Dealing with multiple layers of routers

Python python at venix.com
Wed Jun 7 14:10:01 EDT 2006 

On Wed, 2006-06-07 at 12:09 -0400, Bill Freeman wrote:
> Where I'm working we have a Netgear router attached to the DSL modem,
> to which all the wired users are connected, with NAT and DHCP serving
> up 192.168.0.xxx addresses.
> 
> One of the things wired to the Netgear is the "internet" port of a
> Linksys wireless-G router (probably too new to install Linux on it),
> which serves up a wireless network on 192.168.1.xxx.
> 
> This works pretty well.  Everyone can get to the internet.  The local
> print server/disk server is on the wired network, so everyone can use
> it.  Folks on the wired network can access services running on wired
> machines.
> 
> But, of course, folks on the wired network can't access services on
> machines connected to the Linksys (even using a wired connection to
> it).  The trouble is that we would like to offer the latest development
> version of our web app running on our wireless development machines to
> the marketing folks on the wired network.
> 
> Sure, it's easy to configure a particular port accessed at the "internet"
> port of the Linksys to go to a specific machine on the wireless network,
> but we would like to have multiple marketing folks able to access multiple
> developer's machine's servers.  And we don't want to re-configure the
> router everytime we want to change who serves what.  And spur of the
> moment instigation of an ssh session from a marketing machine to a specific
> developer machine is desired.
> 
> I think that what I need to do is disable NAT and firewall on the Linksys.
> (We would still be protected from the internet by the firewall in the
> Netgear.)  If that's possible.  

Sounds good to me.

> Then would I be able to configure the
> Netgear's DHCP server to tell the wired folks to route to 192.168.1 via
> the IP that the Linksys has on the 192.168.0 network?  Or woould it be
> possible to hide the static route from 192.168.0 to 192.168.1 entirely
> in the Netgear's internal routing rules?  

I would expect this to work.  The netgear router is the default for
everyone in 192.168.0.0/24.  The netgear knows to reach 192.168.1.0/24
via 192.168.0.xxx - the linksys ip address on the 192.168.0.0 sub net
from the internal entry.

I lent out my linksys router, so I can not test this - I do not have a
production system at risk here so I could test with impunity.

Presumably you are controlling the DHCP assignments so that your Name
Server knows how to resolve names to numbers and DNS is not tied into
those routers.

> (The wireless folks already
> go to the Linksys for routing to 192.168.0, since it's not within their
> local network's netmask.)  Or am I likely to have to hand configure all
> the wired guys with a static route to 192.168.1?
> 
> Or I guess I might be able to connect the routers via downstream ports on
> both, using a cross over cable.  Then I either need to disable DHCP on
> the Linksys (that I'm sure that I can do), or arrange for both DHCP servers
> to specify a 255.255.254.0 netmask, and the Netgear as the router to the
> internet.  (I'd actually like to keep the wireless guys with 192.168.1
> addresses and the wired guys with 192.168.0 addesses, but this is a much
> softer requirement.)
> 
> I'd appreciate comments and (some of the) suggestions.
> 
> Bill
> 
> _______________________________________________
> gnhlug-discuss mailing list
> gnhlug-discuss at mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

-- 
Lloyd Kvam
Venix Corp

More information about the gnhlug-discuss mailing list