[Techtalk] routing between networks...

Nils Philippsen nils at wombat.dialup.fht-esslingen.de
Thu Aug 29 00:07:16 EST 2002

On Wed, 2002-08-28 at 23:50, Julie wrote:
> Nils Philippsen wrote:
> > This clarifies things (I thought your bridge and firewall would be the
> > same machine). In theory, it should suffice for you to set up the route
> > on your firewall, though. When a host on tries to reach
> > something in, it sends packets to which will relay the
> > packet through the static route and issue an ICMP REDIRECT to the
> > originating host which will update its dynamic routing table. At least
> > Linux boxes should do it -- you can always set a static route on all
> > 10.0.0.x hosts to be on the safe side, but it's more cumbersome.
> Oh, that's something I hadn't even thought of -- my firewall has
> 4 interfaces on it and I didn't even think about what was going
> to happen to hosts on the 10.0.0/24 net who wanted to reach 10.0.1/24.
> All of the machines in the house have the firewall as their default
> route.

... which is why you don't need to issue static routes to your networks.
> Though I think in your example you mean that when a host on 10.0.0/24
> wants to send a packet to 10.0.1/24 it is sent to (the default
> route, no?), and uses its static route to send it to
> and issues the ICMP REDIRECT back to the originator.


Nils Philippsen / Berliner Straße 39 / D-71229 Leonberg //
   nils at wombat.dialup.fht-esslingen.de / nils at redhat.de / nils at lisas.de
   PGP fingerprint:  C4A8 9474 5C4C ADE3 2B8F  656D 47D8 9B65 6951 3011
       Ever noticed that common sense isn't really all that common?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://linuxchix.org/pipermail/techtalk/attachments/20020829/838975f6/attachment.pgp

More information about the Techtalk mailing list