[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Routing with opensuse 10.2

Posted on 2007-08-08
5
Medium Priority
?
1,254 Views
Last Modified: 2013-11-16
Hello Experts,
I am trying  to setup a router using opensuse10.2 between two public networks. We are changing to a new ISP and have to migrate all of our Internet accessable servers to the new network.

Our new address range is 203.97.94.144/28.  Our router's internal facing ip is 203.97.94.158 and the mask is 255.255.255.240.

We have a stub network of 203.167.233.0/30 that we have to use to connect to our ISP.  The ISP's router ip is 203.167.233.1 and our Internet facing ip will be 203.167.233.2.  The mask is 255.255.255.252.

I need to be able to route between the 203.97.94.144/28 and 203.167.233.0/30 networks, but not nat.  

0
Comment
Question by:PEI_IT
  • 2
  • 2
5 Comments
 
LVL 7

Accepted Solution

by:
ezaton earned 1500 total points
ID: 19658397
What happens if you set your Linux to the following:
1. Internal network: 203.97.94.158/28
2. External network: 203.167.233.2/30
3. Default GW: 203.167.233.1
4. 'echo 1 > /proc/sys/net/ipv4/ip_forward'
5. IPtables off (for the tests, of course)

?
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 19658401
Hi,

Will you please clarify your qestin in that:
- you say your router has an internal address. and you say you have 203.97.94.144/28 segment. How are the two segments conected where's the gateway (a host with two interfaces one in 203.97.94 segment the other one in 203.97.94 segment.

- If you have such a gateway then your gateways's default gateway must be 203.97.95.158.
- your router must have a route setting like thar
203.97.94.144 netmask 255.255.255.240 gw (your gateways interface ip on 203.97.94 segment)
- also check with your ISP that the router located at 203.167.233.2/30 has a routing setting for both of your IP ranges:
203.97.94.144 netmask 255.255.255.240 gw 203.167.232.1
203.97.94.158 netmask 255.255.255.240 gw 203.167.232.1

If you have these settings and enabled routing between your gateway systems i_nterface then you should be using the connection.
0
 

Author Comment

by:PEI_IT
ID: 19658661
Thanks ezaton,
You wrote:

What happens if you set your Linux to the following:
1. Internal network: 203.97.94.158/28
2. External network: 203.167.233.2/30
3. Default GW: 203.167.233.1
4. 'echo 1 > /proc/sys/net/ipv4/ip_forward'
5. IPtables off (for the tests, of course)

This worked perfectly.  The trick was: echo 1 > /proc/sys/net/ipv4/ip_forward.

Now, how do you enable the firewall on the routing linux box without killing the routing that we have just set up between the two networks?
0
 

Author Comment

by:PEI_IT
ID: 19659643
I solved the issue.  I did the following to my router:
1. Configured my nics with Yast.  
2. In Yast--->Network Services--->Routing,  I enabled IP forwarding.
3. In Yast--->Security and Users--->Firewall--->Interfaces, I made both nics members of the External Zone since they were both publicly accessable.
3. Edited the firewall config file, /etc/sysconfig/SuSEfirewall2
     a. This file is well commented.  
     b. If you are setting up your machine as a router, you will have to edit options 2, 3, 5, 6, 9, 7, 10, 11, 12, 13, 14.
     c. The option of concern is #13.  This option allows you to pass packets from network to network without taking down the firewall. for example, if you wanted to pass all packets from all networks to  all  other networks you would enter: FW_FWD="0/0,0/0"

I hope that this helps anyone else out who has a similar problem.
0
 
LVL 7

Expert Comment

by:ezaton
ID: 19660009
Great. I'm not much of a Suse fan. Had many issues with it, and Yast makes me sick (and thus my "manual" solution), however, if it works for you - great!
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month17 days, 17 hours left to enroll

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question