Linux IP Routing Tables

Anyone know anything about IP routing tables on RedHat? I’m just learning, and have a working router someone else set up. If anyone knows anything about it, I’ll post the question.
I’m trying to add something, but not quite sure how.

Are you trying to add a new route to the table?

Is it IPTables you are using, as in firewall type rules?

Have a bunch of private IPs that come in eth1. The main gateway is eth0.
tables do this:

/sbin/iptables/ -t nat -A POSTROUTING -o eth0 -s 192.168.0.50 -j SNAT --to-source 207.xxx.xxx.63
/sbin/iptables/ -t nat -A POSTROUTING -o eth0 -s 192.168.0.51 -j SNAT --to-source 207.xxx.xxx.63
/sbin/iptables/ -t nat -A POSTROUTING -o eth0 -s 192.168.0.52 -j SNAT --to-source 207.xxx.xxx.63
ETC.
All IPs on the private block come out with 207.xxx.xxx.63 as their address.

I thought I could add an eth2 with a different gateway on a different IP block

/sbin/iptables/ -t nat -A POSTROUTING -o eth0 -s 192.168.0.50 -j SNAT --to-source 207.xxx.xxx.63
/sbin/iptables/ -t nat -A POSTROUTING -o eth2 -s 192.168.0.51 -j SNAT --to-source 204.xxx.xxx.253
/sbin/iptables/ -t nat -A POSTROUTING -o eth0 -s 192.168.0.52 -j SNAT --to-source 207.xxx.xxx.63
ETC.

and send some private IPs out the other gateway, with an IP on that group. EG the receptionist gets routed to the DSL, the printshop to the E10 gateway. But it appears the table doesn’t actually route, it masquerades.
Right?
(first time I ever played with this stuff)

[quote=“herbie_popnecker”]Have a bunch of private IPs that come in eth1. The main gateway is eth0.
tables do this:

/sbin/iptables/ -t nat -A POSTROUTING -o eth0 -s 192.168.0.50 -j SNAT --to-source 207.xxx.xxx.63
/sbin/iptables/ -t nat -A POSTROUTING -o eth0 -s 192.168.0.51 -j SNAT --to-source 207.xxx.xxx.63
/sbin/iptables/ -t nat -A POSTROUTING -o eth0 -s 192.168.0.52 -j SNAT --to-source 207.xxx.xxx.63
ETC.
All IPs on the private block come out with 207.xxx.xxx.63 as their address.

I thought I could add an eth2 with a different gateway on a different IP block

/sbin/iptables/ -t nat -A POSTROUTING -o eth0 -s 192.168.0.50 -j SNAT --to-source 207.xxx.xxx.63
/sbin/iptables/ -t nat -A POSTROUTING -o eth2 -s 192.168.0.51 -j SNAT --to-source 204.xxx.xxx.253
/sbin/iptables/ -t nat -A POSTROUTING -o eth0 -s 192.168.0.52 -j SNAT --to-source 207.xxx.xxx.63
ETC.

and send some private IPs out the other gateway, with an IP on that group. EG the receptionist gets routed to the DSL, the printshop to the E10 gateway. But it appears the table doesn’t actually route, it masquerades.
Right?
(first time I ever played with this stuff)[/quote]

That “should” work, its just natting it to the 204.xxx.xxx.253 address on eth2. I will take a closer look tomorrow if you havn’t figured it out tomorrow. There’s another way to do this too but i cant think of it off the top of my head yet, I am just getting off a long! day at work so ill update when I am thinking more clearly.

What do your routing tables show? Might you not have to acutally add a route too?

Like:

route add 192.168.0.51 209.xxx.xxx.253

Oh, thats on a FreeBSD machine too, Redrat might be a bit different with the route add syntax.

That would force all traffic from that IP out that gateway.

Do a netstat -rn and see what the tables show. I have not done NAT on a *nix box for years now. Ive not used IPtables, sorry.

[quote=“VMS”]What do your routing tables show? Might you not have to acutally add a route too?

Like:

route add 192.168.0.51 209.xxx.xxx.253

Oh, thats on a FreeBSD machine too, Redrat might be a bit different with the route add syntax.

That would force all traffic from that IP out that gateway.

Do a netstat -rn and see what the tables show. I have not done NAT on a *nix box for years now. Ive not used IPtables, sorry.[/quote]

redhat would be something like route add -host 192.168.0.51 gw 209.xxx.xxx.253

Sorry about my nonsensical post above :wink:

if I netstat -rn it lists all the ehtX with a gateawy of 0.0.0.0, then 0.0.0.0 gets the default gateway 207.xxx.xxx.254. So I’d want to change eth2s gw to 204.xxx.xxx.193

(i’m sharing a class C. GW =193 MASK=192

goddam. there’s no /etc/sysconfig/static-routes. Just a default gateway in /etc/sysconfig/network
If I went to /etc/rc.d/rc.local added:
route add -net 204.xxx.xxx.253 netmask 255.255.255.192 gw 204.244.94.193 dev eth3
think it would it work? Or preferable to write a static-routes (assuming it’s read by default)?

[quote=“herbie_popnecker”]if I netstat -rn it lists all the ehtX with a gateawy of 0.0.0.0, then 0.0.0.0 gets the default gateway 207.xxx.xxx.254. So I’d want to change eth2s gw to 204.xxx.xxx.193

(i’m sharing a class C. GW =193 MASK=192

goddam. there’s no /etc/sysconfig/static-routes. Just a default gateway in /etc/sysconfig/network
If I went to /etc/rc.d/rc.local added:
route add -net 204.xxx.xxx.253 netmask 255.255.255.192 gw 204.244.94.193 dev eth3
think it would it work? Or preferable to write a static-routes (assuming it’s read by default)?[/quote]

Well, I would just add a static route out eth2 for the ip’s/networks you want to go out that interface. Changing eth2’s gateway to 204.xxx.xxx.193 should work but I had issues with gateways on 2 nic’s.

There should be a /etc/sysconfig/network-scripts/ifup.d you can just add a script in there to add the route, it will bring it up when your interfaces come up.

Not sure exactly what you’re asking but I think that answers it.

Didn’t get to the router today to try this. Busy with a big install at a motel and testing our new VoIP equipment. Will be busy calling everyone I know in Vanc. with the freebee they sent trying to court us as a dealer.
Tomorrow I shall attack the router until I make it work.

Feel free to PM me if you need help I can give you my IM address or whatever, I will be working on a similar project tomorrow :wink:

It’s been a bloody month before I can get back to this!

Trying to add an eth3 with IP of 204.244.94.254 netmask 255.255.255.192 gw 204.244.94.193 to the machine. I have the 1/4 class C 194-255

route add 204.244.94.192/26 gw 204.244.94.193 dev eth3
yields
netmask 0000003f doesn’t make sense with host route