RE: [leaf-user] CISCO 1600 Router Replacment

[Ray Olszewski]

Thanks for the additional details, Chris. As you'll see in my comments 
below, you don't need LEAF to do "everything" the Cisco can do. What you 
need is much easier to achieve than some of us had guessed based on your 
earlier, more general question. Whether LEAF (or any Linux-based routing) 
is a good choice for this setting, though, remains uncertain, due to some 
residual vagueness in your report.

At 03:54 PM 8/12/2004 +0800, Chris Lee wrote:
Dear Ray,
Thanks for your reply.
Here is the existing setup
Internet --> NetDSL Cable Modem --> CISCO Router --> Intranet
What I want is:
Internet --> NetDSL Cable Modem --> leaf  --> Intranet
There is two port (DSL, Ethernet) for ARESCOM NetDSL 1000 Cable Modem, which
I think work like this:
ISP --> DSL port --> NetDSL --> Ethernet --> CISCO 1605 Ethernet port 1
For CISCO, it only use two port, Ethernet Port 1 (From NetDSL) and Ethernet
Port 0 to Internat Hub.
OK. This is good. You are not using any of the more esoteric interface 
possibilities available with the 1600 series (ISDN, DS1), so the concerns 
raised in yesterday's messages are irrelevant to your actual needs. At the 
physical interface level, the router exchange should be a straight swap.

As I don't know how to config CISCO, I use Getif to peek the config via
SNMP.
Is SNMP important to your requirements? I believe LEAF *can* provide SNMP 
(I know Linux can, but I don't recall if the required stuff has been 
packaged for, for example, Beting-uClibc). But SNMP is not a particular 
strength of Linux or LEAF.

For Interface, it show:
descr.          ip address
Ethernet0       10.0.108.254/255.255.255.0
                203.198.77.78/255.255.240
Ethernet1       172.23.76.154/255.255.255.252
Tunnel5         192.168.79.94/255.255.255.252
I think Ethernet1 is the WAN IP address?? And don't know what is Tunnel5?
From examination of your routing table below, I'd infer that
A. Your LAN uses two address ranges:
                10.0.108.0/24 -- a private range that needs to be NAT'd
                203.198.77.78/27 -- a public range that can be routed
                        directly (without NAT)
B. Your physical external network is 172.23.76.152/30. I suspect that this 
communicates with the DSL modem, which probably has IP address 
172.23.76.153. It in turn routes to the external private address range 
172.16.0.0/20, whcih you ISP probably uses for some internal purposes.

C. Your "true" external connection (the one with your default gateway) is 
the Tunnel1 interface. From its name, I'd guess it is some sort of VPN. 
There are many "standards" for VPNs, and there is no way to know if you can 
use LEAF, or even Linux in any form, with yours until you find out what 
sort of VPN this is. You find this out from your ISP. Also note that this 
"true" external connection is a private-range address. Your ISP is doing 
something special with this ... either upstream NAT'ing, though your use of 
a real /28 internal network makes this unlikely, or some non-standard 
routing ... to let it connect to the Internet. Before you switch routers, 
you simply must get your ISP to explain what it is doing here.


For Address:
int.    address/mask
1       10.0.108.254/255.255.255.0
5       172.23.76.154/255.255.255.252
4       192.168.79.94/255.255.255.252
1       203.198.77.78/255.255.255.240
* Don't know what int. column stand for?
For Routing Table:
int.    dest.           next hop        mask                    type
proto   age
4       0.0.0.0         192.168.79.94   0.0.0.0                 direct
local   0
1       10.0.108.0      203.198.77.78   255.255.255.0           direct
local   0
0       172.16.0.0      172.23.76.153   255.240.0.0             indirect
local   10
0       172.22.254.49   172.23.76.153   255.255.255.255 indirect
local   11
2       172.23.76.152   172.23.76.154   255.255.255.252 direct  local   0
4       192.168.79.92   192.168.79.94   255.255.255.252 direct  local   0
1       203.198.77.64   203.198.77.78   255.255.255.240 direct  local   0
First I want leaf to peform normat NAT router for range of internet ip
address
No problem. This is one of the main things stock LEAF, any variant, does,
Then, I want to setup SNMP to collect networking perform per ip
As I said above, SNMP support is not s strength of Linux. It can be done, 
and probably some LEAF variants support SNMP. But "collect networking 
perform per ip" is a wee bit vague as to details, so I can't say how easy 
it would be to do what you actually want (or to replicate whatever the 
Cisco is now doing for you).

Finally, setup QOS for each ip.
Some LEAF variants support this in some fashions. Again, you'll want to be 
a bit more specific about what you hope to accomplish (or what you're doing 
now, if the Cisco does this) to get good feedback.



-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html