[TriLUG] OT: Bridge/Advanced routing

Ryan Leathers Ryan.Leathers at globalknowledge.com
Tue Jul 5 10:49:33 EDT 2005 

Maybe I don't understand your question, but it seems like you are wanting to bridge between two unique layer 3 broadcast domains.  Routing is the thing that makes it possible to move between layer 3 broadcast domains, not bridging.

Your 2611 can certainly route between any combination of your three interfaces.  If you need to have fine control over traffic forwarding based on source, destination, or traffic type, which is what I suspect you are really wanting to accomplish, then you probably want to look at policy based routing.  Cisco routers like your 2611 can easily be configured to do this using route-map statements.  You use access lists to match traffic against the route map which then might point the traffic at one interface or another.  Once you have the details worked out with how traffic is forwarding, you can drop this decision down to each interface to  get near wire speed throughput, hence, policy based routing rather than process switching.

Now, some on this list are likely to take issue with me on this next point, but... I wouldn't run a web server(for example) on a cisco router if I had a nice Linux host sitting around, and you shouldn't do routing on a Linux host if you have a 2611 at your disposal.  We in the Linux community are often determined to make Linux do everything just because it can.  Use your router to route.  It'll do a fantastic job.   

Ryan

-----Original Message-----
From: trilug-bounces at trilug.org on behalf of Jon Carnes
Sent: Fri 7/1/2005 8:00 PM
To: Triangle Linux Users Group discussion list
Subject: Re: [TriLUG] OT: Bridge/Advanced routing
 
I don't know exactly what you want but I set these types of scenarios
all the time.  I generally run two different private networks off of the
E0 and E1 interfaces respectfully. At that point it's trivial to set up
routing between the two networks. 

I would setup two default routes on the 2621: one that goes out the T1
interface and a second failover that points to the cable modem. If your
T1 goes down, then your traffic goes out the cable modem.  Of course
this only helps with your NAT-ted traffic and won't help with your
hosted services (though you could easily setup a secondary Mail address
that comes in via the cable modem).

I know some folks that actually bridge on these Cisco's and I've seen
some interesting setups for that - though in most cases routing should
work just fine.

good Luck - Jon Carnes
(BTW, OpenBSD would bridge these networks just fine... :-)

On Thu, 2005-06-30 at 16:32, Steve Hoffman wrote:
> I'm sorry to stray off topic here, but this could end up being on
> topic in the end.  I've got a cisco 2621 router with a t1 card and two
> ethernet ports running on a t1; additionally I have Time Warner
> business class cable modem service.
> 
> We like to have at least two networks for redundancy (just in case)
> but rather then one sitting idle all the time I'd like to create a
> development network and a rest of the company network but bridge the
> two so that requests for machines on one network or the other don't go
> out to Atlanta and back when they could just as easily stay inside the
> network.
> 
> I thought our cisco router would be able to do that just fine..but
> apparently it can't route packets between interfaces...or I don't know
> how to do it.
> 
> 
> Here's how I envisioned it:
> 
> 
>      T1                                 Cable Modem
>       |                         z.z.z.z/28  |
>       |  x.x.x.x/29                         |
>       |  y.y.y.y/29                         |
> --------------------                            |
> | cisco 2621   |                           |  
> ---------------------                           |
> e0|         e1 |_________________|
>     |
>     |
>     |
> ----------------------
> |       switches |
> ----------------------
> 
> 
> the cable modem is locked down to the point that I can't add routes to
> it...if I could I wouldn't be here right now...
> 
> Is there a device to bridge the networks since apparently the 2621
> can't do it...or can the 2621 do it and I'm simply retarded.  Can I
> put a linux box in there somewhere and use it to route between the two
> networks?  I have no experience with xBSD so suggesting that won't go
> far but if it's the only answer I'll put it on my list of stuff to
> learn.
> 
> Any help or suggestions would be greatly appreciated.  
> 
> Steve

-- 
TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ  : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc

More information about the TriLUG mailing list