LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 09-05-2009, 02:39 AM   #1
Udhayakrishnan
LQ Newbie
 
Registered: Feb 2009
Posts: 19

Rep: Reputation: 0
Question Using two NIC with private & public IPs - Routing issue occurs


Hi,

I setup RHEL 5.3 server with two NICs. One with public and other with private ip.

I am unable to connect to the server from internet, If I put gateway for private IP and vice versa.

Private IP range: 172.16.0.0 /255.255.254.0 GW: 172.16.0.1
public ip raneg: 124.x.x.x /255.255.255.224 Gw: 124.x.x.x - same network

Routing issue occurs. I tried with route. But its possible only when the packets to be routed to different networks. Within the same network routing is not possible.

I want the server to accept the packets come from public ip and respond to the same network and vice versa.

Please shed light on this to sort out the issue.

Last edited by Udhayakrishnan; 09-05-2009 at 02:40 AM.
 
Old 09-05-2009, 05:10 AM   #2
nkhambal
LQ Newbie
 
Registered: Mar 2005
Posts: 8

Rep: Reputation: 1
May be you can create an additional routing table along with main routing table. In main table, you will add a default route to the internet gateway. In the additional table, you add a default route for the private gateway. Then you write a rule in RPDB, to route internal prefixes using the default in the additional routing table.

To know the commands to create a routing table and rules check this thread

http://www.linuxquestions.org/questi...router-752212/

Thanks,
 
Old 09-05-2009, 05:31 AM   #3
markush
Senior Member
 
Registered: Apr 2007
Location: Germany
Distribution: Slackware
Posts: 3,974

Rep: Reputation: 849Reputation: 849Reputation: 849Reputation: 849Reputation: 849Reputation: 849Reputation: 849
Hello,

Quote:
Originally Posted by Udhayakrishnan View Post
Hi,
Routing issue occurs. I tried with route. But its possible only when the packets to be routed to different networks. Within the same network routing is not possible.
I'm not sure if I understood your question, but routing within a subnet is completely senseless. Within one subnet the package-transfer is done on the ethernet-level, i.e. the 2. layer in the OSI-model. Routing is a TCP/IP-issue and is needed between different subnets, which is part of the 3. and 4. OSI-layer.

Markus
 
Old 09-07-2009, 07:26 AM   #4
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655
Code:
Private IP range: 172.16.0.0 /255.255.254.0 GW: 172.16.0.1
Your netmask caused me to raise an eyebrow. It allows only a network address and a broadcast network. Should this be a host route?

Could you provide more information on your WAN connecton? E.G. Cable, DSL, ISDN?
What equipment it connects to. What is this host used for?

What is the gateway device on the private network?
Please post the output of the route command.

Last edited by jschiwal; 09-07-2009 at 07:57 AM.
 
Old 09-08-2009, 01:44 AM   #5
Udhayakrishnan
LQ Newbie
 
Registered: Feb 2009
Posts: 19

Original Poster
Rep: Reputation: 0
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
124.124.237.160 124.124.237.161 255.255.255.224 UG 0 0 0 eth0
124.124.237.160 * 255.255.255.224 U 0 0 0 eth0
172.16.0.0 172.16.0.1 255.255.254.0 UG 0 0 0 eth1
172.16.0.0 * 255.255.254.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1


With this config, I am able to access the server from 172.16.1.x series networks and from internet too. Not from the 172.16.8.x. network.


Please Help!
 
Old 09-08-2009, 02:01 AM   #6
JulianTosh
Member
 
Registered: Sep 2007
Location: Las Vegas, NV
Distribution: Fedora / CentOS
Posts: 674
Blog Entries: 3

Rep: Reputation: 90
Quote:
Originally Posted by markush View Post
Hello,



I'm not sure if I understood your question, but routing within a subnet is completely senseless. Within one subnet the package-transfer is done on the ethernet-level, i.e. the 2. layer in the OSI-model. Routing is a TCP/IP-issue and is needed between different subnets, which is part of the 3. and 4. OSI-layer.

Markus
You're almost there. If your stack is configured correctly, not only is it completely senseless, it's utterly impossible to route on the same subnet. That's what the subnet mask is for - determining if a host is on the same subnet as you. If it is, then it's unicast to the NIC with the proper MAC address. If it's not, then it's unicast to MAC associated with the router.

And it's not a TCP/IP issue, it's an IP issue. TCP (and UDP) reside above layer 3 where IP addressing and routing occurs. Layer 4 defines sockets/connections.
 
Old 09-08-2009, 02:09 AM   #7
JulianTosh
Member
 
Registered: Sep 2007
Location: Las Vegas, NV
Distribution: Fedora / CentOS
Posts: 674
Blog Entries: 3

Rep: Reputation: 90
I dont see a default gateway in your routing table.

Can you post the output of these commands please?

Code:
netstat -rnv; ifconfig eth0; ifconfig eth1

Last edited by JulianTosh; 09-08-2009 at 02:15 AM. Reason: checking my work
 
Old 09-08-2009, 02:46 AM   #8
Udhayakrishnan
LQ Newbie
 
Registered: Feb 2009
Posts: 19

Original Poster
Rep: Reputation: 0
Question

Quote:
Originally Posted by Admiral Beotch View Post
I dont see a default gateway in your routing table.

Can you post the output of these commands please?

Code:
netstat -rnv; ifconfig eth0; ifconfig eth1
I have even tried with setting up the default gateway. But the issue exists thats why, I removed def gw.

#netstat -rnv; ifconfig eth0; ifconfig eth1
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
124.124.237.160 124.124.237.161 255.255.255.224 UG 0 0 0 eth0
124.124.237.160 0.0.0.0 255.255.255.224 U 0 0 0 eth0
172.16.0.0 172.16.0.1 255.255.254.0 UG 0 0 0 eth1
172.16.0.0 0.0.0.0 255.255.254.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
eth0 Link encap:Ethernet HWaddr 00:0C:xx:xx:xx:xx
inet addr:124.124.237.184 Bcast:124.124.237.191 Mask:255.255.255.224
inet6 addr: fe80::20c:29ff:fe57:3a74/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12673 errors:0 dropped:0 overruns:0 frame:0
TX packets:1826 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:880934 (860.2 KiB) TX bytes:1000834 (977.3 KiB)
Interrupt:177 Base address:0x1400

eth1 Link encap:Ethernet HWaddr 00:0C:xx:xx:xx:xx
inet addr:172.16.1.218 Bcast:172.16.1.255 Mask:255.255.254.0
inet6 addr: fe80::20c:29ff:fe57:3a7e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:65933 errors:0 dropped:0 overruns:0 frame:0
TX packets:205 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:21243577 (20.2 MiB) TX bytes:18933 (18.4 KiB)
Interrupt:185 Base address:0x1480

Last edited by Udhayakrishnan; 09-08-2009 at 02:49 AM.
 
Old 09-08-2009, 02:59 AM   #9
Udhayakrishnan
LQ Newbie
 
Registered: Feb 2009
Posts: 19

Original Poster
Rep: Reputation: 0
Question

Quote:
Originally Posted by jschiwal View Post
Code:
Private IP range: 172.16.0.0 /255.255.254.0 GW: 172.16.0.1
Your netmask caused me to raise an eyebrow. It allows only a network address and a broadcast network. Should this be a host route?

Could you provide more information on your WAN connecton? E.G. Cable, DSL, ISDN?
What equipment it connects to. What is this host used for?

What is the gateway device on the private network?
Please post the output of the route command.
Dear jschiwal.

If I have one Ethernet with default gateway of 172.16.0.1, then it works properly. I am able to access the server from 172.16.8.x VLan.

Removing the defa GW or adding another NIC pointing to internet makes the server not to respond to 172.16.8.x Vlan. If I am in 172.16.1.x segment, able to access the server without defa GW as 172.16.0.1.

Server expects 172.16.0.1 as a defa GW to commuincate with 172.16.8.x vlan series.

Last edited by Udhayakrishnan; 09-08-2009 at 03:05 AM.
 
Old 09-08-2009, 03:18 AM   #10
JulianTosh
Member
 
Registered: Sep 2007
Location: Las Vegas, NV
Distribution: Fedora / CentOS
Posts: 674
Blog Entries: 3

Rep: Reputation: 90
We want your routing table to look like this:
Code:
Destination      Gateway          Genmask          Flags MSS Window irtt Iface
124.124.237.160  0.0.0.0          255.255.255.224  U     0 0 0 eth0
172.16.0.0       0.0.0.0          255.255.254.0    U     0 0 0 eth1
169.254.0.0      0.0.0.0          255.255.0.0      U     0 0 0 eth1
0.0.0.0          124.124.237.160  255.255.255.224  U     0 0 0 eth0
Lets see if we can get it a little closer with these commands:
Code:
route del -net 124.124.237.160 255.255.255.224 gw 124.124.237.161 eth0
route del -net 172.16.0.0      255.255.254.0   gw 172.16.0.1      eth0
The permanent way to set your default gateway is with this command:
Code:
echo "GATEWAY=124.124.237.160" >> /etc/sysconfig/network
please post the output of this command:
Code:
cat /etc/sysconfig/network-scripts/ifcfg-eth*
 
Old 09-08-2009, 03:22 AM   #11
JulianTosh
Member
 
Registered: Sep 2007
Location: Las Vegas, NV
Distribution: Fedora / CentOS
Posts: 674
Blog Entries: 3

Rep: Reputation: 90
Quote:
Originally Posted by Udhayakrishnan View Post
Dear jschiwal.

If I have one Ethernet with default gateway of 172.16.0.1, then it works properly. I am able to access the server from 172.16.8.x VLan.
Ahh.. hold up... your inside network is bigger then I assumed. You will need more routing statements along with what I provided in my last post. Please continue to follow those requests, and then tell me about your internal network... how many subnets are there, what are they, etc. I'll need subnets and masks for everything on the inside that should be able to reach your gateway.
 
Old 09-09-2009, 08:00 AM   #12
Udhayakrishnan
LQ Newbie
 
Registered: Feb 2009
Posts: 19

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by Admiral Beotch View Post
We want your routing table to look like this:
Code:
Destination      Gateway          Genmask          Flags MSS Window irtt Iface
124.124.237.160  0.0.0.0          255.255.255.224  U     0 0 0 eth0
172.16.0.0       0.0.0.0          255.255.254.0    U     0 0 0 eth1
169.254.0.0      0.0.0.0          255.255.0.0      U     0 0 0 eth1
0.0.0.0          124.124.237.160  255.255.255.224  U     0 0 0 eth0
Lets see if we can get it a little closer with these commands:
Code:
route del -net 124.124.237.160 255.255.255.224 gw 124.124.237.161 eth0
route del -net 172.16.0.0      255.255.254.0   gw 172.16.0.1      eth0
The permanent way to set your default gateway is with this command:
Code:
echo "GATEWAY=124.124.237.160" >> /etc/sysconfig/network
please post the output of this command:
Code:
cat /etc/sysconfig/network-scripts/ifcfg-eth*
Hi,

I have done and posted the output as given below:

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
124.124.237.160 * 255.255.255.224 U 0 0 0 eth0
172.16.0.0 * 255.255.254.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
default 124.124.237.161 0.0.0.0 UG 0 0 0 eth0




cat /etc/sysconfig/network-scripts/ifcfg-eth*
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=none
BROADCAST=124.124.237.191
HWADDR=00:0c:xx:xx:xx:xx
IPADDR=124.124.237.184
NETMASK=255.255.255.224
NETWORK=124.124.237.160
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
GATEWAY=124.124.237.161
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
HWADDR=00:0c:xx:xx:xx:xx
NETMASK=255.255.254.0
IPADDR=172.16.1.218
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes

Your help is much appreciated....

Thanks for continuous advice.
 
Old 09-09-2009, 08:02 AM   #13
Udhayakrishnan
LQ Newbie
 
Registered: Feb 2009
Posts: 19

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by Admiral Beotch View Post
Ahh.. hold up... your inside network is bigger then I assumed. You will need more routing statements along with what I provided in my last post. Please continue to follow those requests, and then tell me about your internal network... how many subnets are there, what are they, etc. I'll need subnets and masks for everything on the inside that should be able to reach your gateway.
I am accessing the server from 172.16.8.x Vlan. Therefore, access from 8.x is enough for me.

172.16.0.0 / 255.255.254.0 gw 172.16.0.1
172.16.8.0 / 255.255.255.0 gw 172.16.8.1
 
Old 09-09-2009, 11:09 AM   #14
JulianTosh
Member
 
Registered: Sep 2007
Location: Las Vegas, NV
Distribution: Fedora / CentOS
Posts: 674
Blog Entries: 3

Rep: Reputation: 90
run this command
Code:
route add -net 172.16.8.0 netmask 255.255.255.0 eth1
If that makes everything work, then you'll obviously need to stick that in or around /etc/rc3.d/S99local so it runs at startup.

Oh, and if it doesn't, lets see your routing table again.
 
Old 09-10-2009, 08:35 AM   #15
Udhayakrishnan
LQ Newbie
 
Registered: Feb 2009
Posts: 19

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by Admiral Beotch View Post
run this command
Code:
route add -net 172.16.8.0 netmask 255.255.255.0 eth1
If that makes everything work, then you'll obviously need to stick that in or around /etc/rc3.d/S99local so it runs at startup.

Oh, and if it doesn't, lets see your routing table again.
Hi,

Thanks for your hint.

I just put the following command and everything is perfect now.

route add -net 172.16.8.0 netmask 255.255.255.0 gw 172.16.0.1 dev eth1

Thanks a lot for your effort.
 
  


Reply

Tags
network, route


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Public and private NIC for web server vondie Linux - Server 2 08-28-2009 09:24 AM
Routing with public IPs crontab Linux - Networking 3 02-10-2009 07:11 AM
two public ips on one nic for home office dns servers rioguia Linux - Networking 12 08-19-2004 04:59 PM
2 live/public ips for single NIC ehpserver Linux - Networking 3 10-08-2003 08:00 PM
Multiple NIC cards - public and private IPs harryinjapan Linux - Networking 2 12-02-2001 05:25 AM


All times are GMT -5. The time now is 06:11 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration