Creating a Gateway
Aaron Gray
aaronngray.lists at gmail.com
Wed May 11 17:36:20 UTC 2011
On 11 May 2011 18:01, Tim <ignored_mailbox at yahoo.com.au> wrote:
> On Wed, 2011-05-11 at 17:13 +0100, Aaron Gray wrote:
>> I now have DHCP working fine and a client attached, but am having
>> problems adding a gateway.
>>
>> I have used WebMin to attempt to do it, adding a Static route and
>> setting the "config as Router" option.
>>
>> This has added a file :-
>>
>> $ cat route-eth1
>> ADDRESS0=192.168.1.0
>> GATEWAY0=192.168.0.1
>> NETMASK0=255.255.255.0
>
> You've got two different sub-nets there, and the netmask says they're to
> be considered differently. Is that what you're intending?
>
> Theoretically, there has to be a gateway bridging between 192.168.0 and
> 192.168.1 (it could be a router, it could be a computer). *It* has to
> be able to talk to either side, and each side needs to be told that it's
> the gateway.
>
> e.g.
> +------------------+
> | gateway with |
> | two interfaces |
> | that communicate |
> | with each other |
> 192.168.0 network --> | 192.168.0.254 |
> | & |
> | 192.168.1.254 | <-- 192.168.1 network
> +------------------+
>
> The 192.168.0 network has 192.168.0.254 as its gateway.
> The 192.168.1 network has 192.168.1.254 as its gateway.
>
> Any time a computer on the 192.168.0 network tries to talk to something
> on the 192.168.1 network, the netmask identifies that address is outside
> of its own network, so it must go through the gateway. And vice versa.
>
> They are isolated from each other, with only the gateway between them,
> in theory... In practicality, if you put all the computers with
> different addresses on a common switch, it's possible for them to
> chatter directly between themselves when you didn't want them to. As
> people will break rules, and there are some basic low-level networking
> traffic below IP. And this can make things difficult for debugging with
> the newcomer who can see network lights blinking but gets networking
> errors.
>
> If you look at a netmask like 255.255.255.0, it's showing you that the
> first three quads of the address (192 and 168 and 0) must be the same to
> be considered as being on the same network, and therefore directly
> communicable between each other. If those parts of the address are
> different, then they're not on the same network, and communication has
> to be routed through the gateway.
>
> As far as configuring the gateway, it's a very long time since I've done
> this, and I can't remember much beyond having to enable IP forwarding on
> it.
>
> For the sake of network simplicity, it's easiest if your gateway is also
> the DHCP server, and all of its LAN interfaces have fixed IP addresses.
> It gets messy trying to boot up a computer that's waiting for networks
> to be up before the DHCP server will start, and for network interfaces
> to come up without a DHCP server to give them an address.
>
> That's *almost* how my LAN currently works. My DHCP and DNS server is a
> computer with fixed IP addresses. NetworkManager is not used on it.
> All my computers are on the same subnet. The only gateway I have is the
> modem/router to the internet, it's a standalone device, and it's DCHP
> server is switched off. My DHCP server doles out IP addresses, puts the
> info in the DNS server, tells the clients its own address for the local
> DNS server, and gives out the modem/router IP as the gateway.
>
> P.S. If this is part of some prior thread, I can't tell, as you've
> started a new one. So I have no idea about any previous information you
> might have supplied.
>
> --
> [tim at localhost ~]$ uname -r
> 2.6.27.25-78.2.56.fc9.i686
>
> Don't send private replies to my address, the mailbox is ignored. I
> read messages from the public lists.
Yes Network Forwarding is enabled.
I have an existing network on 192.168.0.1 served by a Netgear Router,
then a Linux box with two ethernet cards. I am trying to get the
gateway working for the 192.168.1 subnet to be able to see the
internet.
I tried the gateway address as 192.168.0.254 but that did not work either.
Many thanks for the reply,
Aaron
More information about the users
mailing list