• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1259
  • Last Modified:

Routing with opensuse 10.2

Hello Experts,
I am trying  to setup a router using opensuse10.2 between two public networks. We are changing to a new ISP and have to migrate all of our Internet accessable servers to the new network.

Our new address range is 203.97.94.144/28.  Our router's internal facing ip is 203.97.94.158 and the mask is 255.255.255.240.

We have a stub network of 203.167.233.0/30 that we have to use to connect to our ISP.  The ISP's router ip is 203.167.233.1 and our Internet facing ip will be 203.167.233.2.  The mask is 255.255.255.252.

I need to be able to route between the 203.97.94.144/28 and 203.167.233.0/30 networks, but not nat.  

0
PEI_IT
Asked:
PEI_IT
  • 2
  • 2
1 Solution
 
ezatonCommented:
What happens if you set your Linux to the following:
1. Internal network: 203.97.94.158/28
2. External network: 203.167.233.2/30
3. Default GW: 203.167.233.1
4. 'echo 1 > /proc/sys/net/ipv4/ip_forward'
5. IPtables off (for the tests, of course)

?
0
 
Kerem ERSOYPresidentCommented:
Hi,

Will you please clarify your qestin in that:
- you say your router has an internal address. and you say you have 203.97.94.144/28 segment. How are the two segments conected where's the gateway (a host with two interfaces one in 203.97.94 segment the other one in 203.97.94 segment.

- If you have such a gateway then your gateways's default gateway must be 203.97.95.158.
- your router must have a route setting like thar
203.97.94.144 netmask 255.255.255.240 gw (your gateways interface ip on 203.97.94 segment)
- also check with your ISP that the router located at 203.167.233.2/30 has a routing setting for both of your IP ranges:
203.97.94.144 netmask 255.255.255.240 gw 203.167.232.1
203.97.94.158 netmask 255.255.255.240 gw 203.167.232.1

If you have these settings and enabled routing between your gateway systems i_nterface then you should be using the connection.
0
 
PEI_ITAuthor Commented:
Thanks ezaton,
You wrote:

What happens if you set your Linux to the following:
1. Internal network: 203.97.94.158/28
2. External network: 203.167.233.2/30
3. Default GW: 203.167.233.1
4. 'echo 1 > /proc/sys/net/ipv4/ip_forward'
5. IPtables off (for the tests, of course)

This worked perfectly.  The trick was: echo 1 > /proc/sys/net/ipv4/ip_forward.

Now, how do you enable the firewall on the routing linux box without killing the routing that we have just set up between the two networks?
0
 
PEI_ITAuthor Commented:
I solved the issue.  I did the following to my router:
1. Configured my nics with Yast.  
2. In Yast--->Network Services--->Routing,  I enabled IP forwarding.
3. In Yast--->Security and Users--->Firewall--->Interfaces, I made both nics members of the External Zone since they were both publicly accessable.
3. Edited the firewall config file, /etc/sysconfig/SuSEfirewall2
     a. This file is well commented.  
     b. If you are setting up your machine as a router, you will have to edit options 2, 3, 5, 6, 9, 7, 10, 11, 12, 13, 14.
     c. The option of concern is #13.  This option allows you to pass packets from network to network without taking down the firewall. for example, if you wanted to pass all packets from all networks to  all  other networks you would enter: FW_FWD="0/0,0/0"

I hope that this helps anyone else out who has a similar problem.
0
 
ezatonCommented:
Great. I'm not much of a Suse fan. Had many issues with it, and Yast makes me sick (and thus my "manual" solution), however, if it works for you - great!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now