and net is the same as 
NETWORK from ifcfg-eth0

This assumes you want eth0 to be forwarded to eth1 as your external 
gateway.  This does not resolve your needs to masq your internal IP to 
external, but you didn't ask about that :)

Run "service network restart" (or start) to kick it off.  Run "netstat 
-nr" to check what it did.

If you want to do it by hand:

route add -net w.x.0.0 netmask 255.255.0.0 gw w.x.y.z eth0

I'm sure I missed a bunch :)

-- 
Greg Edwards
New Age Software, Inc. - http://www.nas-inet.com
======================================================
Galactic Outlaw        - http://goutlaw.nas-inet.com
   The ultimate cyberspace adventure!