[NTLUG:Discuss] routing concept

Eric Schnoebelen eric at cirr.com
Sun Mar 2 16:46:32 CST 2008 

Richard writes:
- On Fri, Feb 29, 2008 at 4:03 PM, Richard <ntlug at rain4us.net> wrote:
- >> I have an internet connection that has been assigned a SINGLE ip
- >> address with a class C addreses.   Then I have a /29 subnet being
- >> routed TO that single ip address on the class C subnet.
- 
- [best viewed with a non-proportional based font]
- 
-                         ______
-  \                     |      |
- I \4.2.2.1      4.2.2.3|      |
- S |--------------------|      |eth1
- P |                eth0|      |------
-  /                     |      |
-                        |      |
-                   hdlc0|      |
-    To ISP#1<-----------|______|
- 
- Let me see if I can explain this better.  Let's say that I've
- been given a real world IP address of 4.2.2.3 for a real world
- address with a gateway of 4.2.2.1.   Getting that bound is easy
- and works.
- 
- Now let's say that the ISP is routing 5.2.2.0/29 to me. (That
- leaves me with the IP address range  5.2.2.0 - 5.2.2.7)  Those
- ip addresses will be routed THROUGH 4.2.2.3.  This means that I
- am going to have to bind the 5.2.2.0/29 subnet SOMEWHERE in the
- Linux box.  Now If I just bind an IP address like 5.2.2.1 as a
- secondary IP address on ETH0 (eth0:1), what am I going to have
- to do to get the packets to route properly?  I'm wondering if
- I'll have to set the default route of eth0:1 to be the 4.2.2.3
- address.

What exactly are you trying to do?  Knowing the answer to that
question will be very helpful.

Now, for my views.. :D  I'm going to assume you're trying to set
up a network of publically addressed servers behind the router.
A DMZ, as it were... 

The ugly thing is that you have connections to two different
ISP's, but routable addresses from only one of them.  So, fail
over between the ISP's is not possible.

Anyway, back how to configure the router.

	eth0 is the external (WAN) interface to ISP#2
	eth1 is the DMZ interface.
	hdlc0 is the external (WAN) interface to ISP#1
	eth2 (non-existant?) is the internal (NAT'd) interface.

	eth0 gets ip address 4.2.2.3
	eth1 gets ip address 5.2.2.6 (I like the upper address
			as the router gateway)
	hdlc0 gets what ever ISP#1 assigns
	eth2 gets ip address 192.168.0.254

The routes are on the router are:
	default	-> 4.2.2.1
	NAT on hdlc0 mapping 192.168.0/24 -> hdlc0
	NAT on hdlc0 mapping 5.2.2.0/29 -> hdlc0
	NAT on eth0 mapping 192.168.0/24 -> eth0

The routes on the DMZ hosts:
	default -> 5.2.2.6

The routes on the private network hosts:
	default -> 192.168.0.254
	

My thoughts are that your connection via hdlc0 is pretty close
to useless, unless you can get a fully routable class C, and are
able set up a BGP session between both ISP's announcing your
routes.

Does this help any?

Oh, one thought.. Keep it simple.  Simplify, simplify, simplify!

--
Eric Schnoebelen		eric at cirr.com		http://www.cirr.com
  "Some people say that cats are sneaky, evil, and cruel.  
   True, and they have many other fine qualities as well."  --Missy Dizick

More information about the Discuss mailing list