[ale] Routing Questions

Geoffrey esoteric at denali.atlnet.com
Sat Dec 1 00:28:36 EST 2001 

You noted that both networks are connected to the internet via
telocity.  So you must have real ips on the connections to the
internet.   So why can't you facilitate your routing through these ips?

Chris Fowler wrote:
> 
> So,  see if I understand this right.
> 
> Becasue I have chosen to use private IP's on each eand, those packets by
> definition are not routeable.
> If they were public then it should have worked?
> 
> I wanted to get basic routing doen then move to tunnel and encryption.  I
> guess I'll  skip the test of pinging machines on both sides and begin
> working directly on a tunnel.
> 
> Technically why can I not tell the kernel to send all pakets for 192.168.2.0
> to skylab and tell sky lab the reverse to send back to Mir?  Is it a
> technical limitation or the fact the IPs are private?
> 
> Thanks,
> Chris Fowler
> 
> -----Original Message-----
> From: Byron A Jeff [mailto:byron at cc.gatech.edu]
> Sent: Friday, November 30, 2001 6:05 PM
> To: cfowler at outpostsentinel.com
> Subject: Re: [ale] Routing Questions
> 
> >
> > I have 2 networks now.  One in Buford and One in Alpharetta.
> >
> > Alpharetta:  192.168.2.0
> > Buford:  192.168.1.0
> >
> > Both networks are connected to the internet using telocity.  I want to be
> > able to route packets between both of the private nets.  Is this possible
> > since these
> > are 192.168.*.
> 
> Not directly.
> 
> > [Table deleted for brevity]
> >
> > When I issue this command in Alpharetta:
> > [root at skylab /etc]# route add -net 192.168.1.0 netmask 255.255.255.0 gw
> 64.129.131.124 eth1
> > SIOCADDRT: Network is unreachable
> >
> > Buford:
> > [root at mir /etc]# /sbin/route add -net 192.168.2.0 netmask 255.255.255.0 gw
> skylab metric 1 eth1
> > SIOCADDRT: Network is unreachable
> 
> You'll need to tunnel packets between your two gateways. You first set up a
> pipe between your two gateways (and ssh one for example). Then setup a PPP
> session between them using the ssh pipe. Then direct your packets for the
> opposite network to the ppp interface.
> 
> This is a simplistic mechanism for building a VPN, which is essentially what
> you need in this instance.
> 
> A 5 second perusal of linuxdocs.org pointed me to the Firewall-Piercing
> Howto.
> This applies because the naming of your networks with private IP's
> essentially
> firewalls them.
> 
> Anyway read the HOWTO's in this section:
> 
> http://www.linuxdocs.org/HOWTOs/HOWTO-INDEX/networking.html#NETVPN
> 
> and they will guide you into building a tunnel between your networks.
> 
> BAJ
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
> sent to listmaster at ale dot org.

--
Until later: Geoffrey		esoteric at denali.atlnet.com

"...the system (Microsoft passport) carries significant risks to users
that
are not made adequately clear in the technical documentation available."
- David P. Kormann and Aviel D. Rubin, AT&T Labs - Research
- http://www.avirubin.com/passport.html

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list