server with 2 ethernet cards

Hello,
I 've a problem with my net.
I've xubuntu 7.10, on a pc with 2 ethernet cards.
I want create a server with firewall

ip eth0=n,m,0,254
ip eth1=n,m,1,2
gateway(n,m,0,254) _____ server
my net--->(layer n,m,0,x)-->|eth0 |
| | gateway eth1
|_eth1|--->layer n,m,1,x----------->(modem adsl)--->INTERNET
ip n.m.1.1
I can configure both eth0 e eth1 but i cannot configure the route between the two cards (I need to see internet in my net..) I can see from the server internet...
How can i create the route between eth0 and eth1? I've tried with: route add -net n,m,0,254 netmask 255.255.255.0 gw n,m,1,1 but it says that the netmask is unuseful and when i don't give the netmask this become automatically 255.255.255.255 ....
Please help me..

this image is not what i mean

mpc26's picture

The original structure was
mynet (level0)-->server eth0(level0)-->sever eth1(level1)-->modem adsl(level1)(internet)
mynet has the gateway that is the the eth0's ip and the eth1's gateway is the modem adsl ip
thanks..

What you're looking for is

FredR's picture

What you're looking for is probably not a route.

I read your post a few times and I believe I understand it. You can post the real ips here I don't think it will hurt.

I think what you're saying is, say for example, eth0 = 192.168.0.7. And eth1 = 192.168.1.1.

You want to route the 192.168.0.x "stuff" (or packets) to 192.168.1.1 so that it may traverse out the modem to the public internet.

But the problem is, the modem is set for Nat mode, and probably will only nat addresses it knows about - 192.168.1.x!

You could tell your modem to be a bridge and setup IPtables and forwarding on your Linux machine, but you may also have to delve into pppoe as well. (Most ADSL providers use pppoe).

A simpler solution may be that, the routing is working and the natting isn't, reconfigure the modem to broaden it's network!

In other words if the network on the modem accomodates 192.168.1.X, change the subnet mask from 255.255.255.0 to 255.255.0.0 ... then it will handle 192.168.x.x!

Chances are though, the dsl modem is better at being a modem than it is being a router. I would recommend you get a dedicated piece of equipment like a Linksys WRT router (they run Linux too!), put the modem in "bridge" mode (your provider can tell you how) and have the WRT do pppoe and Nat.

You'll benefit from the power of Linux, it's a more powerful device than the puny modem your provider provides, but without the electricity usage of a dedicated PC.

As for the extra ethX nic? Use it for a test lab! Hook another linux machine on the other side and play around on the inside of your network.

-- FLR or flrichar is a superfan of Linux Journal, and goofs around in the LJ IRC Channel

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix