/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
Constantine Karbaliotis <[EMAIL PROTECTED]> wrote:
>
> I want to add dial-out capability; and since I have a couple of
> SE/30's, I thought it best to distribute the work and also avoid the
> complexity of having the main masquerading machine manage multiple
> firewall configurations.
I guess that means that different boxes on your network are essentially
different "gateways" to different nets? Hmm.
> But otherwise, how does the computer "know" to (a) cause the SE/30 to
> dial out or (b) use that connection rather than the cable modem's?
IP traffic is routed using "route table" entries. Most systems are only
set up with a single route, called a "default route", and basically they
send local traffic to the same subnet, directly to the ethernet, and
forward everything else to their "default" router.
If you really want each box to be a gateway to its own different
network, you can do it. However, there must be some way to differ-
entiate traffic that is destined for each network. For instance, your
local subnet is differentiated from other traffic, by the fact that all
local IP addresses are in the range 192.168.0.* (or whatever you're
using). If you can come up with a similar rule to describe traffic,
say, destined for a work address, then your problem gets a lot easier.
If all of your work-related network IP addresses are in the 10.* range,
or 130.169.* range, then you can simple add route entries to all your
clients, and tell them to forward traffic in that range to the other
gateway, instead of the "default" gateway.
Otherwise I can't see a simple solution.
As for masquerade, if you do set up each box, and are able to come up
with routes to distinguish them, setting up each one as a masquerading
server is the best approach. There's no reason to send traffic from a
client, to a masq box, then off to *another* gateway that can just as
easily do the masquerading itself. :)
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Good judgment comes from experience.
sometimes known as David DeSimone || Experience comes from bad judgment."
http://www.dallas.net/~fox/ || -- Life Lessons
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES
UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
