Find the answer to your Linux question:
Results 1 to 2 of 2
Hi Guys, I have been stuck on a routing issue for some time now. We have two internet break out points in our organisation, All the key managemtn staff, is ...
  1. 06-15-2011 #1
    zimmerf
    zimmerf is offline
    Just Joined!
    Join Date
    Jun 2011
    Posts
    1

    IP Routing for multiple gateways

    Hi Guys,

    I have been stuck on a routing issue for some time now. We have two internet break out points in our organisation, All the key managemtn staff, is required to breakout through a new breakout point i.e. through gw 200.1.20.2 for example:

    route add -host 192.168.0.34 gw 200.1.20.2 dev eth1

    We also have a route add of 10.0.0.0 that forwards to 192.168.0.1 to our hosting eviroment and this rule must apply to everyone, including the key management staff.

    My question is, how can one create a route to for key management to break out via 200.1.20.2, when the default gateway for everyone is 200.1.10.2 and still have access to the 10.0.0.0 range.

    ifconfig is as follows: -


    eth0 Link encap:Ethernet HWaddr 00:30:4F:84:AF:42
    inet addr:200.1.10.1 Bcast:200.1.10.255 Mask:255.255.255.0
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:22707754 errors:0 dropped:0 overruns:0 frame:0
    TX packets:16657003 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:2639257250 (2516.9 Mb) TX bytes:2596328663 (2476.0 Mb)
    Interrupt:19 Base address:0x6000

    eth1 Link encap:Ethernet HWaddr 00:30:4F:75:6A:E0
    inet addr:200.1.20.1 Bcast:200.1.20.255 Mask:255.255.255.0
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:106 errors:0 dropped:0 overruns:0 frame:0
    TX packets:93 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:6902 (6.7 Kb) TX bytes:15116 (14.7 Kb)
    Interrupt:20 Base address:0xc000

    eth2 Link encap:Ethernet HWaddr 6C:F0:49:E1:75:AF
    inet addr:192.168.0.180 Bcast:192.168.255.255 Mask:255.255.0.0
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:33766983 errors:0 dropped:0 overruns:0 frame:0
    TX packets:32406975 errors:0 dropped:0 overruns:0 carrier:3
    collisions:0 txqueuelen:1000
    RX bytes:1365030581 (1301.7 Mb) TX bytes:1328281625 (1266.7 Mb)
    Interrupt:28
    Reply With Quote Reply With Quote
  2. 06-17-2011 #2
    nplusplus
    nplusplus is offline
    Just Joined!
    Join Date
    Apr 2010
    Posts
    69
    Zimmerf,

    This really sounds like a network design decision. I mean, if you have a group of folks who must receive different routing/filtering treatment, then I think your most straightforward options are:

    1) Place your management staff in another network (say 192.168.1.0/24). Add another interface to your local gateway to act as the default gateway for the new network (say 192.168.1.180). Implement routing rules to route the new network out the second egress link. You could manage this with various switch and router capabilities (i.e. new hardware, VLANs, 802.1q tagged VLANs).

    2) Create a VPN service on the gateway for your management staff and configure routing rules for the VPN to route their traffic out of the second egress link.

    N++
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

...