Hey,
It seems that all your really need is to add a route specifying
your ISP's IP address range (with netmask). That way you
have a direct route to go back to your ISP for DNS, SMTP, etc.
And if you keep the default route going to the cable modem, things
like HTTP, FTP, etc. for the local LAN machines should be fine.
Tuan
--
Tuan Hoang
Senior Software Systems Engineer
The MITRE Corporation
On Mon, 27 Sep 1999 [EMAIL PROTECTED] wrote:
> On 27 Sep, Tuan Hoang wrote:
> > Hey,
> >
> > You might try this config.
>
> First, tnx Tuan!
>
> >
> > Linux box:
> > Setup IP Forwarding Masquerading on this machine (not sure how, so read
> > the HOWTO)
> > 1 PPP to ISP via standard modem (only have route for your ISP's network)
> > 1 ethernet card going to cable modem (have default route going out here)
> > 1 ethernet card going to your local LAN (192.168.x.x / 255.255.255.0)
>
> Second, this *IS* the config I am running now. My problem is this:
> Mail comes down the modem from any inet host and is exchanged with my
> box. Normally ok. If I set the default route to ppp0 this works.
> But, any masq'd machines on the inside (as well as the main linux
> box) routes out ppp0 also. If I use ipchains to default
> masq/route to the cable modem, bind is screwed. If I set the default
> route to eth1 (cable modem) any mail exchanges coming in on ppp0 fail.
> The default route sends the smtp responses out the default route when
> they should be going back to the initiating host at the other end of
> ppp0. I cannot figure out a routing rule here because mail may come
> from any ip addr and there is no rule that I can think of to say:
> -if a mail exchange comes in on modem... answer on modem instead of
> default route. (this is where things bomb)
> -if a http request comes from local lan (eth0), route it out
> eth1(cable).
> -if local box wants http,ftp,irc,bofh,icub4ucme, route it out eth1.
>
> This all sounds very complex... its not. Just mail and domain out
> modem, everything else through the cable.
>
> I have perused the pages of iproute2 (thank you Alexy for a wonderful
> program!). While it is a very powerful program, I am lost at how to
> concoct a rule base to accomplish the above. I learn by example and
> have not come across anything similar... yet.
>
>
> >
> > With your boxes on the local LAN, just point their gateway to
> > the Linux box (w/IP maquerading enabled and IP forwarding).
> > This should let you use the web browser on these machines.
> > For mail you will have to simply setup mail (only) accounts on
> > the Linux box (set their shell to /dev/null or /etc/passwd).
> > Then they can use any POP3 compliant mail proggy like Netscape to
> > download their mail from the Linux box.
> >
> > Hope this makes sense.
> >
> > Tuan
> >
> >
> > On Sun, 26 Sep 1999 [EMAIL PROTECTED] wrote:
> >
> >> Hi everyone,
> >>
> >> I work closely with my isp and do work for them from time to time, in
> >> return I get a 24/7 dialup connection for my linux box with a static
> >> ip and a domainname hosted. The mx record points directly at my box
> >> so I can send and rx mail directly.
> >>
> >> In the ever present need for speed I also have recently installed a
> >> cable modem. Static ip but no domain, no direct mail. I masq the rest
> >> of my pc's here at home through my inet connection.
> >>
> >> Some of you may already know what I am going to ask...;-)
> >> What routing technique can I employ to get mail and the rest of my
> >> isp's subnet through the modem and route the rest of the requests
> >> through the high-speed (cough) cable modem.
> >>
> >> I am assuming policy routing, but I have not had any experience
> >> with it. The usual links, faq, or even a one-liner would be very
> >> appreciated.
> >>
> >> -- Dave
>
> -----------------------------------------------------------------------
> Dave Helton, KD0YU - [EMAIL PROTECTED] - http://www.kd0yu.com
> Real World Computing - 319-386-4041 - 8am-5pm CST
> -----------------------------------------------------------------------
> _
> / / (_)__ __ ____ __
> / /__/ / _ \/ // /\ \/ / . . . t h e c h o i c e o f a
> /____/_/_//_/\_,_/ /_/\_\ G N U g e n e r a t i o n . .
> -----------------------------------------------------------------------
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-net" in
> the body of a message to [EMAIL PROTECTED]
>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
