[Techtalk] routing between networks...
Julie
txjulie at austin.rr.com
Wed Aug 28 16:38:50 EST 2002
Walt wrote:
>
> Nils Philippsen wrote:
> Julie wrote:
> >Also, if she doesn't have a default route defined, or her gateway
> >to the outside world is other than the bridge between her two private
> >networks, she may well need a number of other routes.
> >
> >She doesn't, however, need "iptables" (which was another question).
>
> My server on 10.0.0.1 provides internet
> access to my 10.0.0.0 network using IPTables.
It should be able to provide that to your 10.0.1.0
network as well, then.
> Can forwarding packets to/from the internet
> for the network on the other side of the bridge
> (10.0.1.0) be accomplished with routes instead
> of iptables?
>
> Below is a rough diagram of my network...
>
> _________ ___________ _________
> |10.0.0.1| |10.0.0.2& | |10.0.1.0|
> |gateway |______|10.0.1.1 |____|Network |
> |between | | | "Bridge" | |________|
> |10.0.0.0| | |__________|
> | and | |
> |internet| | __________
> |________| |__|10.0.0.0 |
> |Network |
> |_________|
"routes" and "iptables" are orthogonal. You'll need to have a
route from the 10.0.1/24 net (what you call "10.0.1.0") over
to the 10.0.0/24 net so those packets can eventually make it
to 10.0.0.1. So you need something like
route add -net 10.0.0.0/24 gw 10.0.1.1
on the machines on 10.0.1/24. However, since "bridge" is
essentially the "gateway" for 10.0.1/24 to the entire internet
outside of the 10.0.1/24 net, you might as well just say
route add default 10.0.1.1
the "bridge" will route the packets which aren't for 10.0.0/24
to 10.0.0.1 because it should have a default route of 10.0.0.1.
The "gateway" machine (10.0.0.1) is what needs to run ip_tables,
and you said you're doing that already.
--
Julianne Frances Haugh Life is either a daring adventure
txjulie at austin.rr.com or nothing at all.
-- Helen Keller
More information about the Techtalk
mailing list