Can someone help with my issue ? I've done all I can think of, and I'm starting to think a static route isn't the way to go.

So I have a box sitting in a DMZ acting as a reverse proxy with Apache, it routes the DMZ traffic to the internal website(s).Running Centos 5.4

For this i will use 192.168.0.XXX for the DMZ addresses and 172.20.250.XX for the internal address. I don't know the details on how the DMZ is setup (not part of that group)

So if someone from the outside world connects to say stuff.bobswebsite.com(DMZ address 192.168.0.200) apache will pass that traffic to the internal host server1 (172.20.250.50).

Now, this box has has two network cards in, due to limitations with SSL sites you can't run more then one SSL virtual host per IP. so eth0 has the DMZ address of 192.168.0.200, eth1 has the address of 192.168.0.201

The firewall is configured to only allow 192.168.0.200 to connect to the internal address of 172.20.250.50, and 192.168.0.201 to connect to 172.20.250.51. The problem is when configuring a site on the second NIC stuff2.bobswebsite.com(DMZ address of 192.168.0.201, and a internal address of 172.20.250.51) all traffic still leaves as eth0 (interface with the default gateway), thus being blocked by the firewall.

I have added the following to route-eth1 per the centos howto i found.


ADDRESS0=172.20.250.51
NETMASK0=255.255.255.0
GATEWAY0=192.168.0.201

But it doesn't seem to help, traffic is still being sent out via eth0

Can you post here "route -n" from the box with two network cards in, please.

well, i readded route-eth1, when starting eth1 it comes back with RTNETLINK answers: Invalid argument [ OK ]

route -n returns

Kernel IP routing table
Destination gateway genmsk flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0

1 members found this post helpful.

192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0

And how it suppose to work?

May be change this to:
192.168.0.200 0.0.0.0 255.255.255.255 U 0 0 0 eth0
192.168.0.201 0.0.0.0 255.255.255.255 U 0 0 0 eth1

and delete default route at all

How about this?

1 members found this post helpful.

Hi guy's,

How are you all…

I got my RHCT and RHCSA and now all I need id the RHCH……what a pain…..

I'm trying to simulate the same network topology we had in class at home, however I keep getting the error:
"rtnetlink answers invalid argument" afer I edit my network card.

Here is my network:

1. Router Linksys RV042 configure as a static with a LAN IP of 192.168.0.0 and a NETMASK of 255.255.255.0
2. My eth0 configuration is as follow:

DEVICE=eth0
BOOTPROTO=static
HWADDR=00:02:B3:C2:86:4C
IPADDR=192.168.0.254
NETMASK=255.255.255.0
ONBOOT=yes
GATEWAY=192.168.0.0
IPV6INIT=no
ONBOOT=YES


3. Here is some info on the network prior to the changes:
4. Router RV042 configure as a static with a LAN IP of 192.168.1.1 and a NETMASK of 255.255.255.0
5. eth0 configuration is as follow:


DEVICE=eth0
BOOTPROTO=static
HWADDR=00:02:B3:C2:86:4C
IPADDR=192.168.1.115
NETMASK=255.255.255.0
ONBOOT=yes
GATEWAY=192.168.1.1
IPV6INIT=no
ONBOOT=YES


Some step that I did so far with no luck:

1. Change the NETMASK of my router and my eth0 to 255.255.255.128
2. Change only NETMASK of my eth0 to 255.255.255.128 (I didn't get an error with this setting, but couldn't ping the GATEWAY either)
3. There is no need to mention that I restart my network in each of the step.


Thx in advanced

P.S I hope to find a solution but in the mean time I'll try to set my router to DHCP without changing the local LAN address
And maybe then try to do some changes again. If that's not going to work I'll go back to my original setting.



Manny

Hi jsmithis101,

I look at what route -n shows on my nic and found out that I'm getting APIPA, I change my GATAWAY to 192.168.0.1

and things got back to nornal. I guess this is what happaned when you do thing at midnite....

Thx

Manny