Daniel Hokka Zakrisson wrote:
> Roderick A. Anderson wrote:
>> Oliver Welter wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> Hi Rod,
>>>
>>>> Has anyone configured a Linux-Vserver with three NICs to three
>>>> different
>>>> networks?
>>>>
>>>> Two WANs and one LAN. The guests will need to access at least one and
>>>> possibly two or three of the networks. All traffic needs to go back
>>>> out
>>>> the same interface it came in on.
>>>>
>>> I am successfully running such a setup. The only issue you have to care
>>> about is routing of outgoing connections if your default gateway of the
>>> host is not reachable from inside the guest.
>>> You can use "ip" tools to set source based routing rules, here is an
>>> excerpt of mine:
>>>
>>> $IP route add 82.x.x.0/25 dev vlan3 table 103
>>> $IP route add default via 82.x.x.1 dev vlan3 table 103
>>> $IP rule add from 82.x.x.0/25 table 103
>>>
>>> I put this into an init script.
>> Thanks. I _have_ been down this path but never with a good map or
>> directions. :-)
>>
>> Redhat/Fedora/CentOS all have a ifup-/ifdown-routes scripts. Problem is
>> they are poorly documented. Looking at the one on my CentOS 5 system
>> there are labels; ADDRESS, GATEWAY, NETMASK; and code blocks for route,
>> rule, etc. but no documentation.
>
I was starting to see this but I'm not that great with (bash) shell
scripting and the various 'Event Designators' (Well that's what the man
page calls them.)
> It's really very simple, you just create a
> /etc/sysconfig/network-scripts/rule-ethX file containing your rules, e.g.
> from 1.2.3.4 lookup 4
> and then /etc/sysconfig/network-scripts/route-ethX containing something like
> 1.2.3.4/24 dev ethX table 4
> default via 1.2.3.1 dev ethX table 4
So basically each _kind_ of file contains what would go after the
"OBJECT" of the "ip" command and they are all _add_s.
Thanks,
Rod
-- > >> This all looks familiar (he types with eyes downcast) from a list thread >> in September 2006. >> >> I'm going hunting for the Redhat (CentOS) pages on this and try again. >> >> Thanks for the hint. >> >> >> Rod >> -- >>> Oliver >>> >>> - -- >>> Protect your environment - close windows and adopt a penguin! >>> PGP-Key: 3B2C 8095 A7DF 8BB5 2CFF 8168 CAB7 B0DD 3985 1721 >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v2.0.7 (GNU/Linux) >>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >>> >>> iD8DBQFHe7y4yrew3TmFFyERAmFpAJ4mKxf69copX417CQoSw29s3chaMACffHzV >>> Z7YZ8j/uX5Z6DbFloWgnvc0= >>> =WgyN >>> -----END PGP SIGNATURE----- >Received on Fri Jan 4 01:20:34 2008