[CentOS] network question
John R Pierce
pierce at hogranch.com
Tue Jan 27 19:58:57 UTC 2009
ann kok wrote:
> How can I clear the arp cache?
man arp shows the options. arp caches expire fairly quickly
though, I don't think I've ever needed to manually expire one.
> ls it possible to setup 2 gateways in centos
you can have various static routes to different gateways for specific
subnets. only one 'default' gateway will effectively work, if more
than one is defined, its somewhat indeterminate as to what happens.
now, you -can- play games with 'ip route' and 'ip table' and have
alternate route tables, and use tagging to identify packets you want to
route through an alternate gateway, this gets kinda messy.
example... 3 interfaces, eth0 -> one internet connection with a
static subnet, eth1 -> another internet connection with a static subnet,
and eth2 -> LAN as 10.0.0.0/16
The regular CentOS networknig is setup to use eth0's default gateway,
and have all 3 subnets properly configured. NAT rules are setup so
any host on the LAN on 10.0.0.* is to be routed to eth0, and any host on
10.0.1.* is to be routed to eth1. futher, a bunch of IPs on eth1 are
mapped to specific server hosts on 10.0.1.* ... that part is fairly
straight forward. the actually tricky part is to ensure that packets
to/from these eth1 mapped hosts only exit via eth1... thats done as
# network of eth1 interface
# internet gateway of eth1 interface
ip rule add from 10.0.1.0/24 table 200
ip route add default via $eth1gate dev eth1 table 200
ip route flush cache
(where 100.100.100.* is the internet address of this eth1 subnet)
the ip rule command 'tags' any packets from 10.0.1.0/24 to use this
alternate table '200' (if you prefer, you can name these tables via
the ip route add command sets an alternate gateway only for packets
using this special table, and the flush command makes sure any route
caching is cleaned. this `ip` command (actually /sbin/ip) is part of
the iproute2 package.
this stuff gets quite tricky fast, and requires you to really understand
what you're doing.
More information about the CentOS