linux:servers:dvorak
Differences
This shows you the differences between two versions of the page.
|
linux:servers:dvorak [2015/01/16 22:19] walter [Details and Roles] |
linux:servers:dvorak [2021/05/02 21:36] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Details and Roles ====== | ||
| - | * In the rack, number 2 on the kvm. | ||
| - | * Local IP: 172.29.0.1 | ||
| - | * dvorak.cs.uic.edu | ||
| - | * Router | ||
| - | * DHCP Serve | ||
| - | * DNAT for cuda, brink, and hans IPs | ||
| - | |||
| - | ====== Route to Wireless Subnet ====== | ||
| - | |||
| - | Since the servers need to provide services to the wireless, 10.0.0.0/24, subnet and since they have static networking a a default route out their external IPs, a new routing table, route, and rules need to be added in order to let them talk to the wireless subnet. **This only applies to machines that do not have the same default route as the one handed out by DHCP** | ||
| - | |||
| - | Create a new routing table | ||
| - | <code> | ||
| - | echo 1 wireless >> /etc/iproute2/rt_tables | ||
| - | </code> | ||
| - | |||
| - | Add the routing rule to the new table | ||
| - | <code> | ||
| - | ip route add default via 172.29.0.1 dev <lan dev> table wireless | ||
| - | </code> | ||
| - | |||
| - | Add routing rules | ||
| - | <code> | ||
| - | ip rule add to 10.0.0.0/24 dev <lan dev> table wireless | ||
| - | ip rule add from 10.0.0.0/24 dev <lan dev> table wireless | ||
| - | </code> | ||
| - | |||
| - | Add these to the POST_UP command in the netcfg profile or equivalent system so that the rules are set a boot time. | ||
| - | |||
| - | ====== Router Configuration ====== | ||
| - | |||
| - | iptables config script for basic sharing setup | ||
| - | <file> | ||
| - | #!/bin/bash | ||
| - | |||
| - | ipt="/usr/sbin/iptables" | ||
| - | #Vars | ||
| - | $WAN_IFACE="wan0" | ||
| - | $WAN_IFACE_BAK="wan1" | ||
| - | $SOURCE_IP="131.193.17.26"" | ||
| - | $SOURCE_IP_BAK="131.193.35.164" | ||
| - | #Flush active rules and delete custom chains | ||
| - | $ipt -F | ||
| - | $ipt -t nat -F | ||
| - | $ipt -t mangle -F | ||
| - | $ipt -X | ||
| - | $ipt -t nat -X | ||
| - | $ipt -t mangle -X | ||
| - | |||
| - | #Set default policies | ||
| - | $ipt -P INPUT ACCEPT | ||
| - | $ipt -P FORWARD ACCEPT | ||
| - | $ipt -P OUTPUT ACCEPT | ||
| - | $ipt -t nat -P OUTPUT ACCEPT | ||
| - | $ipt -t nat -P PREROUTING ACCEPT | ||
| - | $ipt -t nat -P POSTROUTING ACCEPT | ||
| - | $ipt -t mangle -P PREROUTING ACCEPT | ||
| - | $ipt -t mangle -P POSTROUTING ACCEPT | ||
| - | |||
| - | #loopback sanitity check | ||
| - | $ipt -A INPUT -i lo -j ACCEPT | ||
| - | $ipt -A OUTPUT -o lo -j ACCEPT | ||
| - | |||
| - | #rewrite rule | ||
| - | $ipt -t nat -A POSTROUTING -o $WAN_IFACE -j SNAT --to-source $SOURCE_IP | ||
| - | $ipt -t nat -A POSTROUTING -o $WAN_IFACE_BAK -j SNAT --to-source $SOURCE_IP_BAK | ||
| - | </file> | ||
| - | |||
| - | ====== Links ====== | ||
| - | [[http://kindlund.wordpress.com/2007/11/19/configuring-multiple-default-routes-in-linux/]] | ||
linux/servers/dvorak.txt ยท Last modified: 2021/05/02 21:36 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
