This shows you the differences between two versions of the page.
linux:servers:dvorak [2012/03/20 18:36] walter |
linux:servers:dvorak [2021/05/02 21:36] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | * In the rack, number 2 on the kvm. | ||
- | * Local IP: 172.29.0.1 | ||
- | * dvorak.cs.uic.edu | ||
- | * acm-linux.cs-icl.uic.edu | ||
- | * is currently doing package routing for the LAN. | ||
- | * Network DHCP Server | ||
- | ====== Route to Wireless Subnet ====== | ||
- | |||
- | Since the servers need to provide services to the wireless, 10.0.0.0/24, subnet and since they have static networking a a default route out their external IPs, a new routing table, route, and rules need to be added in order to let them talk to the wireless subnet. **This only applies to machines that do not have the same default route as the one handed out by DHCP** | ||
- | |||
- | Create a new routing table | ||
- | <code> | ||
- | echo 1 wireless >> /etc/iproute2/rt_tables | ||
- | </code> | ||
- | |||
- | Add the routing rule to the new table | ||
- | <code> | ||
- | ip route add default via 172.29.0.1 dev <lan dev> table wireless | ||
- | </code> | ||
- | |||
- | Add routing rules | ||
- | <code> | ||
- | ip rule add to 10.0.0.0/24 dev <lan dev> table wireless | ||
- | ip rule add from 10.0.0.0/24 dev <lan dev> table wireless | ||
- | </code> | ||
- | |||
- | Add these to the POST_UP command in the netcfg profile or equivalent system so that the rules are set a boot time. | ||
- | |||
- | ====== Router Configuration ====== | ||
- | |||
- | iptables config script for basic sharing setup | ||
- | <file> | ||
- | #!/bin/bash | ||
- | |||
- | ipt="/usr/sbin/iptables" | ||
- | #Vars | ||
- | $WAN_IFACE="wan0" | ||
- | $WAN_IFACE_BAK="wan1" | ||
- | $SOURCE_IP="131.193.17.26"" | ||
- | $SOURCE_IP_BAK="131.193.35.164" | ||
- | #Flush active rules and delete custom chains | ||
- | $ipt -F | ||
- | $ipt -t nat -F | ||
- | $ipt -t mangle -F | ||
- | $ipt -X | ||
- | $ipt -t nat -X | ||
- | $ipt -t mangle -X | ||
- | |||
- | #Set default policies | ||
- | $ipt -P INPUT ACCEPT | ||
- | $ipt -P FORWARD ACCEPT | ||
- | $ipt -P OUTPUT ACCEPT | ||
- | $ipt -t nat -P OUTPUT ACCEPT | ||
- | $ipt -t nat -P PREROUTING ACCEPT | ||
- | $ipt -t nat -P POSTROUTING ACCEPT | ||
- | $ipt -t mangle -P PREROUTING ACCEPT | ||
- | $ipt -t mangle -P POSTROUTING ACCEPT | ||
- | |||
- | #loopback sanitity check | ||
- | $ipt -A INPUT -i lo -j ACCEPT | ||
- | $ipt -A OUTPUT -o lo -j ACCEPT | ||
- | |||
- | #rewrite rule | ||
- | $ipt -t nat -A POSTROUTING -o $WAN_IFACE -j SNAT --to-source $SOURCE_IP | ||
- | $ipt -t nat -A POSTROUTING -o $WAN_IFACE_BAK -j SNAT --to-source $SOURCE_IP_BAK | ||
- | </file> | ||
- | |||
- | ====== Links ====== | ||
- | [[http://kindlund.wordpress.com/2007/11/19/configuring-multiple-default-routes-in-linux/]] |