Sun box used as a router: some issues
2007-12-24 21:04:00
while the remaining parts are likely unreadable without MIME-aware tools.
Send mail to mime at docserver.cac.washington.edu for more info.
--1405755977-2121742131-1003881941=:1736
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
Content-ID: <Pine.LNX.4.33.0110241006181.1736 at artemis.darkrising.com>
Sun gurus,
I've had continual problems with routing on this network. Not having a
budget for a proper router, I got an E420R with a quad ethernet card and
turned it into a router.
There are a few problems.
1) The router can traceroute/ping other hosts, but the 202.139.xxx.xxx and
10.0.0.x envirionment cannot, since it uses this Sun Router as a gateway.
I've fiddled with the ndd settings to no avail.
2) We have some external hosts which connect via a wan to the MIS
division's firewall, 172.16.1.39. That machine has a route for anything
destined for 202.139.xxx.xxx to go via 172.16.22.1. When this is setup,
these external hosts cannot talk to any of these 202.139.xxx.xxx hosts.
When the route on 172.16.1.39 is taken off, this pushing those packets via
the default route on 172.16.1.39, which is to the MIS firewall then to the
outside world. When this is set, they can now reach the 202.139.xxx.xxx
machines by going through the internet first.
Why do you we want machines to NOT go through the outside world?
1) To save on charged bandwidth
2) A most of the 202.139.xxx.xxx machines are firewalled out to the
outside world, go through through the "back way" is preferable.
I want anything on 172.16.22.x to go out 172.16.22.1 directly to the
172.16.22.x network. Anything else on 172.16/16 and 172.30/16 to go out to
172.16.1.39 (which has to go out 172.16.22.1 first, but look at the
routing table below).
Here is a diagram of the network.
Outside world
/|\
|
| +-----------------------------+
|---| 202.139.xxx.xxx environment |
| +-----------------------------+
|
|
| 202.139.xxx.XXX (qfe0)
+------------+
| |10.0.0.1 (qfe1) +----------------------+
| SUN ROUTER |----------------| 10.0.0.x environment |
| | +----------------------+
+------------+
| 172.16.22.1 (hme0)
|
| +-------------+
-----+--------------------| 172.16.1.39 |-------------> Outside World
| +-------------+ (MIS Pipe)
| |
| |
| | +---------------------------+
+-------------------------+ |--| 172.16-31.x.x Environment |
| 172.16.22.x environment | +---------------------------+
+-------------------------+ |
| WAN Connection
|
+----------------+
| External Hosts |
| (172.16.xx.xx) |
+----------------+
Some other data.
sunrouter# netstat -rn
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
172.16.1.39 172.16.22.1 UH 1 27 hme0
10.0.0.0 10.0.0.1 U 1 1034 qfe1
172.16.22.0 172.16.22.1 U 1 742 hme0
192.168.253.0 172.16.1.39 UG 1 0
202.139.xxx.xxx 202.139.xxx.XXX U 1 2263 qfe0
172.30.0.0 172.16.1.39 UG 1 1
172.16.0.0 172.16.1.39 UG 1 57
default 202.139.xxx.YYY UG 1 7657
127.0.0.1 127.0.0.1 UH 1 3106 lo0
sunrouter# ifconfig -a
lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
qfe0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
inet 202.139.xxx.XXX netmask ffffff00 broadcast 202.139.xxx.255
ether 8:0:20:c5:95:8f
qfe1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 4
inet 10.0.0.1 netmask ffffff00 broadcast 10.0.0.255
ether 8:0:20:c5:95:8f
hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 5
inet 172.16.22.1 netmask ffffff00 broadcast 172.16.255.255
ether 8:0:20:c5:95:8f
Can anything give me any clues to the problem, and how to fix it.
Thanks in advance,
Steven
--1405755977-2121742131-1003881941=:1736
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII; NAME="networkdiagram.txt"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.LNX.4.33.0110241017020.1736 at artemis.darkrising.com>
Content-Description:
Content-Disposition: ATTACHMENT; FILENAME="networkdiagram.txt"
DQogIE91dHNpZGUgd29ybGQgICAgICANCiAgICAgL3xcDQogICAgICB8DQog
ICAgICB8ICAgKy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tKw0KICAg
ICAgfC0tLXwgMjAyLjEzOS54eHgueHh4IGVudmlyb25tZW50IHwNCiAgICAg
IHwgICArLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0rDQogICAgICB8
DQogICAgICB8DQogICAgICB8IDIwMi4xMzkueHh4Lnh4eCAocWZlMCkNCist
LS0tLS0tLS0tLS0rDQp8ICAgICAgICAgICAgfDEwLjAuMC4xIChxZmUxKSAr
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLSsNCnwgU1VOIFJPVVRFUiB8LS0tLS0t
LS0tLS0tLS0tLXwgMTAuMC4wLnggZW52aXJvbm1lbnQgfA0KfCAgICAgICAg
ICAgIHwgICAgICAgICAgICAgICAgKy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0r
DQorLS0tLS0tLS0tLS0tKw0KICAgICAgfCAxNzIuMTYuMjIuMSAoaG1lMCkN
CiAgICAgIHwNCiAgICAgIHwgICAgICAgICAgICAgICAgICAgICstLS0tLS0t
LS0tLS0tKw0KIC0tLS0tKy0tLS0tLS0tLS0tLS0tLS0tLS0tfCAxNzIuMTYu
MS4zOSB8LS0tLS0tLS0tLS0tLT4gT3V0c2lkZSBXb3JsZA0KIHwgICAgICAg
ICAgICAgICAgICAgICAgICAgKy0tLS0tLS0tLS0tLS0rICAgICAgICAgICAg
ICAgIChNSVMgUGlwZSkNCiB8ICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICB8DQogfCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgfA0K
IHwgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHwgICstLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0rDQorLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLSsgICAgICAgfC0tfCAxNzIuMTYtMzEueC54IEVudmlyb25tZW50IHwN
CnwgMTcyLjE2LjIyLnggZW52aXJvbm1lbnQgfCAgICAgICAgICArLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tKw0KKy0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0rICAgICAgICAgICAgICAgICAgICB8DQogICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHwgV0FOIENvbm5lY3Rp
b24NCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgfA0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgKy0tLS0tLS0tLS0tLS0tLS0rDQogICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICB8IEV4dGVybmFsIEhvc3RzIHwNCiAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHwgKDE3Mi4xNi54eC54
eCkgfA0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
Ky0tLS0tLS0tLS0tLS0tLS0rDQo=
--1405755977-2121742131-1003881941=:1736--
Comments
Got something to say?
You must be logged in to post a comment.
