routing issue

[Cain]

Hi, I have a rather weird (I guess) network topology and I could do with a little help with the routing setup...

ADSL <-> (Public IP 1) Hardware Router (Private IP) <-> (Public IP 2) Linux Router [Gentoo] (Public IP 2 + Private IP Bridged) <-> (Private IPs) Other Machines

This is a simplified view of my setup, the Linux Router is actually a xen domU as are some of the "Other Machines", some are machines connected to a switch connected to the Gentoo Router, some are connected wirelessly using openvpn and bridged with a tap interface and some come in through the internet using openvpn, we'll forget about the IPv6 tunnel for now... But that is pretty much irrelevant.

I have a block of 8 public IP addresses.

I currently have masquerading set up on the Linux Router and everything works as expected, everything behind it can access the internet using it's IP address (Public IP 2), I can plug in a machine directly into the Hardware Router and give it one of my public IP addresses and it can connect to the net using it.

My actual problem is this; I want to turn off masquerading on the Linux Router and give the machines behind it Public IP addresses, if I "just do it", the machines behind the Linux Router cant see past it, I'm thinking it has to be a problem with my routing table:

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface

PublicIPRange * 255.255.255.248 U 0 0 0 eth2
PublicIPRange * 255.255.255.248 U 0 0 0 br0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
192.168.0.0 * 255.255.255.0 U 0 0 0 br0
loopback * 255.0.0.0 U 0 0 0 lo
default HardwareRouterIP 0.0.0.0 UG 10 0 0 eth2


Any ideas?

[Cain]

Sorted it, The Hardware Router needed a route added to it's table.

[oz]

Hi, Cain!

Thanks for reporting back with the solution.