Hi, Okay, so I've got two subnets linked by a bridge. For argument's sake, let's call them 192.168.50.0/24 and 192.168.100.0/24, and the bridge's node is 100 on both subnets.
Obviously, for a machine on one subnet to successfully communicate with a machine on the other subnets, both machines have to be aware of where to send packets destined for the other subnet. This can be done by setting static routes on the machines that need to talk to each other. No sweat. However, consider, if you will, that lots of .50 machines need to chat with lots of .100 machines, so many as to make setting static routes on each machine a formidable task. Add to the mix that the bridge, .100, is not the bridge to the outside world, so using it as the default gateway is also not an option. I thought I was on to something, by setting static routes on the default gateways for both subnets (for argument's sake, say they are .200). So, the .100 gateway (192.168.100.200) knows that packets destined for the .50 subnet need to go through the bridge at 192.168.100.100, and likewise the converse for the .50 gateway. I thought I was on to something because that seemed to work....but only in one direction. See, a particular machine on the .50 net can respond to pings from a machine on the .100 net. Let's call them .50.2 and .100.33. .100.33 has a static route for .50.0/24, but .50.2 doesn't have any static routes set for the .100 subnet, so how would it know how to get its ping responses back to the .100 subnet, unless another device, the default gateway, were routing the packets? It seems like it would make sense. But unless I set that static route on the .100.33 machine, I can't get pings over to .50.0/24. Setting the static route on the default gateway device (.200) doesn't seem to have any effect. Now, the mitigating factor is that the .50 subnet gateway (.50.200) is a SonicWall device which I seem to have a good grasp of. The .100 gateway (.100.200) is a Cisco PIX device, which is still largely enigmatic to me. It's very possible that I've simply configured the PIX incorrectly. I told it: route inside 192.168.50.0 255.255.255.0 192.168.100.100 and it can get pings over to .50 itself, but doesn't seem to want to route any from the rest of the subnet. (And similarly, when pinging from .50, I can get responses from 33, which has the local static route, and .200, which is the gateway I just described, but not from anything else). So, if someone has managed to wade through this somewhat confusing description, I'd love to be enlightened. Thank you! Regards, ~Brian ---------------- Brian A. Henning Strutmasters.com 866.597.2397 ---------------- -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
