LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 04-18-2009, 03:15 PM   #1
jonaskellens
Member
 
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 646

Rep: Reputation: 33
route add with specific interface


I have an Asterisk-server with 2 interfaces, a WAN-interface (eth1) and a LAN-interface (eth0).

SETUP :

IAX-provider(internet) --> firewall --> Asterisk-server --> switch --> clients_on_LAN

So everything coming from the IAX-provider on port 4569 is forwarded to the Asterisk-server's WAN-interface (eth1).
This needs then be routed to an internal SIP-phone (an IVR-system will define which one) via eth0.

When a call is initiated from an internal SIP-phone (they register to the IP-address assigned to eth0) it needs to be routed via eth1 to the gateway (192.168.4.250). Asterisk will setup an IAX-channel on WAN-interface (eth1) to the IAX-provider (via gateway).

So... will this work :

Code:
route add -net ip_IAXprovider netmask 255.255.255.0 gw 192.168.4.250 dev eth1
Code:
route add -net 192.168.4.0 netmask 255.255.255.0 dev eth0
(no gateway needed for the LAN-interface, communications to the gateway need to go via the WAN-interface !)
 
Old 04-19-2009, 05:26 AM   #2
rossonieri#1
Member
 
Registered: Jun 2007
Posts: 359

Rep: Reputation: 34
hi,

Quote:
(no gateway needed for the LAN-interface, communications to the gateway need to go via the WAN-interface !)
i'm not too sure about what you've asking - but, from routing theory - you *usually* dont need to use routing on the same subnet - unless you want to communicate with other subnet like your IAX_provider. Hence - on the Asterisk server, it should have a default gateway to 0/0 - which is your IAX_provider included, via eth1.

but, from your provided scenario - are you not in somekind of NAT-T problem? since you use 2 routers? are you in a full routing?

just a thought.
 
Old 04-19-2009, 08:35 AM   #3
jonaskellens
Member
 
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 646

Original Poster
Rep: Reputation: 33
The firewall is m0n0wall, with 3 interfaces like this :

Code:
cablemodem --> m0n0wall --> wireless AP (WLAN)
                 |      --> ethernet-switch --> LAN
                 |                |
                 |--> Asterisk <--|
We might change the setup to this :
(m0n0wall has only 2 interfaces)

Code:
cablemodem --> m0n0wall --> Asterisk
                  |             |
                  |             |
                  |-------> ethernet-switch --> LAN
                                            --> wireless AP (WLAN)
You are right when you say that both interfaces are on the same subnet.

What I'm trying to accomplish is that m0n0wall is connected directly with the Asterisk-server and with the ethernet-switch.

Also the Asterisk-server is connected with m0nOwall and the switch.

So when a internal SIP-phone wants to make a call it follows this way :

SIP-phone >> ethernet-switch >> Asterisk(LAN) >> Asterisk(WAN) >> m0n0wall >> IAX-provider


When a SIP-phone calls another SIP-phone on the internal LAN :

SIP-phone 1 >> Ethernet-switch >> Asterisk(LAN) >> Asterisk(LAN) >> Ethernet-switch >> SIP-phone 2

What I don't want :

SIP-phone >> Ethernet-switch >> Asterisk(LAN) >> Ethernet-switch >> m0n0wall >> IAX-provider



Quote:
Originally Posted by rossonieri#1 View Post
hi,
but, from your provided scenario - are you not in somekind of NAT-T problem? since you use 2 routers? are you in a full routing?
There is no problem if NAT is implemented on the m0n0wall (then also router) because outgoing calls go with the IAX-protocol, which handles NAT gracefully.

Also : there is no DHCP on the LAN, all IP-addresses are set hard-coded in the clients (pc and phone)

Last edited by jonaskellens; 04-19-2009 at 08:36 AM.
 
Old 04-19-2009, 10:25 AM   #4
rossonieri#1
Member
 
Registered: Jun 2007
Posts: 359

Rep: Reputation: 34
hi,

Quote:
What I don't want :

SIP-phone >> Ethernet-switch >> Asterisk(LAN) >> Ethernet-switch >> m0n0wall >> IAX-provider
ok, perhaps i'm reading this as you were afraid that your RTP udp session run off of its track so the phones responding directly to monowall LAN_if instead of asterisk LAN-if, am i correct?

one easy way to find out whether the phones directly answers the RTP using monowall LAN-if line is to sniff it. my guess is - it will use both monowall & asterisk path.

so, in this case an ALG wont work - there are 2 options :
1. put another router between the asterisk/monowall and the phones - make that fancy routing policy.
2. no new router, but put the routing policy on every phone - if possible.

just a thought.

Last edited by rossonieri#1; 04-19-2009 at 10:27 AM.
 
Old 04-21-2009, 01:51 AM   #5
jonaskellens
Member
 
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 646

Original Poster
Rep: Reputation: 33
My question is really just about the routing between the 2 interfaces in my Asterisk-server.

Don't think of the rest of the network-setup.

I just want everything coming in on the LAN_if of my Asterisk-server going out via the WAN_if of my Asterisk-server.

And I want everything coming in on the WAN_if of the Asterisk-server, going out via the LAN_if.

The 'default gateway' for the IP-phones is actually the Asterisk LAN_if.

So just the routing between the 2 interfaces of my Asterisk-server, in both directions...
Will this be the correct rule :

Code:
route add -net ip_IAXprovider netmask 255.255.255.0 gw 192.168.4.250 dev eth1
(everything going out via eth1 (WAN_if))


Code:
route add -net 192.168.4.0 netmask 255.255.255.0 dev eth0
(everything for the LAN via eth0 (LAN_if)

Thanks in advance for your reply !

Last edited by jonaskellens; 04-21-2009 at 01:52 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how to add static route for loopback interface. UltraSoul Linux - Software 4 04-12-2009 02:02 AM
noob: ip route add vs route add jCash Linux - Networking 1 07-19-2007 12:12 PM
Can I Route Specific Addresses Through an IPSec VPN Tunnel? strick1226 Linux - Networking 3 12-15-2005 09:30 AM
I am not able to add a new route to my route table using route command prashanth s j Linux - Networking 2 09-03-2005 05:34 AM
Need to route traffic through specific nic cards... Thaidog Linux - Networking 4 07-01-2005 08:31 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:34 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration