--
Andrew Habgood
IT Systems Consultant, Northern NSW
Compaq Computer Australia Pty Ltd
I would highly suggest that you use another NIC since it will be more
reliable.
Brian
I too would really like to know about the possibility of adding internet to
a sco 5 server and lan without either adding a router between the internet
and the lan, or a second network card to the sco box.
I didn't think it was possible.
--
Brian K. White http://www.squonk.net/users/linut
+++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
filePro BBx Linux SCO Prosper/FACTS AutoCAD #callahans Satriani
>> I am in two minds as to whether to put a second ethernet
>> card in an Openserver 5.05 box. There is a router which has
>> ISDN connections to three sites (192.168.1.x, 192.168.2.x,
>> 192.168.3.x) and the Internet. It is connected to the switch
>> on the local backbone (192.168.4.x). I have full connectivity
>> between all of the sites.
>> I am about to configure it for the internet, and am trying to
>> decide whether I want to throw a second NIC into it or use
>> ifconfig to bind a second IP to the card (the external registered
>> address). If I use the ifconfig method, will the Internet Wizard
>> run? Are there any other factors that I should take into account?
Not knowing all the details of your set up why not have the SCO
system on one of the 192.168.x.x networks. You also didn't specify
your router but on most you can add filters to make the router
act as a firewall of sort.
>I too would really like to know about the possibility of adding
>internet to a sco 5 server and lan without either adding a router
>between the internet and the lan, or a second network card to the
>sco box.
>I didn't think it was possible.
Well you will have to connect to the internet with something.
Without a router or another NIC the only thing that comes to mind
right now is PPP - and at that point the system with PPP is
basically doing routing functions, is it not? That's still two
interfaces. You could put as many different networks as you'd care
to and/or which the hardware/software will support, but you have to
be able to route something which is not part of this physical
network where to go. [There have been many days I'd like to have
to the network where to go - but that's beside the point].
You must use something to tell the packets where to go - either
internal or external as you are connecting two networks together.
Even if your internet is delivered by ethernet you still need
a separate interface card to keep traffic where it is supposed to
go. I don't think the upstream source would like broadcasts from
your side :-)
Or am I mis-understanding what you are trying to do?
--
Bill Vermillion - bv @ wjv . com
> What would be really nice is to be able to say packets destined for X host
> should use interface/card/ip X and packets destined for everything not
> specified should go to the default route.
Now you've got me confused :-)
Unless you mean something else, you can give a route for a
specific host..
--
Tony Lawrence (to...@aplawrence.com)
SCO/Linux articles, help, book reviews, tests,
job listings and more : http://www.pcunix.com
OK- I wasn't paying close attention that you meant routing based
on packets, not address. Isn't that like QOS routing?
===============================================
>: Well you will have to connect to the internet with something.
...
>: You must use something to tell the packets where to go - either
>: internal or external as you are connecting two networks together.
>What would be really nice is to be able to say packets destined
>for X host should use interface/card/ip X and packets destined for
>everything not specified should go to the default route.
Maybe I'm not understanding what you are saying, but that is
exactly what we do now. default route is where everything goes,
unless you have another statement directing some addresses to a
specific place.
>:> What would be really nice is to be able to say packets destined
>:> for X host should use interface/card/ip X and packets destined
>:> for everything not specified should go to the default route.
>
>: Now you've got me confused :-)
>: Unless you mean something else, you can give a route for a
>: specific host..
>Perfect example: We've an nntpserver and a mail server on the same
>machine. Two nic cards, one for mail, one for news. Our peers feed
>to the news card just fine. But since the mail machine card is the
>default route, news goes out the email card.
So you want to be able to route by protocol, is that what I'm
reading into this? Or - another interpretation - clients connect
for news via the IP designated for the news but news is going out
another port.
Are these on the same network. If so can you subnet them?
A few more details might help. Then again - they might not :-)
>I'm not aware of a way for us to say "If it's news, go out card b, not
>card a."
>
>
>
>
>
>--
> for i in databasix primenet ; do ; echo gburnore@$i.com ; done
>----------------------------------------------------------------------
> How you look depends on where you go.
>----------------------------------------------------------------------
>Gary L. Burnore | нлГКнГоГКнГнлГКнГоГКнГнГоГКнГннлГ
> | нлГКнГоГКнГнлГКнГоГКнГнГоГКнГннлГ
>Black Helicopter Repair Services | нлГКнГоГКнГнлГКнГоГКнГнГоГКнГннлГ
> Cohort #2 TINCC | нлГ 3 4 1 4 2 нГоГ 6 9 0 6 9 нлГ
>http://www.databasix.com | Official Proof of Purchase
>======================================================================
Scanning through the docs, it looks like ipfilter will do this.
--
==========================================================================
Tom Parsons t...@tegan.com
==========================================================================
>:>Perfect example: We've an nntpserver and a mail server on the same
>:>machine. Two nic cards, one for mail, one for news. Our peers feed
>:>to the news card just fine. But since the mail machine card is the
>:>default route, news goes out the email card.
>: So you want to be able to route by protocol, is that what I'm
>: reading into this?
>Yeah. Nntp port 119.
>: Or - another interpretation - clients connect
>: for news via the IP designated for the news but news is going out
>: another port.
>Well, not another port. Same port on a different IP.
So then the routing is based on source IP. Next question.
Everything from this IP or just port 119 on this IP?
And one more question. Are destinations from this IP only being
used for this.
If so in some routing methods you could designate down to
the ip level and then then interface. You can route to
a device by type in Cicso - eg ser 1/4 would be the 5th serial
port on the second set of serial cards, and you could route
then route down to the IP level with a 255.255.255.255 netmask,
or worst case break the one machine into a small subnet in the
major network - with a netmask of 255.255.255.252 - so that it
resides in the overall network but you can designate the routes for
that network. The same approach that a provider uses in breaking
down addresses for you.
>: Are these on the same network. If so can you subnet them?
>I've got two routers, each on its own DSL line. One specifically
>for the purpose of receiving/sending news to our peers. The other
>does everything else.
Sounds like it would be easier with a router with more than one
interface to handle all the networking, or a router to route to the
routers :-)
>I can tell our providers to send stuff to card be via address b on
>router b but outbound news back to them goes out port a unless I
>change my default route to b. I don't want everything going out b
>because A is a class C and b isn't.
Why should 'class' make a difference? I'm suspecting it's more of
a bandwidth/congestion difference. Is that correct?
Have fun. If things go as planned - and they seldom do for me -
my next project is learning an Atlas 800 - which could be
best described as a swiss-army-knife in the router world. :-)
I don't understand... just add a route to your news provider. presumably
their IP does not change all the time? the route to the specific host
or net will override the default route, any packets destined for IP's not
covered by the new route still go out the default route.
other traffic besides news that is destined for the same IP will also
go out the "news" card, but is there even any?
>: So then the routing is based on source IP.
>No, it's not. Routing would be based on destination if anything.
>Again, we want nntp to go in and out port 119 on a second card. IN
>works fine because we tell our peers to send it to that IP. Out
>goes out the default route rather than the second card.
Mis-type. I know it's not based on source, but it would be nice if
you could route based on source. If it comes from here, but it
there, otherwise put it over here.
>: If so in some routing methods you could designate down to
>: the ip level and then then interface. You can route to
>: a device by type in Cicso - eg ser 1/4 would be the 5th serial
>: port on the second set of serial cards, and you could route
>: then route down to the IP level with a 255.255.255.255 netmask,
>: or worst case break the one machine into a small subnet in the
>: major network - with a netmask of 255.255.255.252 - so that it
>: resides in the overall network but you can designate the routes for
>: that network. The same approach that a provider uses in breaking
>: down addresses for you.
>That'd work if the news machine wasn't the same machine as the email
>machine. :)
Not knowing how many IP's you have there but I was thinking of a
subnet inside the normal network.
It'd probalby take a router to do this. I did it for a show that
had some people demoing wireless routers. Designated 16 addresses
out of the 256 [ all on the same ethernet interface by the way],
and that was split into two block of 8, one for the first router
and one for the second. Then they set up the routing in those so
that anything outside their range went out the first router up
stream. The two routers exchanged data within their address ranges.
Run into some really weird things doing that.
>: Sounds like it would be easier with a router with more than one
>: interface to handle all the networking, or a router to route to the
>: routers :-)
>Now that's an interesting thought. Our routers are each hooked to a
>separate DSL line (covad). Each router has its own ip range to manage.
I used this approach when moving from one upstream provider to
another. I had two separate networks running for a couple of weeks
and moved machines/web-sites/etc in small groups. It was the only
way I could retain any sanity.
>:>I can tell our providers to send stuff to card be via address b on
>:>router b but outbound news back to them goes out port a unless I
>:>change my default route to b. I don't want everything going out b
>:>because A is a class C and b isn't.
>: Have fun. If things go as planned - and they seldom do for me -
>: my next project is learning an Atlas 800 - which could be
>: best described as a swiss-army-knife in the router world. :-)
>I assume all of the gadgets are open? :)
I hope I just don't poke my self with the sharp end.
so add a route to each news host, works the same for ten as it does for one.
no danger in trying anyways since it requires no rebooting nor even "tcp
stop ;tcp start" just add the routes and see if you get the desired results,
and if not, just delete the routes, no need to alter any existing routes
even.
>: I used this approach when moving from one upstream provider to
>: another. I had two separate networks running for a couple of weeks
>: and moved machines/web-sites/etc in small groups. It was the only
>: way I could retain any sanity.
>I moved a whole class C from one provider to UUnet in one weekend. The
>_WHOLE_ weekend.
I can appreciate that. My problems included getting 80-100 domain
registrations moved to the new name servers, moving several routed
ISDN blocks from a Livingston at the original end of the pipe - to
an Ascend 4400 at the other end of the pipe.
Basically a T1 from to location A with a T1 to location B was
changed so that a DS3 came from the second provider to location B
and location A was that tag end - with data coming from both
directions at once. There were four class C's in that. One
complete like that is enough for any one persons lifetime. In the
end there were nine C's and about a dozen outgoing T1's with a
flock of ISDN's too. Good learning experience.
After awhile the T's got to be a mess to handle. That's why the
Atlas looks good as I can groom the Ts into a DS3/OC-3/OC-12. The
prices of the pipe are so close to being identical that the
deciding difference is the interface cost. Data to fill the pipes
OTOH goes up as the quantity of data goes up. This stuff is
getting SO CHEAP in comparison to what it was you realize that
someone had to be making a lot of money in the past.
Bill
hmm
did you do the command like this?
route add <IP of news provider #1> <IP of news nic>
route add <IP of news provider #2> <IP of news nic>
route add <IP of news provider #3> <IP of news nic>
or I suppose:
route add -netmask 255.255.255.255 -host <IP of news provider #1> <IP of
news nic>
route add -netmask 255.255.255.255 -host <IP of news provider #2> <IP of
news nic>
route add -netmask 255.255.255.255 -host <IP of news provider #3> <IP of
news nic>
the "file exists" error should not come up because all you are saying here
is that the way to get to <IP-of-news-provider> is through <IP-of-news-nic>,
and certainly you can have one destination be the gateway for more than one
destination, a typical default gateway is the gateway for all the
destinations on the internet for exammple. they are just not all explicitly
defined like above.
you should be able to back these out by saying
route delete <IP of news provider #1>
...2
...3
also, you can just as easily test the theory on some other host first
besides your news providers, just to be that little extra bit careful.
so, route add -netmask 255.255.255.255 -host <IP of home cable modem linux
box> <IP of news nic>
and then ping flood your linux box and watch the nic and router lights.
I am actually curious now to see if the above does not work and if not what
was the error. or what were the symptoms in the case that the commands
succeed, but the results are not what we intended.
this should be totally doable
oh... I'm so stupid... are the two nics hooked to two different routers?
in that case I think you should also try
route add -netmask 255.255.255.255 -host <IP of news provider #1> <IP of
news router (local, not wan ip)>
this last one is probably what will work actually.