[CentOS] OT: Setting a CentOS to gateway a private IP address

Tue Oct 21 19:20:38 UTC 2008
Ross Walker <rswwalker at gmail.com>

On Tue, Oct 21, 2008 at 3:02 PM, James B. Byrne <byrnejb at harte-lyne.ca> wrote:
> This is mildly off topic since it has more to do with TCP/IP networking
> than with CentOS per se.  However, at the risk of ruffling a few feathers
> I would like some advice on how to resolve the following routing problem:
>
> Given:
> dual homed host running CentOS-5.2 with
> eth0 = 2xx.yyy.zzz.23
> eth1 = 192.168.219.1
>
> and a Cisco gateway at 2xx.1xx.y7y.1 with the following networks:
>
> interface FastEthernet0/1
>  description connected to EthernetLAN
>  ip address 10.0.0.1 255.0.0.0 secondary
>  ip address 172.16.0.1 255.240.0.0 secondary
>  ip address 192.168.71.1 255.255.255.0 secondary
>  ip address 192.168.0.1 255.255.0.0 secondary
>  ip address 2xx.yyy.zzz.1 255.255.255.0
>  ip access-group 101 in
>  ip inspect FastEthernet_0_1 in
>  speed 100
>  full-duplex
> !
> router rip
>  version 2
>  passive-interface FastEthernet0/0
>  network 10.0.0.0
>  network 172.16.0.0
>  network 192.168.0.0
>  network 2xx.yyy.zzz.0
>  no auto-summary

Assuming that this Cisco box is for routing your Internet
traffic, I would NOT put any private network routing, or
any dynamic routing at all on it and use NAT on the
CentOS box.

> !
> ip classless
> ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
>
> and with the following routes on the CentOS host:
>
> # route
> Kernel IP routing table
> Destination     Gateway       Genmask         Flags Metric Ref    Use Iface
> 192.168.219.0   *             255.255.255.0   U     0      0        0 eth1
> 2xx.yyy.zzz.0   *             255.255.255.0   U     0      0        0 eth0
> 169.254.0.0     *             255.255.0.0     U     0      0        0 eth1
> default         gw-fibrewire  0.0.0.0         UG    0      0        0 eth0
> # ip route
> 192.168.219.0/24 dev eth1  proto kernel  scope link  src 192.168.219.1
> 2xx.yyy.zzz.0/24 dev eth0  proto kernel  scope link  src 2xx.yyy.zzz.23
> 169.254.0.0/16 dev eth1  scope link
> default via 2xx.yyy.zzz.1 dev eth0
>
>
> The situation is this.
>
> >From the host itself I can ping 192.168.218.102 on 192.168.219.0/24

Was that a typo 192.168.218.102?

> >From any other host on 2xx.1xx.y7y.0/24 I can ping 192.168.219.1

Yes, cause it a local interface on router 2xx.yyy.zzz.23, discoverable
by ICMP.

> >From any other host on 2xx.1xx.y7y.0/24 I cannot ping 192.168.219.102

You need to have a route in the Cisco's table for 192.168.219.0/24 or you
need to get RIP working between 2xx.yyy.zzz.23 and 2xx.yyy.zzz.1

> What setup steps on the CentOS host have I overlooked or what
> configuration errors have I committed?

Probably getting routed/gated running, setting active/passive interfaces,
broadcast or multicast RIP, host routes/default routes, etc.

> As I am a digest subscriber please use "reply all" so that I get an
> immediate copy of any replies.

List always strips off the members email :-(

-Ross