Results 1 to 2 of 2
Hi everyone, im barely new to linux, and i have a question about subnets, sorry if my question seems dumb im really not yet familiar with the big world of ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 07-07-2005 #1
- Join Date
- Jul 2005
Help on routing
this is my current setup:
and this how i want it to be :
|####linux box ###|----------------------------->internet (eth0)
I want to put a linux box in the middle of the gw & the switch with 3 nics:
eth0- will be connected to a dsl line,
eth1- will be connected to the gw
eth2-will be connected to the switch
I want the change to be transparent, without the users nor the gw changing their settings (IPs,NMs,GWs) the purpose of the box is i want to do traffic routing/filtering by port of destination if it is intended for the dsl line (port 80,443,21,22 etc..) or the gw (to other internal application) or simply dropped (for unauthorized ports) and the other reason why i cannot change the users nor the gw settings is should something happen to my linux box or i want to do some upgrade (to ebtables maybe..) all i need to do is connect the switch to the router (bypassing the linux box) and they will still be able to access applications beyond the gw and suffer internet/ftp connection only (which is my original setup)..
How do i go about this? i tried using 22.214.171.124 nad 126.96.36.199 on eth1 & eth2 to have them on the same network as the gw and users but it did not work, i read somewhere that i should do further subnetting, and i managed to change eth2 to 188.8.131.52/255.255.255.0 but the users cant see it (cant ping)..
Hope anyone out there could help/enlighten me...
- 07-07-2005 #2
- Join Date
- May 2004
Disclaimer: I don't know anything about networking, but no one else has responded, so let's see what sticks to the wall:
I don't think you can do exactly like you want. That is, you can set up the Linux box, but I think not with the IP addresses you show and so you won't be able to return to your original configuration without changing the addresses. But then, if user1 is the only one who will be affected, it would be easy to make adjustments after de-commissioning the Linux box.
My neophyte understanding of this stuff says that a "network" as defined by the IP range and netmask is limited to those NICs that are all on one wire (or joined through a switch). Two (or more) NICs in one box must be connected to separate "networks" as defined by the IP range and netmask. So if the [gw-connected NIC in the Linux box] is on a different network from the [user1-connected NIC in the Linux box], you won't be able to replace the Linux box with a switch without changing something.
Also, I think that with the Linux box in place, the gateway for user1 will be the Linux box and not "gw".
I think you probably can set up user1 (and any other users on that side) as a subnet (184.108.40.206/24 or something...) so that removing the Linux box would entail changing default gateways and netmasks only, without need for changing IP addresses.
Comments or corrections to foregoing are welcome, but don't forget the disclaimer.../IMHO
///this use to look better