LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Routing network to intranet gateway (https://www.linuxquestions.org/questions/linux-networking-3/routing-network-to-intranet-gateway-853306/)

john-g 12-30-2010 11:58 AM
Routing network to intranet gateway
 
Hi,

I am kind of a newbie and have the following query.

Basically I have this CentOS machine (LinPC) connected to the internet router (192.168.0.254 netmask 255.255.255.0) via eth1 (192.168.0.20 netmask 255.255.255.0) and have an ethernet switch connected to eth0 (192.168.3.250 netmask 255.255.255.0).

LinPC runs a dhcp daemon so as to provide IP addresses 192.168.3.x to devices on the ethernet switch.

This means that both networks are separate. However I'd like to have machines on the ethernet switch to use the router gateway without having access to the other PCs connected with the router switch ports i.e. 192.168.0.x.

Any ideas?

Do I have to set up DNS on 192.168.3.250? Any ideas?

Following is the routing table.

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.3.0 * 255.255.255.0 U 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
default 192.168.0.254 0.0.0.0 UG 0 0 0 eth1

192.168.0.254 is a router connected to a modem connected to the internet. It has dhcp and dns services running as well. So far I don't sense it is conflicting with the CentOS dhcpd.

Pls help.
John

randomcoww 12-30-2010 04:51 PM
I think a few firewall rules on your CentOS box will do.
IP forward/masquerade eth0 and eth1 but drop access from eth0 to the range 192.168.0.0/24. If you want it to be able to access the gateway itself you will need an additional exception to allow access to 192.168.0.254. You will probably only need this for specific ports.

You won't need a separate DNS for your 192.168.3.0/24 subnet. You can add the subnet to your existing DNS on the gateway and allow DNS access from the subnet to your gateway (this will be an additional firewall rule).

The DHCP won't conflict because DHCP is contained to a subnet.

If you want the 192.168.3.0/24 machines to be able to access internet through your gateway you can do one of the following:
- Static route on your gateway to set 192.168.3.0/24 traffic to go to your CentOS box.
- Routing protocol between your gateway and CentOS box.
- CentOS box running NAT - in this case 192.168.0.0/24 machines won't be able to access machines in 192.168.3.0/24 unless you run port forwarding on your CentOS box.


All times are GMT -5. The time now is 01:50 PM.