[PLUG] Routing question

Russell Senior seniorr at aracnet.com
Sat Feb 26 09:21:26 UTC 2005 

>>>>> "alan" == alan  <alan at clueserver.org> writes:

alan> Network A is a bunch of Mac OS X machines.

alan> Network B has a spiffy Ricoh multifunction scanner/printer/fax
alan> uberprinter that they want to use from network A.  I have mapped
alan> out the ports that it responds to, but it looks like this thing
alan> can connect out to machines on its own.

alan> Internet GW (10.0.1.1)       Internet GW (10.1.1.1)
alan>    |                                |
alan> Network A (10.0.1.0/24)      Network B (10.1.1.0/24)
alan>    |                                |- printer (10.1.1.220)
alan>    |------- 10.0.1.220 (eth0)       |
alan>                 |              10.1.1.221 (eth1)
alan>                 |--- Slackware Box -|

alan> I can't force static routes on the other machines because I do
alan> not control them.  I would only need to do that on Network A as
alan> Network B is fine on its own, except for routing back from the
alan> printer. If I did not have to worry about the scanner connecting
alan> back, I would just nat between the two.

alan> I have done something similar to this 10+ years ago, but it was
alan> on Solaris.

Hmm.  I am not certain but if you can control routing on the gateways,
maybe this will work: you tell 10.0.1.1 to route 10.1.1.0/24 traffic
to 10.0.1.220, and tell 10.1.1.1 to route 10.0.1/24 traffic to
10.0.1.0/24 traffic to 10.1.1.221.

Ah, according to my _TCP/IP Illustrated, Volume 1: The Protocols_
(W. Richard Stevens), Section 9.5 deals with ICMP Redirects:

  "The ICMP redirect error is sent by a router to the sender of an IP
  datagram when the datagram should have been sent to a different
  router. [...]

  "1.  We assume that the host sends an IP datagram to R1.  This
  routing decision is often made because R1 is the default router for
  the host.

  "2.  R1 receives the datagram and performs a lookup in its routing
  table and determines that R2 is the correct next-hop router to send
  the datagram to.  When it sends the datagram to R2, R1 detects that
  it is sending it out the same interface on which the datagram
  arrived [...].  This is the clue to a router that a redirect can be
  sent to the original sender.

  "3.  R1 sends an ICMP redirect to the host, telling it to send
  future datagrams to that destination to R2, instead of R1.

So, if the Network A hosts are honoring the redirects, they should
forward subsequent datagrams directly to R2 (your slackware box), from
whence they should be delivered normally.  Even without the redirect,
the routing ought to work like this, it'll just double the traffic on
the originating network as it bounce off the gateway router.

If you can't control routing on the gateways, then you might be
screwed unless you can forge the redirects from R2.  Or maybe there is
another or a better way.


-- 
Russell Senior         ``I have nine fingers; you have ten.''
seniorr at aracnet.com

More information about the PLUG mailing list