Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
userdoc:tt-internal-downstream-router [2016/05/30 12:26] abelbeck [NAT Foreign Network(s)] |
userdoc:tt-internal-downstream-router [2016/05/30 16:21] (current) abelbeck [Internal Downstream Router] |
||
---|---|---|---|
Line 5: | Line 5: | ||
While AstLinux offers many firewall and networking features, there are situations where an additional internal downstream router may play into the mix. That router may be pre-existing before AstLinux is added, or a router that offers added value such as subscription based content filtering. | While AstLinux offers many firewall and networking features, there are situations where an additional internal downstream router may play into the mix. That router may be pre-existing before AstLinux is added, or a router that offers added value such as subscription based content filtering. | ||
- | When an additional internal downstream router NAT's the LAN interfaces to the WAN interface, the process is pretty much plug-and-play since AstLinux sees all the downstream traffic as coming from a single IPv4 address on one of its internal interfaces. | + | When the additional internal downstream router NAT's the LAN interfaces to its external |
- | Provided the additional internal downstream router can disable NAT and " | + | Provided the additional internal downstream router can disable NAT and " |
!!Note: AstLinux 1.2.7 or later is required!! | !!Note: AstLinux 1.2.7 or later is required!! | ||
- | |||
===== NAT Foreign Network(s) ===== | ===== NAT Foreign Network(s) ===== | ||
Support of this configuration is simple, editing the ''/ | Support of this configuration is simple, editing the ''/ | ||
- | For example, add a downstream router off the AstLinux 2nd interface (172.30.10.1/ | + | For example, add a downstream router off the AstLinux 2nd internal |
- | Subnet | + | Router LAN 1: 192.168.6.0/ |
- | Subnet | + | Router LAN 2: 192.168.7.0/ |
- | Subnet | + | Router LAN 3: 10.1.10.0/ |
!!Note -> | !!Note -> | ||
+ | |||
+ | On the AstLinux box, add to ''/ | ||
+ | |||
+ | NAT_FOREIGN_NETWORK=" | ||
+ | |||
+ | On the AstLinux box, add to ''/ | ||
+ | |||
+ | #!/bin/sh | ||
+ | | ||
+ | . / | ||
+ | | ||
+ | ## Add foreign network routes off the 2nd internal interface using gateway gwip | ||
+ | gwip=" | ||
+ | | ||
+ | for x in $NAT_FOREIGN_NETWORK; | ||
+ | ip route add $x via $gwip dev $INT2IF | ||
+ | done | ||
- |