[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Martian source... Need to have route to other networks via internal interface. What to do?



Yes. Thats right.

But..
                          217.x.x.y
Internet --- [ cisco router ] -----------------+ eth0 217.x.x.x
                    |192.168.0.254           [linux box]
                  [switch] --------------------+ eth1 192.168.0.1/24
                    |
                  Several LANs including 192.168.1.0/24 for example...

Linux box dont need to route outside LAN. It must use specified GW for route other LAN networks.
If I use YAST to add rotes it works strange.
Manual adding route like:
route add -net 192.168.1.0/24 gw 192.168.0.254
works! [censored]! Still [censored] with yast and its environment to keep reached configuration :-)

Next step will be adding dynamic routing driven by cisco :-(


Sergei Keler
General DataComm
IT-manager
tel.:     +7(812)325-1085
fax:     +7(812)325-1086


On 22.11.2005, at 17:38, Dana Hudes wrote:

192.168.0.254 is a legitimate RFC1918 address.
Its not publicly routable but its fine to use behind a proxy or NAT
gateway in a private network.

On Tue, 22 Nov 2005, Dirk Schreiner wrote:

Hi*,

anyway there will never be a net 192.168.0.254/24.

Syv Ritch wrote:
Sergei Keler wrote:

Next, what you recommend as linux implementation of Cosco's EIGRP?
Ciscos use EiGRP to keep routes between them using 192.168.0.254/24 net.

1. EIGRP is proprietary to Cisco, and only runs on Cisco gear.
2. There is nothing in EIGRP that "keep routes between them using
192.168.0.254/24 net".
For a simplified explanation of EIGRP:
[...]

Dirk






















TRIA IT-consulting GmbH
Joseph-Wild-Straße 20
81829 München
Germany
Tel: +49 (89) 92907-0
Fax: +49 (89) 92907-100
http://www.tria.de


Registergericht München HRB 113466
USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600
Geschäftsführer: Richard Hofbauer
kaufm. Geschäftsleitung: Rosa Igl--------------------------------------------------------
Nachricht von: Dirk.Schreiner@xxxxxxx
Nachricht an: suse@xxxxxxxxxxxxxxx, skiller@xxxxxx, suse- security@xxxxxxxx
# Dateianhänge: 0























--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here