Help needed for a box with 4 Ethernet Interfaces

Eduardo Spremolla edspremolla at
Thu Aug 4 18:46:21 CEST 2005

You can't have Box A with ip on a subnet, the
same goes for Box C. They need ip in the subnet range.
After that we may start to talk about roouting.


On Thu, 2005-08-04 at 09:11 -0700, Dave Johnson wrote:
> Hi All:
> I need help to setup my box with some complicated configuration.
> I have a box with 4 Ethernet Interfaces:
> Eth0:
> Eth1:
> Eth2:      ------> Connected to a box A with an IP address of
> Eth2:    ------> Connected to a box C with an IP address of (which is
> same as IP address of Eth1)
> Loopback Interface:
>                                                                          ------------
>                                             -----------------------------|  Box D   |
>                        |                            |          |
>          Mgmt Port<---------------------|   |                            ------------
>                                         |   |       
>                                    Eth0 |   | Eth1 (for internal network)
>  ------------                        ------------                        ------------
>  |  Box A   |________________________|  Box B   |________________________|  Box C   |
>  |          |                    Eth2|          | Eth3                   |          |
>  ------------        ------------    ------------             
> Here is what I want to do:
> Packets from Eth2 should only go to Eth3 except the ones detined to Eth0's IP.
> Packets from Eth3 should only go to Eth2 except the ones detined to Eth0's IP.
> Local packets destined for Eth1's ip and its subnet should be forwarded via Eth1 only.
> Packets from Eth1 can only be directed to Eth0. 
> This will allow me to ping Box A ( from Box C ( without getting a response
> from Box B who has local interface with address
> Basically I want to isolate interfaces in 2 groups:
> One with Eth0, Eth2 and Eth3
> Second with Eth0 and Eth1.
> I tried IPtables and multiple routing tables but it did not work. I think I need some directions
> as to how would this even be possible.
> Thanks
> Dave.
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around 

Este e-mail y cualquier posible archivo adjunto está dirigido únicamente al destinatario del mensaje y contiene información que puede ser confidencial. Si Ud. no es el destinatario correcto por favor notifique al remitente respondiendo este mensaje y elimine inmediatamente el e-mail y los posibles archivos adjuntos al mismo de su sistema. Está prohibida cualquier utilización, difusión o copia de este e-mail por cualquier persona o entidad que no sean las específicas destinatarias del mensaje. ANTEL no acepta ninguna responsabilidad con respecto a cualquier comunicación que haya sido emitida incumpliendo nuestra Política de Seguridad de la Información.
. . . . . . . . .
This e-mail and any attachment is confidential and is intended solely for the addressee(s). If you are not intended recipient please inform the sender immediately, answering this e-mail and delete it as well as the attached files. Any use, circulation or copy of this e-mail by any person or entity that is not the specific addressee(s) is prohibited. ANTEL is not responsible for any communication emitted without respecting our Information Security Policy.

More information about the netfilter mailing list