> In article <firstname.lastname@example.org>, Paul Jakma <email@example.com> wrote:
> >On Sun, 31 Jan 1999, Martin Mares wrote:
> >> If you don't want the route, why do you set a non-trivial
> >> netmask for the interface?
> >why do i have piss about with hacky network setup scripts, when
> >before i could "ifconfig" "route" and have things the way i want
> i believe you're missing the whole point. Alexey summed it up nicely
> earlier. when you ifconfig an interface the main thing you do is tell
> the kernel which set of ip addresses can be reached directly via that
> interface. ie the route is implicit when you configure the interface.
> if you're wanting something different then you either don't understand
> and/or you're doing something wrong!
# Configure the interfaces
ifconfig lo 127.0.0.1
ifconfig eth0 $ip1 netmask 255.255.255.0 broadcast x.x.x.255 arp
ifconfig eth1 $ip1 netmask 255.255.255.0 broadcast x.x.x.255 arp
ifconfig eth1:0 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
# Add routes for the networks
route add -net 127.0.0.0
route add -net x.x.x.0 netmask 255.255.255.0 eth0
route add -net 192.168.1.0 netmask 255.255.255.0 eth1:1
# The spare static ip's are routed out eth1, the store
# lan, so that machines there can have static ip's as
route add -host $ip2 eth1
route add -host $ip3 eth1
route add default gw $gw metric 1
# Setup the default policy, and masquerade the
# private ip space.
echo "1" > /proc/sys/net/ipv4/ip_forward
ipfwadm -F -f
ipfwadm -F -p deny
ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
#Allow packets for the sjcc<->voyager link to be forwarded.
ipfwadm -F -a accept -S x.x.x.0/24 -D 0/0
ipfwadm -F -a accept -S 0/0 -D x.x.x.0/24
#accept packets for the static ips on the voyager lan.
arp -i eth0 -Ds $ip2 eth0 pub
arp -i eth0 -Ds $ip3 eth0 pub
#accept packets for the router on the storelan.
arp -i eth1 -Ds $gw eth1 pub
Note, when I ifconfig eth1, it is the same as eth0. Automatically adding a
network route for both eth? devices is bad.
This is a setup actively in use at a site I maintain. The upstream router
thinks it is talking to machines local to it, while the linux router is just
proxyarp'ing for them. Ie, this is very similiar to a bridge.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to firstname.lastname@example.org
Please read the FAQ at http://www.tux.org/lkml/