On Tue, 2007-10-16 at 14:45 -0600, Michael L Torrie wrote: > Corey Edwards wrote: > >> Example routing table: > >> Destination Genmask Gateway Iface > >> 0.0.0.0 0.0.0.0 128.187.0.1 eth0 > >> 128.187.0.0 255.255.255.0 0.0.0.0 eth0 > >> 10.2.0.0 255.255.255.0 0.0.0.0 eth1 > >> 10.0.0.0 255.0.0.0 10.2.0.1 eth1 > > > > I think I see the source of the problem. You've got a route to all of > > 10.0.0.0/8 via 10.2.0.1. I suspect Michael doesn't. Instead he's got two > > routes to 0.0.0.0/0. Two default routes like that is generally not what > > anybody wants. > > > > Michael, can you paste the current routing table. > > I don't have any routing table yet. I'm just working through all of the > potential problems before I install the server. I initially was > thinking that routes such as what Lonnie suggested would work. Then as I > thought about, I wondered if they might not. Now I'm wondering if they > will, in fact work. So I'll test it empirically tomorrow. After this > discussion I have great hopes that it will work.
Ah, OK. I do think it'll work for you as long as you have just one default route going out the 128.187.x.x interface and another 10/8 route going out the 10.x.x.x interface via your 10.x.x.x next hop. > Would iptables running as a firewall on the public interface complicate > things? I doubt it. But who knows. I'm sure it can work, you'll just have to be careful where you use interface filters since traffic to 128.187.x.x will arrive on both interfaces. Corey /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
