LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 04-11-2012, 06:56 AM   #1
borgy95
Member
 
Registered: Mar 2012
Location: England
Distribution: Debian, Kali, CentOS 7
Posts: 64

Rep: Reputation: Disabled
persistant ip routing between two subnets - config issues.


Hi everyone,

Been bashing away at some netowrking in the linux world recently and coming up trumps on a couple matters...

Im setting up a network with one RHEL6.1 box that acts as a gateway/router into a different subnet it will also be my mail server (lets call it alexandria). alexandria is only required to route traffic from a backtrack machine (lets call it - Invader) to specific clients on a different subnet, only about 3 tops. to start with just one (lets call it victim)

alexandria can currently ping the other subnets gateway (lets suppose the address range is 10.14.x.x) and any other machines within the subnet.. it also has internet access via this subnet (i do not want internet connectivity on alexandria's subnet and it must remain in a different subnet to 'simulate' something coming over the internet.

to start with the theory to check my understanding (cos ultimately im a newb and this is way over my head but the job requires it... so im learning it rapid style )once traffic passes through alexandria onto the 10.14.x.x subnet and hits the gateway, the gateway can figure out what to do with the infio using dns/ad so i dont need to worry... i assume thats right?
however alexandria's subnet needs to be told go to the 10.14.x.x and talk to the gateway in 10.14.x.x. so from what i understand that is two steps.
Invader goes to alexandria its gateway/router then gets passed on? and ip routing tables can be used for this?

hopefully that is all correct and makes sense?

so to the problems i have had are that the following files /strings dont seem to exist or so the terminal keeps telling me

code:
/etc/sysconfig/network-scripts/route-ethX
#and
/etc/init.d/networking
#or
sudo /etc/init.d/networking



from what i understand this is a file i need to permanently edit the static route? can i just create my own?
and the i init.d script is to start the service for netowkring?

I have already enabled the ip forwarding services as checked and confirmed by

Code:
sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1



thanks in advance
and i do hope this will eventually be of use to others learning this stuff.
 
Old 04-11-2012, 08:49 AM   #2
nikmit
Member
 
Registered: May 2011
Location: Nottingham, UK
Distribution: Debian
Posts: 178

Rep: Reputation: 34
Just to check I understand your setup:

internet -- gateway --- local lan --- alexandria --- invader

With such a setup if you don't need internet access on invader all you need to do is enable ip_forwarding, which you have.
Alexandria will automatically route traffic for directly connected subnets, so between invader and the local lan.

The catch is, that machines in the local lan probably only have a default route, pointing at the internet gateway. To enable communication between the local lan and invader, you need to either give all the hosts a static route for the invader subnet pointing at alexandria, or set up that route on the internet gateway, so it can forward traffic correctly. If you do the latter though, you will at the same time give invader internet access.

Nik
 
1 members found this post helpful.
Old 04-11-2012, 09:28 AM   #3
borgy95
Member
 
Registered: Mar 2012
Location: England
Distribution: Debian, Kali, CentOS 7
Posts: 64

Original Poster
Rep: Reputation: Disabled
nik

ok so the setup is

Invader -- to alexandria ip: 192.168.X.X(a gateway) --- to a cisco switch IP 10.14.x.x(the other gateway)--- local lan - internet

To get to the 10.14.x.x subnet i must go through the cisco switch to get anywhere else. so from what you explained i do not need to make any config cahanges to the /etc/sysconfig/network-scripts/route-ethX file?

in which this must mean i have a config error on invader since it is unable to ping anything on the 10.14.x.x subnet?

thanks for the help much appreciated...
 
Old 04-11-2012, 09:34 AM   #4
nikmit
Member
 
Registered: May 2011
Location: Nottingham, UK
Distribution: Debian
Posts: 178

Rep: Reputation: 34
Is ip routing on for the switch?
Do 'sh ip route' - do you have a route for the invader subnet in there?

Last edited by nikmit; 04-11-2012 at 09:36 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Routing two Subnets Lord_Devi Linux - Networking 5 07-10-2010 03:54 PM
subnets and routing evilted Linux - Networking 19 08-20-2009 06:16 AM
Routing between two subnets ScottReed Linux - Networking 22 10-24-2006 11:32 PM
Firewall, Routing and Subnets - is this possible? donoss Linux - Networking 2 10-28-2004 01:34 PM
Routing between different subnets ... suvajit Linux - Networking 1 05-15-2003 08:07 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:22 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration