2 NIC's - Route question 1

[motoslide]

I have a server with "inside" and "outside" NIC's. The inside NIC is running non-routable (say 192.168.100.20) and the outside NIC is routable (say 198.105.48.78).

The problem is that the inside NIC must have the Default Route configured to be 192.168.100.1 (our router with NAT/Firewall) because this is used for inbound Email. The outside NIC also needs to communicate with the outside world for HTTP, FTP, and Telnet/SSH.

How can I configure the system for 2 default gateways?
For better illustration:
ROUTER WAN: 198.105.48.74
ROUTER LAN: 192.168.100.1
UNIX NICa: 192.168.100.20
UNIX NICb: 198.105.48.78

Router has port-forward rule to pass all port-25 traffic to 192.168.100.20.
UNIX default gateway is 192.168.100.1
Telnet from "outside" world to 198.105.48.78 fails to connect, because the UNIX box can't reply without a gateway for that NIC.

Current route information:

# netstat -rn
Routing tables
Destination      Gateway            Flags    Refs      Use  Interface
default          192.168.100.1      UGS         0    49683  net0
127.0.0.1        127.0.0.1          UH          3      772  lo0
192.168.100      192.168.100.20     UC          1        0  net0
192.168.100.20   127.0.0.1          UGHS        1        0  lo0
198.105.48.72/29 198.105.48.78      UC          1        0  net1
198.105.48.78    127.0.0.1          UGHS        3        8  lo0
224/8            192.168.100.20     UGS         0        0  net0

This might be really basic, but I'm having a "Monday Morning" mental lapse.
Thanks.

"Proof that there is intelligent life in Oregon. Well, Life anyway.

 

[mrn]

What's your O/S?

Mike

"A foolproof method for sculpting an elephant: first, get a huge block of marble, then you chip away everything that doesn't look like an elephant."

http://www.airport-parking-site.co.uk/

 

[motoslide]

Sorry. I should have included that, but hoped the solution might be non-specific.
I'm running SCO OpenServer6 on this box.

"Proof that there is intelligent life in Oregon. Well, Life anyway.

 

[PHV]

The man page for the routed(ADMN) command contains a lot of informations.
However I don't exactly know how to forward the packets between the 2 NICs and how to use RIP ...

Hope This Helps, PH.
Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884 or FAQ181-2886

 

[Annihilannic]

Why do you need the default gateway to be 192.168.100.1 for inbound email? The default route is only use for outgoing connections.

I would use the gateway for the 'outside world' NIC as the default gateway, and just send 192.168.100 traffic to the LAN gateway.

Annihilannic.

 

[motoslide]

Good question, complicated answer:
Our inbound Email goes through an outside spam-filter service, then gets routed to the WAN address of our firewall (198.105.48.74). That firewall has inbound filter rules to only allow incoming traffic on port 25 to originate from the spam-filter providers mail forwarder(s).

I had hoped to keep this part of the configuration "as is", since I trust the filtering functions of the router more than my knowledge of using ipfnat utilities on the SCO side.

It looks like I'll have to make some adjustments to our network topology.

Could I set some static route entries to just our spam-filter mail forwarders to be 192.168.100.1, and set the default route to be the WAN (198.105.48.73)? I think I'll give that a try, and if it fails then I'll have to re-think this odd configuration in general.

Thanks for the suggestions, folks.

"Proof that there is intelligent life in Oregon. Well, Life anyway.

 

[Annihilannic]

Yes, static routes should work fine if I understand you correctly.

Annihilannic.

 

[motoslide]

That appears to be working. I just have to remember to add more routes as our spam-filtering service continues to add more servers. Not a big deal, as that only happens a couple of times per year.

Thanks for the help and/or encouragement.

"Proof that there is intelligent life in Oregon. Well, Life anyway.