[ZendTo] Re: Multi-homed install

Jules Jules at Zend.To
Sun Sep 25 17:39:46 BST 2011 

Have you tried forcing the routes onto particular devices? The kernel 
might well be getting it wrong. Read the man page for the "route" 
command for more info.

On 25/09/2011 11:41, Paul Harrington wrote:
> Hi there,
>
> I have a ZendTo Ubuntu VM installed with one nic connected to the internal network so it can authenticate internal users on our AD, I then have the other nic on the public IP so that it is available from the internet.
>
> I need to ensure requests sent through the public IP are returned via that nic, and not that on the internal nic.
>
> At the moment, my configuration is as follows, which works for the most, but the box cannot access the internet and therefore cannot send the entry to the reCAPTCHA servers, and apt-get update just times out. I cannot ping 8.8.8.8 etc either
>
> The eth1 address is on our DMZ and is mapped to a public IP by our firewall. If I put the gateway on the LAN nic, the box can access the internet, but then it is no longer reachable externally.
>
> iface eth2 inet static
> address 192.168.101.13
> netmask 255.255.255.0
> network 192.168.101.0
> dns-nameservers 192.168.101.249 192.168.101.226 8.8.8.8
> post-up route add -net 192.168.0.0 netmask 255.255.0.0 gw 192.168.101.254
> pre-down route del -net 192.168.0.0 netmask 255.255.0.0 gw 192.168.101.254
>
> iface eth1 inet static
> address 172.16.1.3
> netmask 255.255.255.0
> network 172.16.1.0
> gateway 172.16.1.254
>
>
> Paul Harrington
> ICT Officer
>
> National Museums Northern Ireland
> Cultra, Holywood, Co. Down, BT18 0EU
>
> T - 028 9039 5281
> E - paul.harrington at nmni.com
>
> [http://www.nmni.com/images/nationalmuseumslogo.gif]
> www.nmni.com<http://www.nmni.com>
>
>
>
> This message contains confidential information and is intended only for zendto at zend.to. If you are not one of the intended recipients, you should not disseminate, distribute or copy this e-mail. Please notify paul.harrington at nmni.com immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. Paul Harrington therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version.
>
> Please consider the environment before printing this email.
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto

Jules

-- 
Julian Field MEng CITP CEng
www.Zend.To

Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

'Teach a man to reason, and he will think for a lifetime.' - Phil Plait
'All programs have a desire to be useful' - Tron, 1982

More information about the ZendTo mailing list