Thanks Joe / Matt
I've built the kernel with with iproute 2 and iptables support
So can I assume
ip address add 217.161.116.143/32 dev eth0 label eth0:atlas143
ip address add 217.161.116.144/32 dev eth2 label eth2:atlas144
ip address add 217.161.116.145/32 dev eth2 label eth2:atlas145
ip route add 217.161.116.8/32 dev eth0
and either:
1) ip route add default scope global nexthop via 217.161.116.8 dev eth0
weight 1 nexthop via 64.110.101.65 dev eth3 weight 1
or
2) ip route add default scope global via 217.161.116.8 dev eth0
along with the following NAT for each private network behind the router
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j SNAT --to
217.161.116.143
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth3 -j SNAT --to
64.110.101.70
plus iptables DNAT rules for whatever on the 144, 145 and upwards IP's
p.s. Joe in about a month or two I will have a router / firewall built using
dual opteron cpu's for a total of 33 ethernet ports at 100 mbps (tulip
chipset) plus 2 channel bonded gigabit ethernet ports as a 2 gbps backplane
to other devices. Once that puppy is built would you be interested in
looking at it. Just waiting for them to pay for the hardware. It's along the
lines of your previous advice on multi port routers but on a slightly larger
scale. Similar configuration on a smaller scale with a P4 - 2GHz chip has a
thoughput of approx 540 mbps at 92% CPU. I'm hoping that the dual opteron
with it's hypertransport bus will be able to handle the potential maximum of
around 5 gbps. Only sad bit is that the unit is a full 9U. If CPU doesn't
get maxed out it will also double as a RAID5 NAS for archiving of large
files. If your interested in looking at it once it's built please please let
me know.
Cheers
Tikiri
----- Original Message -----
From: "Matt Sullivan"
On Tue, 21 Oct 2003 at 11:43:29 -0500, Joe Abley wrote:
On 21 Oct 2003, at 11:04, Tikiri Wicks wrote:
??? I'm just wondering if anyone has any feedback regarding this situation.
<snip>
If your box is connected to the same broadcast domain as his box, you can probably ARP for your default gateway and find it without having an interface address in the same subnet. On a cisco you can do this with an interface route ("ip route 217.161.116.8 255.255.255.255 eth0"); you'll see this exposed as a connected route with appropriate distance.
For linux (with correct kernel +options / iproute tools) use "ip ro add 217.161.116.8/32 dev eth0" from your preferred shell for the same effect. Your box will then try arp solicitation for this address via eth0. Or if you prefer a more Cisco like implementation then I'd suggest the Zebra routing daemon[s] and Joe's command above.
Matt.