LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   real routing under nat routing (https://www.linuxquestions.org/questions/linux-networking-3/real-routing-under-nat-routing-109015/)

nothingmuch 10-27-2003 06:50 AM

real routing under nat routing
 
I have a network of about 6 computers, going in and out.

They are currently nat'd by a broadband 'router'.

I have an old pmac 6100 i'm using for various tasks (nagios, nessus, bind replication, etc), so it's not too busy. I want to use it as a router for the network, which simply throttles and shapes network traffic, before handing it to the nat router for transport.

The linux box has one nic, and i don't think it's desireable to route back through it, but rather have all data comming from the nat router go directly to the hosts who need it.

This works if i set the linux box as the default route on various hosts (mainly MacOS X), but only partially - the boxes will discover the broadband router at some point, and use it instead.

How can I make my scenario work?

Setting up a second NIC will be a complex operation, and theoretically doesn't seem necessary. Am I right?

Thanks in advaance!

kevlong 10-27-2003 06:56 AM

I'm pretty sure that the 2nd NIC is the right and most secure way to go. Read the Masquerading HOWTO to find out more information.

nothingmuch 10-27-2003 07:03 AM

The thing is that the nat router already has to NICs, and does masquerading..

I only want the old machine to shape the traffic coming out of the local network, into the nat router.

Robert0380 10-27-2003 08:49 AM

so what u want is for the traffic to come out of a box, to the router, out of the router to the MAC , do some stuff in the MAC and then back out to the router?

sounds bad. you can get a second NIC, put the computers behind it, and not NAT. you dont HAVE to Nat. (Atleast not in Linux you dont)

nothingmuch 10-27-2003 03:11 PM

What i'd like is in one scope all outbound traffic to go to one of the boxes on the net, and for it to send data to the router. What is happenning is that the other machines are bypassing the linux box, and sending data to the nat router instead...

Secluding the router from the other comps is prolly the way to go, but it seems a bit excessive....


All times are GMT -5. The time now is 06:12 AM.