On Sat, 2005-09-10 at 09:47 -0500, Brent wrote: > I have a Fedora Core 4 box that sits on two networks and I need it to > access both networks at the same time. > > One interface (ext_cm, eth1) connects to a cable modem and out to the > internet. I need this to be the default gateway for the machine, meaning > any traffic originating from the machine goes out this connection. > > The other interface (ext_sh, eth0) sits inside a private network on one > subnet connected to several other subnets. Also this whole network is > able to get to the internet through a state wide firewall/NAT. The > machine has a DNS entry on this firewall so when traffic comes in > through the firewall it gets routed to this machine. > > The problem is that when the machine goes to reply to HTTP requests > coming in on ext_sh it sends the replies out ext_cm and thus when the > packets get to the clients they reject them as coming from the wrong host. > > I need to know how to get the machine to send replies out the interface > that the requests come in so that they machine is available via its DNS > address through the ext_sh network. > > It looks something like this: > > Net <->cable modem<->FC4 Box<->ext_sh network<->router<->firewall<->net > > and I need packets that come in from one side to go back out the same > side, but instead they are all getting sent out the default gateway > cable modem. > > Anyone have any bright ideas? ---- most of my bright ideas don't seem to have anything to do with Linux as there are too many people way ahead of me. In your case, you need some static routes to tell your system how to get there. As you have surmised, all attempts to communicate to systems other than the subnet on eth0 will go through your default gateway. man route would be helpful here... let's say eth0 is 192.168.1.1 subnet mask 255.255.255.0 and you have a network 192.168.2.0 subnet mask 255.255.255.0 which is accessible via a router machine at 192.168.1.254, then you would want to... route add -net 192.168.2.0 netmask 255.255.255.0 gateway 192.168.1.254 I think - this of course is untested but I think you should be able to glean what you need. Craig
