You can create bridges, or use iptables. My preference would be iptables: sysctl ipv4.ip_forward=1 iptables -t nat -A POSTROUTING -j MASQUERADE
With those two lines (assuming you don't have other firewall settings), you'll be set. To keep the settings persistent, you'll need to add ipv4.ip_forward = 1 to /etc/sysctl.conf and make sure to run iptables-save or reconfigure your firewall at each reboot). You'll need to set up the routes on the other members of the lan (i.e. route add -net 10.217.3.0/24 gw 10.217.4.23, for example). If you already have firewall settings on the gateway box, those may interfere, and you'll want to add exemptions (i.e. iptables -I INPUT --source 10.0.0.0/8 --dest 10.0.0.0/8 -j ACCEPT will allow traffic between all subnets, but not explicitly allow routing to the WAN through this box). If there's an application managing your firewall, you'll need to take that into account. On Thu, Feb 24, 2011 at 8:39 AM, nseritti <[email protected]> wrote: > Hello, > > I recently began segmenting VLAN's and realized, that my router > doesn't support gigabit connections, and as it's the gateway for the > VLAN's the speed of the traffic across VLAN's is capped at 100Mbps. > > I have a system that is in a VLAN that will have connectivity to > everything else, it resides in the 10.217.3.0/24 VLAN, it has 8 NICS > that can be connected to each VLAN, essentially what I want to do is > assign an IP to each VLAN to one of the NIC's on this machine, and use > them as the gateway for traffic to one of the other VLAN's > 10.217.4.0/24 etc. > > How can this be done? Is it as simple as using bridge-utils, or do you > need to do some iptables magic? > > Thanks, > > --Nick > > -- > You received this message because you are subscribed to the Linux Users > Group. > To post a message, send email to [email protected] > To unsubscribe, send email to [email protected] > For more options, visit our group at > http://groups.google.com/group/linuxusersgroup -- Daniel -- You received this message because you are subscribed to the Linux Users Group. To post a message, send email to [email protected] To unsubscribe, send email to [email protected] For more options, visit our group at http://groups.google.com/group/linuxusersgroup
