[CentOS] route question

Fri May 14 21:57:22 UTC 2010
Christopher Davis <cdavis-lists at keypath.com>

Greetings Jerry,

On 5/14/2010 3:45 PM, Jerry Geis wrote:
>> What exactly does not work?  Connecting to what destination IP?  Your
>> default route is pointing out eth2.  So any traffic to a non-directly
>> connected network will go out eth2.  (without some additional static
>> routes)  What are you trying to accomplish?
> I am attempting to have one box with 3 nic's and use NAT to connect to
> other boxes.
> 74.X is eth1 24.X is eth2 and 192.X is eth0
> I have iptable rules for 24.X:25 to goto 192.X:25 and port 80 also.
> This works
> I have iptable ruls for 74.X:25 to goto 192.X:25 and port 80 also. This
> does not work.
> the default route is set for 24.X network and it seems like that is why
> that network is working.
> If I change the default route to 74.X then the 74.X network works and
> the 24.X network stops working.
> So that is why I thought the "route -n" showing for the gw on
> 74.X was perhaps the issue.
> I dont seem to be routing for both networks.
> THanks,
> Jerry

Since you're routing --- what shows with 'cat 
/proc/sys/net/ipv4/ip_forward'?  If this is 0, I believe you will need 
to 'echo 1 > /proc/sys/net/ipv4/ip_forward' to enable this bit since you 
are requesting traffic to enter one interface and forward through to 
another interface.

192.x is eth0 / private
24.x is eth2 / public / services smtp and http function
74.x is eth1 / public / services smtp and http does not function

---Does smtp and http function from your 192.x address space?

---If you compare the output of 'netstat -an' is your smtp and http 
server ONLY listening on 24.x:25 and 24.x:80?

---Previously you supplied a route table of:

  route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface U     0      0        0 eth2 U     0      0        0 eth1   U     0      0        0 eth0     U     0      0        0 eth2         UG    0      0        0 eth2


Your route table is pushing THROUGH which is  Unless your two providers advertise both networks, you'll need to add a new route for your 74.x provider.  Try from the command line adding a new default gw -- 'route add default gw 74.x dev eth1'.  When you run 'route -n' again you should find two default routes --         UG    0      0        0 eth2         74.x         UG    0      0        0 eth1

^^^ The above might help but you will have two equal cost routes which might actually slow your network down for outbound traffic so I would play with metrics also.

Hope this helps!

Christopher Davis