[TriLUG] policy based routing with linux
Chris Bullock
cgbullock at yahoo.com
Mon Nov 13 12:12:41 EST 2006
We have a fairly static network with about 8 subnets and roughly 5
different points of access to the outside world. We are using a Linux PC
full of nics and doing strictly static routing. We have an application
that the university needs access to at fiber speed, the hospital has
access to the university and we have access to the hospital, so therefore
we are routing to the university through the hospital (university <-->
hospital <--> our office. Long story short we have asked the hospital to
somewhat protect us from the university by implementing ACLs on their PIX,
this gives the university access to our services but blocks my users from
hitting the university's services since my router points all university
traffic through the hospital. Now my question, I have tried to understand
the policy routing built into Linux but keep beating my head against the
wall due to my lack of brains. Here is what I have, I have a macro I run
that has all my static routes listed, what I want to do is via command
line, not a table, tell my traffic that to go to 150.216/16 go out our
broadband connection not our hospital gateway.
University = 150.216.x.x
network A = 10.1.x.x
network B = 10.2.x.x
hospital gw = 10.254.254.254
office Internet gw = 10.2.x.254
The university needs access to network A, network A never needs to access
the internet only the university,
network B needs to access the university but can not access it through the
hospital due to firewall rules, it can only access it though my office
internet gateway.
Regards,
Chris
____________________________________________________________________________________
Do you Yahoo!?
Everyone is raving about the all-new Yahoo! Mail beta.
http://new.mail.yahoo.com
More information about the TriLUG
mailing list