/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */ Hi, I will be required to set this up in about a week and am not sure if what Im planning on will actually function correctly. I need to have an internal LAN, then have 2 gateways, one to the internet, the other to a frame relay which connects direct to another company. Now if I setup ipchains to masq the internal subnet... is it hard to do in this case? I have setup ipchains before, but never with 2 different ways for the packets to go. It was a DG (2 nics)and that was that. If I try and setup ipchains, will I have to include routing info as well, or will the ipchains setup (rules) do all of that for me? For example: | ((Router-FRAME RELAY to other co.))ip: 167.125.174.1, sm: 255.255.255.192 | | eth1 (ip 167.125.174.2, DG 167.125.174.1) | ((LINUX BOX))--eth2(ip 64.3.65.2, DG 64.3.65.1)-----INTERNET (via our ISP) | eth0 (ip 172.16.0.4 does this need a DG or should it have 2?) | | | INTERNAL LAN (172.16.0.*, DG 172.16.0.4) Ok, now that is the setup that will work, right? Although im not sure about 2 DGs... should I only have the one to the internet and not have anything as a default gateway for the ETH1? Maybe Ill have to add some static route? Is setting up ipchains going to be hard for this? The rules etc? Will I need any route adds at all, or will ipchains take care of all routing for me? Here is what I am thinking for ipchains rules, but I could be wayyyyyy off: ipchains -A forward -j MASQ -i eth1 -s 172.16.0.0/16 -d 0.0.0.0/0 ipchains -A forward -j MASQ -i eth2 -s 172.16.0.0/16 -d 0.0.0.0/0 Would this be all I would have to do to accomplish this, or will the destination of say the first (eth1)entry have to set to something. What I mean is can you have two 0.0.0.0/0's? Wouldnt anywhere be outside eth2. This is the other co's network on the other side of their router... 167.125.179.128 255.255.255.192 so maybe for the first rule I should say this: ipchains -A forward -j MASQ -i eth1 -s 172.16.0.0/16 -d 167.125.179.128/18 ipchains -A forward -j MASQ -i eth2 -s 172.16.0.0/16 -d 0.0.0.0/0 With this, would I need any routing tables manually specified for this setup, or would the ipchains route packets to the correct nic for me as I have specified a destination? Sorry to ramble on, but Im new to the routing world and have been thrown into the middle of the fire here :) Thanks For all your time and help guys. You wouldnt believe how much it is appreciated! Trent Cook _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
