Masquerading on aliased interface

To: <debian-firewall@lists.debian.org>
Subject: Masquerading on aliased interface
From: "Jakub Ambrożewicz" <ja@vigor.com.pl>
Date: Fri, 12 Oct 2001 08:53:57 +0200
Message-id: <007c01c152ea$aafb37e0$ca01a8c0@pc202>

I have the following situation

       |
    eth0
  __|_________
  |             |            |
eth1     eth2     eth3
  |             |            |

eth0 is my external address. Other are internal.
eth0 must have two addresses 10.0.0.1 and 10.0.1.1
internals are assigned 192.168.0.1 2.1 and 3.1
I have to mask internals on only second eth0 address.
But ip chains do not work on alises. And 2.2.19 do not
use aliases at all.
In the ipchains faq i found how to preroute internals on
specific addresses. But i cant set any ip rule. It just
states: RTNETLINK answers: invalid argument

Here is how i configure interfaces and routing:
(i skipped flushing and lo)

# external addresses
ip addr add 10.0.0.1/24 broadcast 10.0.0.255 scope global label eth00 dev
eth0
 label eth00
ip addr add 10.0.1.1/24 broadcast 10.0.1.255 scope global label eth01 dev
eth0
label eth00
# internal addresses
ip addr add 192.168.0.1/24 broadcast 192.168.0.255 scope global label eth1
dev eth1 label eth1
ip addr add 192.168.1.1/24 broadcast 192.168.1.255 scope global label eth2
dev eth2 label eth2
ip addr add 192.168.1.2/24 broadcast 192.168.2.255 scope global label eth3
dev eth3 label eth3

echo Setting rules
# rules for directing trafic to correct interfaces
ip rule add from 192.168.0.0/24 to 0/0 table 100 pref 102
ip rule add from 192.168.1.0/24 to 0/0 table 101 pref 102
ip rule add from 192.168.2.0/24 to 0/0 table 102 pref 102

echo Setting routes for tables
# force directing int interfaces to corresponding externals
ip route add table 100 via 10.0.0.1
ip route add table 101 via 10.0.1.1
ip route add table 102 via 10.0.2.1

echo Setting external routes
ip route add 10.0.0.0/24 via 10.0.0.1 scope link proto static dev eth0
ip route add 10.0.1.0/24 via 10.0.1.1 scope link proto static dev eth0

echo Setting internal routes
ip route add 192.168.0.0/24 via 192.168.0.1 scope link proto static dev eth1
ip route add 192.168.1.0/24 via 192.168.1.1 scope link proto static dev eth2
ip route add 192.168.2.0/24 via 192.168.2.1 scope link proto static dev eth3

echo Setting default route
ip route add 0/0 via 10.0.0.1 dev eth0

And the question is 1)why RTNETLINK answers: invalid argument
2) is it possible?

JA

Reply to:

Prev by Date: Re: Help with ipchains on Potato -- problem with -s?
Next by Date: checking the not allowed changing of IP's
Previous by thread: Re: Help with ipchains on Potato -- problem with -s?
Next by thread: checking the not allowed changing of IP's
Index(es):
- Date
- Thread