Hi,

Trying to setup a development LAMPP server. Following link is an overview of the setup. Unfortunately, I'm just taking baby steps at linux networking.

Setup Overviewhttp://img84.imageshack.us/img84/943...rksmallmm0.jpg

route -n yields the following


Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
xxx.xxx.xx.128 0.0.0.0 255.255.255.128 U 0 0 0 eth0
192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
0.0.0.0 192.168.3.1 0.0.0.0 UG 0 0 0 eth1

Any 192.168.xxx.xxx traffic should be routed to eth1 and any web traffic should be routed to eth0. As of now, unable to access the web nor ping from the outside. Do I add individual routes to each of the 192.168.x.0(ie. 192.168.1.1, 192.168.3.1 and 192.168.8.1) and have the xxx.xxx.xx.128 gateway as the default GW? Any suggestion or point in the right direction will appreciated.

QL

p.s. Sorry for the posting format. Learning how to post.

Nope. As its configured traffic to the network you have x'd out will go to ETH1, all other internet traffic will route out of ETH0. The key here is the 0.0.0.0 or "default" route. Any packets destined for networks that are not matched elsewhere in the table will follow the default route.

Your subnet mask for eth1 is 255.255.255.0, so you can only talk directly to devices in the range 192.168.3.x. To set eth1 up as shown you need to have a 255.255.0.0 mask on eth1.

You then need the default route 0.0.0.0 with a gateway of xxx.xxx.xxx.129.

Hi baldy,

Thanks for the reply. If I got you right, I add a route for 192.168.0.0 to eth1 and make xxx.xxx.xxx.129 as default gateway(i.e all others) for eth0.

Is the following the right way of achieving this? In this order?

route add -net 192.168.0.0 netmask 255.255.0.0 dev eth1
route add default gw xxx.xxx.xxx.129 dev eth0

route del -net 192.168.3.0 netmask 255.255.255.0 dev eth1

How can I go about doing this without losing my current connection. I'm connected through VPN and am currently working from home. Will the routing changes in some way render the server inaccessible requiring me to manually bring it up?

Thank you.

QL

This has been solved.

The issue is summarized below:

The are 2 interfaces(i.e eth0 and eth1).
etho is assigned a static public ip and eth1 is assigned a static private ip.

I added two static routes and updated default gateway specifically in the following order:

route add -net 192.168.3.0 netmask 255.255.255.0 gw 12.168.3.1 eth1
route add -net 192.168.0.0 netmask 255.255.0.0 gw 192.168.3.1 eth1
route add default gw xxx.xxx.xxx.129 eth0

Verified and confirmed things were ok. These routing will not survive a reboot so to make it permanent, I added the above commands to /etc/rc.local(this method is supposed to be the "dirty" way as opposed to having the settings in the /etc/sysconfig/network-scripts/route-ethX method, look it up if interested).

Like I said in the previous post about being connected via VPN and cannot afford to have a wrong route that will disable my VPN access. Well, I did set a wrong route at first try itself and lost my VPN access. A nice network engineer restarted the server on request which restored the original routing table. If you are not sure what you are doing and you don't have physical access to the machine, (i.e. can't afford to lose you r remote access due to your wrong routing rule) this is how I did it. This may not be the right or the most elegant way of doing it but it did work for me. What you do is, setup a temporary cron job say like every 15 minutes or so to restart the network service. This will restore your routing to the default settings before your messing with routing. To do this,

crontab -e

add the following line

0,15,30,45 * * * * /etc/init.d/network restart

Now the network will be restarted every 15 minutes and you CAN mess with the routing and if you do lose your connection, worst case scenario is you wait for 15 minutes to try again. Note: the path to the network service must be the absolute path. Once you arrive at the setting that works, remove the line from crontab and write the settings to rc.local(or the other method mentioned above).


QL