Hey,

Okay so here is the senario, I'm currently switching ISP's to a 10mbit fiber drop, problem is the ip blocks they have assigned me is on a x.x.43.33 to x.x.43.62 with a subnet of 255.255.255.224, but the isp's gateway / interconnectino is on x.x.118.141 with a subnet of 255.255.255.252

so the subnets are diffrent and my routers won't negotiate the subnet / route, there for not allowing me to do the ISP switch.

Now a solution to this is to pickup a cisco router that can do the proper subnet routing, but that's going to costs some serious $, so is there some way you can turn linux box into a router capable of doing this operation instead of spending the cash on the router.

If not any recomendations on a router would be great.

Thanks agian,

Not sure what the second address would be needed but my experience when given a block of IP's is a following.
You have been assigned x.x.43.33 to x.x.43.62 with a subnet of 255.255.255.224 which can referred to as x.x.43.32/27 also.
Now your first usable IP is x.x.43.33. This is what you would use as the routers IP.
I am guessing the router you have is not capable of partial subnets. So you can use a linux box as a router to this. It can be compliacted but to get the basics setup I can help with. I do not the distro you perfer so my only expertise in this is using Redhat or Redhat clones like Fedora or Centos. All are the same in essence so it does not matter your choice if you go this way.

Now once you linux box with 2 ethernet nics installed that is recognised by you linux distro, you would configure as so just to get it on line.
eth0 settings
IP x.x.43.33
Gateway x.x.43.33
Subnet 255.255.255.224
Broadcast x.x.43.63
DNS ISP provided

Bring up eth0 and see if you can get online.


Once online if you wish to use the rest of your IP you will use a technic called alis IP. For the next IP x.x.43.34 it will be created as eth0:0 and the next as eth0:1 and so on to x.x.43.62. Once all Alias IP have been assigned you should be able to ping the others from x.x.43.33.

Now you will need to configure a firewall script of iptable commands to use the rest. What you need to do is setup the eth1 nic as say 192.168.1.0/24. Now for machines connected to eth1 you will need to enable ip masquerading allow eth1 traffic to flow to eth0 to the internet point it was going to.
Configuration of eth1
IP 192.168.1.1
Subnet 255.255.255.0
Gateway No gateway required to be defined.
Enable ip forward

Now you can define a machine on the lan side of eth1 like 192.168.1.10 to be seen as x.x.43.34 from the outside just like it was connected to the main connection. You use iptable commands to do this. You can either send the whole range of ports to a specfic internal lan machine or just only allow some ports and direct to the needed machines.
This is the complex portion of the setup. So many ways you can do it.

First get eth0 going and go from there.
Brian1

Thanks Brian1 for your advice but i'm not sure if that will work with the setup I currently have.

Let me go into a little more detail, which i probably should of done before.

While trying to get this isp working the internconnection of x.x.118.241 is what gets me on the internet for example, to get an internet connection from the router i had to set it up like so

ISP's router: x.x.118.241
ISP's router in house: x.x.118.242

Router i'm programing settings:
Ip: x.x.118.242
Subnet: 255.255.255.252
Gateway: x.x.118.241

This got me on the internet, however after that router the connection goes to are firewalls as I have 2 subnets on the network. I wanted to setup Firewall 1 with .43.34 and firewall 2 with .43.35

Now the problem was when i setup firewall 1 with the following ip information:

My firewalls are currently IP cop 4.10 boxes

FIrwall settings:
IP: x.x.43.34
Subnet: 255.255.255.225
Gateway x.x.43.33

the firewall won't route to the router or the router won't negotiate as its on a diffrent subnet. Even if i set the gateway to x.x118.241 or the routers ip of 242 it won't route it. So I need some way to set this up so it will talk to the outside world or route properly, as you can't just use the ip blox as it has to go through this internconnection the isp has supplied to get to the outside world of messed up reason.

So you have the router configured and can access the internet?
Now you are connecting what to this? Two seperate routers or Linux Boxes that create two seperate networks.
If so then what is this x.x.43.34? Something you made up. Something provided from your ISP, Or would be used as a non routable IP for masquerading.

If for masquerading then why not use ones like 192.168.0.0/24 for one and 192.168.1.0/24 for the other. Using full netmask 255.255.255.0. then you would use and ip like x.x.118.243 for wan side of router and x.x.118.244 on the other router or linux router box.


That is what I am seeing with the provided info.
Brian1

Hey brain its kind of a messed up network to say the least. K let me go more into detail.

The new ISP gave me this information

Interconnection x.x.118.140
Subnet: 255.255.255.252
Our Router x.x.118.241
Your Router x.x.118.242 (This being the router / T1 box the isp installed in the place)

Your IP block

x.x.43.32-62
Subnet: 255.255.255.224

Now after the internet comes into the building from the ISP T1 box it runs to a crappy little dlink router which is where the dmz splices off from. From there it runs to my 2 IP cop boxes which are my firewalls

So:

T1 connection
|
|
ISP Router/Box
|
|
Crappy Dlink router to splice of dmz
|.........................|
|.........................|
Firewall 1........... Firewall 2
|.........................|
192.168.80.x ......... 192.168.90.x
subnet ................ Subnet

So at first i put in the dlink router:
IP: x.x.118.242
Subnet: 255.255.255.252
Gateway: x.x.118.241

and i could get internet connection if i where to just plug in my laptop to the dlink router and accept dchp, however if i just put in one of the ip block address into the dlink router it wouldn't work, so I put the interconnection address of .242/.241 with the subnet of .252 in and pressed on

**Side note**
I tried putting in these settings to the dlink router:
IP: x.x.43.35
Subnet 255.255.255.224
Gateway: x.x.43.33 or 62 wouln't work

tried these as well

IP: x.x.43.35
Subnet 255.255.255.224
Gateway: x.x.118.242 or 241 wouln't work

The router just wouldn't negotiate the subnet.

So i left the dlink router as:
IP: x.x.118.242
Subnet : 255.255.255.252
Gateway: x.x.118.241

**end of side note**

Then setup my firewalls with the ip block number of:

IP: x.x.43.34
Subnet: 255.255.255.224
Gateway: x.x.43.33 or 62 wouldn't work

I also tried

IP: x.x.43.34
Subnet: 255.255.255.224
Gateway: x.x.118.242 and .241 as the gateway but since the gateway was on a diffrent subnet the router and or firewall wouldn't route it properly or negotiate.

So really that first routing coming into the building should be a cisco router or something that can negotiate a diffrent subnet. Thats why I was wondering how you would program a linux box to do this otherwise I have to pickup a cisco router which is pricey.

I hope this is more clear, if you need anymore info let me know.