(ASCEND) P50 routing on LAN side

To: "'ascend-users@bungi.com'" <ascend-users@bungi.com>
Subject: (ASCEND) P50 routing on LAN side
From: "Todd A. Scalzott" <todd@kastle.com>
Date: Wed, 7 Jan 1998 14:26:28 -0500
Encoding: 55 TEXT
Organization: Kastle Systems, LLC
Sender: owner-ascend-users@max.bungi.com


I've had my P50 up and running for what seems like years now (and may very 
well be so).  The connection has always been from a LAN numbered within 
our provider's supplied Class C through a Centrex connection.

All was well.

I then installed a firewall and for that purpose moved the P50 to a direct 
connection with the firewall's external interface via a crossover cable.

Again, all was well.

Now, however, I'm trying to configure some external plugs through the 
firewall to an SMTP host on the internal side.  The firewall is all set to 
go, but the routes don't seem to quite be there on the P50.

A ping attempt to all IPs in our class C fails, except that of the 
firewall.  Normally desired behavior, except for the case of the SMTP 
server.

What's happening is that I can see the ARP request make it all the way 
through from a shell account on a different provider to the P50 and then 
on through to the firewall.  What the firewall manufacturer tells me is 
that I need to have the P50 configured with a static route pointing to the 
external interface of my firewall as a router for the class C.    But the 
P50 already establishes a /24 route to the ie0 interface:

ascend% iproute show

Destination        Gateway         IF       Flg   Pref Met     Use     Age
0.0.0.0/0          205.177.45.89   wan9     SGP    100   1    1539     642
127.0.0.1/32       -               lo0      CP       0   0       0 7203241
127.0.0.2/32       -               rj0      CP       0   0       0 7203241
127.0.0.3/32       -               bh0      CP       0   0       0 7203241
172.17.1.0/24      -               ie0      C        0   0      94    2669
172.17.1.2/32      -               lo0      C        0   0       0    2669
205.177.45.0/24    205.177.45.89   wan9     rGT    100   1       0     509
205.177.45.0/24    205.177.45.89   wan9     *SG    120   7       0     643
205.177.45.89/32   205.177.45.89   wan9     rT     100   1      17     509
205.177.45.89/32   205.177.45.89   wan9     *SP    120   7       2     984
207.176.66.0/24    -               ie0      C        0   0    8773    2670
207.176.66.2/32    -               lo0      CP       0   0     124    2670
255.255.255.255/32 -               ie0      CP       0   0       0     643


So something like "iproute add 207.176.66.0/24 207.176.66.40 1" won't 
work--the existing route will always take precedence.

Any suggestions here or insight as to what I am missing?  Thanks In 
Advance.


Todd A. Scalzott, Kastle Systems, LLC.          Team OS/2
todd@kastle.com, postmaster@kastle.com



++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Follow-Ups:

Re: (ASCEND) P50 routing on LAN side

From: Kevin Smith <kevin@ascend.com>

Prev by Date: RE: (ASCEND) Max 200 Plus
Next by Date: (ASCEND) What about this?
Prev by thread: (ASCEND) What about this?
Next by thread: Re: (ASCEND) P50 routing on LAN side
Index(es):
- Main
- Thread