Help needed for a box with 4 Ethernet Interfaces

Dave Johnson davejohnson_hifi at yahoo.com
Thu Aug 4 19:25:29 CEST 2005


Sorry again, Box A and C have 2 interfaces.


--- Dave Johnson <davejohnson_hifi at yahoo.com> wrote:

> 
> Sorry for the confusion. Box A and B have 2 interfaces. 
> Here is updated diagram.
>                                                                          ------------
>                                             -----------------------------|  Box D   |
>                               172.16.6.10   |                            |          |
>          Mgmt Port<---------------------|   |                            ------------
>                                         |   | 192.168.0.1                 192.168.0.2
>                                    Eth0 |   | Eth1 (for internal network)
>  ------------                        ------------                        ------------
>  |  Box A   |10.1.1.1 _______________|  Box B   |_____________21.21.21.1_|  Box C   |
>  |          |                    Eth2|          | Eth3                   |          |
>  ------------     10.1.1.0/24        ------------       21.21.21.9/24    ------------         
>  
>   192.168.0.1                         192.168.0.3                         192.168.0.2
> 
> 
> 
> --- Eduardo Spremolla <edspremolla at antel.com.uy> wrote:
> 
> > You can't have Box A with ip 192.168.0.1 on a 10.1.1.0/24 subnet, the
> > same goes for Box C. They need ip in the subnet range.
> > After that we may start to talk about roouting.
> > 
> > 
> > LALO
> > 
> > On Thu, 2005-08-04 at 09:11 -0700, Dave Johnson wrote:
> > > Hi All:
> > > I need help to setup my box with some complicated configuration.
> > > 
> > > I have a box with 4 Ethernet Interfaces:
> > > 
> > > Eth0: 172.16.6.10
> > > Eth1: 192.168.0.1/24
> > > Eth2: 10.1.1.0/24      ------> Connected to a box A with an IP address of 192.168.0.2
> > > Eth2: 21.21.21.9/24    ------> Connected to a box C with an IP address of 192.168.0.1 (which
> > is
> > > same as IP address of Eth1)
> > > 
> > > Loopback Interface: 192.168.0.3
> > >                                                                          ------------
> > >                                             -----------------------------|  Box D   |
> > >                               172.16.6.10   |                            |          |
> > >          Mgmt Port<---------------------|   |                            ------------
> > >                                         |   | 192.168.0.1                 192.168.0.2
> > >                                    Eth0 |   | Eth1 (for internal network)
> > >  ------------                        ------------                        ------------
> > >  |  Box A   |________________________|  Box B   |________________________|  Box C   |
> > >  |          |                    Eth2|          | Eth3                   |          |
> > >  ------------     10.1.1.0/24        ------------       21.21.21.9/24    ------------       
>  
> >    
> > >   192.168.0.1                         192.168.0.3                         192.168.0.2
> > > 
> > > Here is what I want to do:
> > > Packets from Eth2 should only go to Eth3 except the ones detined to Eth0's IP.
> > > Packets from Eth3 should only go to Eth2 except the ones detined to Eth0's IP.
> > > Local packets destined for Eth1's ip and its subnet should be forwarded via Eth1 only.
> > > Packets from Eth1 can only be directed to Eth0. 
> > > 
> > > This will allow me to ping Box A (192.168.0.1) from Box C (192.168.0.2) without getting a
> > response
> > > from Box B who has local interface with address 192.168.0.1.
> > > 
> > > Basically I want to isolate interfaces in 2 groups:
> > > One with Eth0, Eth2 and Eth3
> > > Second with Eth0 and Eth1.
> > > 
> > > I tried IPtables and multiple routing tables but it did not work. I think I need some
> > directions
> > > as to how would this even be possible.
> > > 
> > > Thanks
> > > 
> > > Dave.
> > > 
> > > 
> > > 
> > > __________________________________________________
> > > Do You Yahoo!?
> > > Tired of spam?  Yahoo! Mail has the best spam protection around 
> > > http://mail.yahoo.com 
> > > 
> > 
> > 
> > Este e-mail y cualquier posible archivo adjunto está dirigido únicamente al destinatario del
> > mensaje y contiene información que puede ser confidencial. Si Ud. no es el destinatario
> correcto
> > por favor notifique al remitente respondiendo este mensaje y elimine inmediatamente el e-mail
> y
> > los posibles archivos adjuntos al mismo de su sistema. Está prohibida cualquier utilización,
> > difusión o copia de este e-mail por cualquier persona o entidad que no sean las específicas
> > destinatarias del mensaje. ANTEL no acepta ninguna responsabilidad con respecto a cualquier
> > comunicación que haya sido emitida incumpliendo nuestra Política de Seguridad de la
> Información.
> > . . . . . . . . .
> > This e-mail and any attachment is confidential and is intended solely for the addressee(s). If
> > you are not intended recipient please inform the sender immediately, answering this e-mail and
> > delete it as well as the attached files. Any use, circulation or copy of this e-mail by any
> > person or entity that is not the specific addressee(s) is prohibited. ANTEL is not responsible
> > for any communication emitted without respecting our Information Security Policy.
> > 
> 
> 
> 
> 		
> ____________________________________________________
> Start your day with Yahoo! - make it your home page 
> http://www.yahoo.com/r/hs 
>  
> 
> 



		
____________________________________________________
Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs 
 



More information about the netfilter mailing list