[NTLUG:Discuss] setting routes with mandrake 9.0

Rob Apodaca rapodaca at raacc.com
Tue Feb 3 06:56:38 CST 2004 

On Mon, 2004-02-02 at 23:45, Jay Urish wrote:
> Hey group-
> I am pulling my hair out over something that I know is dead simple.
> 
> I have 2 NICs in my mandrake 9.0 server. One has a public IP a.a.a.a the 
> other is on a private LAN b.b.b.b
> 
> I am NOT trying to do any routing, I just want this machine to be 
> accessable on the private LAN via VPN.

I think you do want to do routing...but it sounds like you don't want to
do ip forwarding. IP forwarding is disabled by:
$ echo 0 > /proc/sys/net/ipv4/ip_forward
Or enabled by:
$ echo 1 > /proc/sys/net/ipv4/ip_forward

> 
> Let me make the picture bigger--- I am using a Netgear FVS 318 to VPN into 
> the network. I have discovered that unless a machine on the LAN behind the 
> router has a valid IP >>>AND<< and default route, you can't see it though 
> the tunnel.. I verified this by setting a Cisco WAP11 802.11b AP on the lan 
> with no default gateway. I could not ping it through the VPN till someone 
> locally logged in and put in the default gateway.
> 
> SO to my main question--- I already have a default gateway on the linux 
> box.. What I need is 2 default gateways, one for each network and NIC.
> 
> I found a file /etc/sysconfig/static routes but the kernel or netscript 
> seems to be ignoring it.
> 
> It looks like this at the moment
> root at ns:/etc/sysconfig>cat static-routes
> eth1 net 192.168.11.0 netmask 255.255.255.0 gw 192.168.11.1
> 
> Any ideas?

You probably want to look a the manpage for the route command. From
there, print your route table:
$ route -n

To extend your above example, if I had two nics; eth0 with public ip
a.a.a.a (with default gw a.a.a.b via eth0) and eth1 with private ip
192.168.1.10 255.255.255.0 and I wanted to be able to reach another
private network...lets say 10.0.0.0 255.0.0.0 AND my default route
through a.a.a.a's gw doesn't know how to get to 10.0.0.0 but another
router on my 192.168.1.0 network does know - lets say its ip address is
192.168.1.1.

Without doing anything special my existing route table would look
something like this:

Destination     Gateway         Genmask                 Flags Metric
Ref    Use Iface
a.a.a.a             0.0.0.0         255.255.255.xxx U        
0           0        0     eth0
192.168.1.0     0.0.0.0         255.255.255.0     U         0          
0        0     eth1
127.0.0.0         127.0.0.1     255.0.0.0             UG      
0           0        0     lo
0.0.0.0             a.a.a.b         0.0.0.0                 UG      
1           0        0     eth0

This table only knows about the networks which are directly connected to
eth0 and eth1 and by proxy, it knows whatever the router located at
a.a.a.b knows.

You see that the above route table has no knowledge of the 10.0.0.0. It
would be unlikely that the default gw; a.a.a.b would know anything about
it either. I could issue the following command to add the new route:

$ route add -net 10.0.0.0 netmask 255.0.0.0 gw 192.168.1.1

Then by running route -n, I would see a new entry:

Destination  Gateway              Genmask           Flags Metric Ref   
Use Iface
10.0.0.0        192.168.1.1      255.0.0.0       UG       0          
0        0     eth1

Now if I tried to ping a host, say 10.0.0.25, my machine consults it's
route table and finds the above entry. The 192.168.1.1 router is
contacted via eth1 and asked to route my request.

It is important to note that 10.0.0.25 would also need to know how to
route back to the 192.168.1.0 network - presumably the 192.168.1.1
router would have this knowledge.

Only in the event that there is not a specific route to a specific host
or network will your machine consult it's default gw.

I hope this is helpful, perhaps if you post your lan details, I could
give you a more specific example.

Cheers,
-Rob

More information about the Discuss mailing list