Greetings:
I''m working with the following configuration:
Box C
+--------+ _/\__/\_
| |(63..a) / \
| Router/+----------( Internet )
|Firewall|aps0 \_ __ _/
+----+---+ \/ \/
eth1|(204..a) |
| +--+----+
| | Linux | Box A
DMZ------------+----------+-- +-------+
|
|
+---+---+ 63..b
| Linux | 63..c
+-------+
Box B
Box C is supposed to be a router/firewall for devices on the
internal "DMZ" network. Right now I''m just trying to get the
routing working before I do the rest. I''ve started a simple
configuration script which does the following:
# Add routing rules
#
ip rule add iif aps0 to 63..a/32 lookup main priority 190
ip rule add iif aps0 to 63..0/29 lookup isdn-dmz priority 200
ip rule add iif eth1 to 204..a/32 lookup main priority 210
ip rule add iif eth1 lookup dmz-isdn priority 220
# Create routing tables
#
#dmz-isdn table routes
ip route add default dev aps0 table dmz-isdn
#isdn-dmz table routes
ip route add default dev eth1 table isdn-dmz
# Make rules/routes active
ip route flush cache
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
From my understanding of things, the above should be sufficient to
allow me to ping box B from box A. However I am unable to do so. I know
the problem is my router because a) I can ping the router (63..a) from Box
A, b) tracerout of box B''s ip address shows a complete path to the
router where
it dies.
what am I missing?
--
depaan@bibleinfo.com
--------------------------------------------------------------
Want answers to life''s big questions? Visit www.bibleinfo.com.