[Techtalk] routing between networks...

Nils Philippsen nils at wombat.dialup.fht-esslingen.de
Thu Aug 29 00:07:16 EST 2002


On Wed, 2002-08-28 at 23:50, Julie wrote:
> Nils Philippsen wrote:
> > This clarifies things (I thought your bridge and firewall would be the
> > same machine). In theory, it should suffice for you to set up the route
> > on your firewall, though. When a host on 10.0.0.0 tries to reach
> > something in 10.0.1.0, it sends packets to 10.0.1.0 which will relay the
> > packet through the static route and issue an ICMP REDIRECT to the
> > originating host which will update its dynamic routing table. At least
> > Linux boxes should do it -- you can always set a static route on all
> > 10.0.0.x hosts to be on the safe side, but it's more cumbersome.
> 
> Oh, that's something I hadn't even thought of -- my firewall has
> 4 interfaces on it and I didn't even think about what was going
> to happen to hosts on the 10.0.0/24 net who wanted to reach 10.0.1/24.
> All of the machines in the house have the firewall as their default
> route.

... which is why you don't need to issue static routes to your networks.
 
> Though I think in your example you mean that when a host on 10.0.0/24
> wants to send a packet to 10.0.1/24 it is sent to 10.0.0.1 (the default
> route, no?), and 10.0.0.1 uses its static route to send it to 10.0.0.2
> and issues the ICMP REDIRECT back to the originator.

Exactly.

Nils
-- 
Nils Philippsen / Berliner Straße 39 / D-71229 Leonberg //
+49.7152.209647
   nils at wombat.dialup.fht-esslingen.de / nils at redhat.de / nils at lisas.de
   PGP fingerprint:  C4A8 9474 5C4C ADE3 2B8F  656D 47D8 9B65 6951 3011
       Ever noticed that common sense isn't really all that common?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://linuxchix.org/pipermail/techtalk/attachments/20020829/838975f6/attachment.pgp


More information about the Techtalk mailing list