0

I've got two subnets and a RedHat 5.3 with 2 NIC, each with an IP on a single subnet:

eth1 172.16.0.4, 255.255.255.0
eth0 194.20.23.183, 255.255.255.0

On each subnet I've got a Gateway / Firewall and I'd like to forward each NIC on its own GW. This is the current routing table:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.16.0.0      *               255.255.255.0   U     0      0        0 eth1
194.20.23.0     *               255.255.255.0   U     0      0        0 eth0
default         172.16.0.1      0.0.0.0         UG    0      0        0 eth1

If I first try to delete the already existing rule on 194.20.23.0 net and next use the following command

route add -net 194.20.23.0 netmask 255.255.255.0 gw 194.20.23.181 dev eth0

It returns

SIOCADDRT: Network is unreachable

Could anyone explain me in simple words the reason for that message and possibly how I can accomplish the goal.

Thanks in advance Regards

Alessandro Ilardo

AleIla
  • 103
  • 1
  • 5

3 Answers3

2

i think you have to swap the devices. try this:

route add -net 194.20.23.0 netmask 255.255.255.0 gw 194.20.23.181 dev eth1

this should be the corresponding rule to your setup:

eth0 172.16.0.4, 255.255.255.0
eth1 194.20.23.183, 255.255.255.0
Christian
  • 4,703
  • 2
  • 24
  • 27
2

First off, the route you're adding is on the same network segment as the interface itself. This means there's no need to use a router/gateway when sending those packets. The interface is able to address the host directly. The local switch will get it there without using a router as an intermediary.

You are getting an error when adding your rule because it's a rule that defines how to send packets to a whole network, by giving directions to send to a specific host on that network. It's a catch-22. In order to send a packet to that gateway, you need to know how to get to its IP address. In order to send to its IP address, you have to go through that gateway. It's like telling someone In order to get to Main Street, go to 1512 Main Street, and ask the guy who lives there.

Now, as far as a proper gateway is concerned, that's what the last line in your routing table does. It routes all traffic to 172.16.0.1 that hasn't been matched by the rules above it. THIS is your default gateway. You don't need a GW for your second NIC, because ALL non-local traffic goes through this gateway.

If you wanted to split half your traffic through the other NIC/GW, you'd need to define which networks to do so. eg: route add -net 10.0.0.0 netmask 255.0.0.0 gw 194.20.23.181 dev eth1 will get JUST the 10.x.x.x network routed through your second NIC.

Christopher Karel
  • 6,582
  • 1
  • 28
  • 34
  • He's right. If your interface is already on that subnet, it doesn't need an explicit route to other addresses on that subnet. In terms of his "Main Street" example, you don't need to ask anyone how to get to a house on main street when you already *live* on main street. – Satanicpuppy Feb 05 '10 at 15:28
0

You can also make some policy based routing