[PLUG] Routing question

Darkhorse plug_0 at robinson-west.com
Sat Feb 26 17:48:46 UTC 2005


On Sat, 2005-02-26 at 01:21, Russell Senior wrote:
> >>>>> "alan" == alan  <alan at clueserver.org> writes:
> 
> alan> Network A is a bunch of Mac OS X machines.
> 
> alan> Network B has a spiffy Ricoh multifunction scanner/printer/fax
> alan> uberprinter that they want to use from network A.  I have mapped
> alan> out the ports that it responds to, but it looks like this thing
> alan> can connect out to machines on its own.
> 
> alan> Internet GW (10.0.1.1)       Internet GW (10.1.1.1)
> alan>    |                                |
> alan> Network A (10.0.1.0/24)      Network B (10.1.1.0/24)
> alan>    |                                |- printer (10.1.1.220)
> alan>    |------- 10.0.1.220 (eth0)       |
> alan>                 |              10.1.1.221 (eth1)
> alan>                 |--- Slackware Box -|
> 
> alan> I can't force static routes on the other machines because I do
> alan> not control them.  I would only need to do that on Network A as
> alan> Network B is fine on its own, except for routing back from the
> alan> printer. If I did not have to worry about the scanner connecting
> alan> back, I would just nat between the two.
> 
> alan> I have done something similar to this 10+ years ago, but it was
> alan> on Solaris.
> 
> Hmm.  I am not certain but if you can control routing on the gateways,
> maybe this will work: you tell 10.0.1.1 to route 10.1.1.0/24 traffic
> to 10.0.1.220, and tell 10.1.1.1 to route 10.0.1/24 traffic to
> 10.0.1.0/24 traffic to 10.1.1.221.
> 
> Ah, according to my _TCP/IP Illustrated, Volume 1: The Protocols_
> (W. Richard Stevens), Section 9.5 deals with ICMP Redirects:
> 
>   "The ICMP redirect error is sent by a router to the sender of an IP
>   datagram when the datagram should have been sent to a different
>   router. [...]
> 
>   "1.  We assume that the host sends an IP datagram to R1.  This
>   routing decision is often made because R1 is the default router for
>   the host.
> 
>   "2.  R1 receives the datagram and performs a lookup in its routing
>   table and determines that R2 is the correct next-hop router to send
>   the datagram to.  When it sends the datagram to R2, R1 detects that
>   it is sending it out the same interface on which the datagram
>   arrived [...].  This is the clue to a router that a redirect can be
>   sent to the original sender.
> 
>   "3.  R1 sends an ICMP redirect to the host, telling it to send
>   future datagrams to that destination to R2, instead of R1.
> 
> So, if the Network A hosts are honoring the redirects, they should
> forward subsequent datagrams directly to R2 (your slackware box), from
> whence they should be delivered normally.  Even without the redirect,
> the routing ought to work like this, it'll just double the traffic on
> the originating network as it bounce off the gateway router.
> 
> If you can't control routing on the gateways, then you might be
> screwed unless you can forge the redirects from R2.  Or maybe there is
> another or a better way.
> 
> 
> -- 

Thanks Russel, BTW, what is the ISBN on your TCP/IP book and if
you don't mind, what other networking books might you recommend
for system administrators today?

     --  Michael




More information about the PLUG mailing list