Re: Routing with 2 ISP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Bill,
>>
> The easiest way to do this is to put all the commands in a shell script you
> run out of the run levels you want. Not that you can't hack scripts and save
> iptables, and do wonderful stuff, but a shell script has a nice provision
> for comments so you can see what you are doing, it does one thing at a time
> so it's easier to figure out what didn't work, and you can use your favorite
> version control system to track what you do.

Thank you, I have done little research and I have noticed :
/etc/sysconfig/network-scripts/ifup-routes which seems to use
route-$IFNAME and rule-$IFNAME file, passing lines to ip command.
Maybe I can try a little game in this area.
>
> Also, unless you have nothing but machines and people you trust on all these
> little subnets, have the external ISP connections on NICs not reachable from
> the  private machines without going through your firewall. Having had a 12
> years old tell me "Oh I read the man page and changed the netmask" was a
> revelation. Unless people are totally trusted and really competent, assume
> they will (maybe by accident) do something you don't want. Also, packets
> from the ISP in eth0.8 can physically reach the subnets (unless you have
> VLAN switches or similar).

Yes, I am using VLAN switches, so subnets can not be physically
reached when used 255.255.0.0 netmask.

Thank you and Best Regards,
David Hlacik

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux