[Sunhelp] Confused about routing.
Kevin Stevens
kevin_stevens at hotmail.com
Thu Aug 24 13:28:48 CDT 2000
Salutations and felicitations of the day and season...
I'm somewhat confused about the way that routing is handled on my Sol8
system. This box acts as a home firewall, with an le0 interface on the
public side, and an hme0 interface on the private network side. Default
gateway is the .254 address of the ISP upstream. NAT is being performed by
IPF.
Now, I have to have routing enabled to be able to send/receive from the
private network. However, I don't really need dynamic routing, since there
are only three routes available (private network, public network, default
gateway). And I really would prefer not to be sending RIP broadcasts in any
case - there's no point in distributing private network info, and I don't
want it visible out there anyway.
I'm having trouble getting this set up the way I want it.
It's easy to go to a non-routed environment - I remove my gateways file, put
in a defaultrouter file, touch /reconfigure, reboot, and voila. In.routed
doesn't start up, netstat shows default route, hosts on the private network
can't reach the outside world.
It's easy to go to a dynamic routed environment - I remove my defaultrouter
file, put in a gateways file with the default route in there (set as
passive), touch /reconfigure, and reboot. In.routed starts up, hosts can
reach the outside world, and now I'm RIPping to both interfaces.
I guess my questions are:
Does in.routed need to be running to support a purely static routed
environment, or is there a simpler way?
Shouldn't the "passive" keyword in the gateways file listing (below) prevent
RIP broadcasts from that interface? If so, to prevent them from the private
interface would I need to add an explicit route in gateways or somewhere
else? If not, how do I turn RIP off?
(net 0.0.0.0 gateway xxx.xxx.xxx.254 metric 1 passive)
Is there a cleaner way to restart the networking after these config changes
than a reboot?
Any thoughts, observations, or general comments appreciated. Thanks!
KeS
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
More information about the SunHELP
mailing list