Robert Hartzell wrote: > The device is a Netgear Prosafe vpn Firewall FVS338 > I'm pretty sure its misconfiguration on my part. > > disabling RIP on the firewall removes the 24.0.0.0 route from the table > but when I try to add default 10.0.0.20 its added but without an > interface listed.
Without an interface is fine. The only real distinction is whether you used the "-ifp" option in /sbin/route. The in.routed daemon always specifies an interface, but humans often do not. > My options for RIP are: > > RIP Direction > none > in only > out only > Both > > RIP Version > Disabled > RIP-1 > RIP-2B > RIP-2M > > initially set at Both and RIP-1 "Out only" makes a lot more sense for a device in this situation, but I have no clue why it thinks it should redistribute 24.0/8 when it seems to be configured to do NAT. That just makes no sense at all. NATs should not admit they know anything about the networks on the other side, and should generally only send out "default" (0/0) routes to peers on the 'inside' part of the network. It sounds like this device is doing something different. If it is properly configured for NAT, then I'd have to guess that it's just not designed right. *shrug* It happens. > Any pointers on what would be appropriate settings? I'm afraid I'm not an expert on that device. -- James Carlson 42.703N 71.076W <carls...@workingcode.com> _______________________________________________ networking-discuss mailing list networking-discuss@opensolaris.org
