Routes, Routing Tables, NAT, etc. - I'm confused. HELP

[phylaxis]

I have searched and searched for information on how to configure routing tables in OS X, but the only answers I seem to find relate to Cable and DSL modems and how to share a IP connection. I need info on LAN/WAN routing. Does anyone out there know how to configure a mac OS X machine's routing tables? My specific situation is this:

I have two IP networks at my office. One is our public T1 Internet access it has a firewall, proxy server, etc and uses a specific router at say: 1.0.2.138. Now, we also have a second private T1 that offers a secure point to point connection to a server farm in a data center off site. It has it's own router at 1.0.5.100. My issue is this: currently all traffic from my desktop Mac OS X machine goes through the public router. Now when I need to access one of the machines in our server farm I need the traffic from my machine to go through the private router. Now just know in advance, my IS Department is lame and this needs to be handled at my machine and not elsewhere on my network (say at the router maybe). So I need to know how to configure the routes locally on my mac. In Windows I set up a permanent static route using the route command like this:

route -p add 192.168.10.0 mask 255.255.255.0 1.0.5.100

So, add route -p for permanent, 192.168.10.0 the target network, 255.255.255.0 subnet, and 1.0.5.100 the router to use for traffic to this network.

How can I do this in OS X? I am thinking it may be part of NetInfo Manager? Or is it just like the cable/dsl examples I have seen and do I use NAT? I have already done man on route, routed, etc. I need a less technical answer since I am not a UNIX guru.

Thanks for your help.
- Phyl

 

[cLouD[x]]

typing route -p add 192.168.10.0 mask 255.255.255.0 1.0.5.100 is also similar to what you type on Unix. and this is also a technical solution on a Windows box so i don't see there a non-technical solution on both platforms.

looking at both ip's your subnet in order to talk to each other will have to change or put a router in between. 255.255.255.0 doesn't work well with 192 and 1.

the commands for your sake.
to add a static route: route add net 192.168.10.0 1.0.5.100
this route will be deleted upon reboot

for permanent routes you might have to add it to your /etc/rc file.

 

[phylaxis]

CloudX,
Thank you. This worked perfectly. I know about the network (subnet) issues. Like I said our IT staff are not very good at network engineering. I have no experience in networking at all, but I do know some basics. My lack of expertise does not really allow me to say anything though. For now I just try to live with it. Thanks again.

-Phyl

 

[phylaxis]

CloudX,
I went to add the route to the /etc/rc file, but right at the top of the file it recommends adding custom startup scripts to the system startup directory instead of editing the rc file. Do you know which directory I should add this script to? Also is there any special syntax I need to add since you need to have root access to add a route?

Thanks,
Phyl

 

[phylaxis]

testuser,
I did something very similar to what you described. i found instructions in another post. This works great and it is cool because you can see the script being called during startup. Thanks to everyone for their help.

-Phyl

 

[Juan Manuel]

Hello testuser.

I read your reply to the original poster's problem and I thought it was great. You indeed solved the problem, as stated by the poster. Correct me if I'm wrong but from what you wrote you seem to me like an experienced unix user or maybe even a guru. So I wanted to ask you for your help if that's alright because I'm in a real rabbit hole here. I'm trying to set up NAT and IPAliasing but with a single ethernet port, because my server is an iMac. I have to provide Internet connectivity to a set of G4s but with only one IP, and I have already tried some suggestions but I can't get it right. I'd be most glad if you could guide me through the process if you know it, give me some useful hints if that's all you've got, or maybe even give me new suggestions that might get me around my problem.

If you need a more detailed explanation please let me know, I'll gladly provide you all the information you need. I can post here or maybe send you an e-mail (which is?) if you prefer that , and if you want you can tell me right here or send me an e-mail. Feel free to contact me at any time at "jmpalacios@mac.com".

Thank you in advance for your attention,...

Juan.

 

[Juan Manuel]

Hello Testuser. Sorry for not posting for so long but it's just that I've been away for a while. Your suggestions are really good and useful, but unfortunately we have serious budget limitations and I need to cut down on the expenses (company is just beggining!).

I have a hardware based router at home and it works like a charm. I use the Asanté one and recomended the Lynksys to a friend. No complaints from either one. But at work I wanted the sowftware based one also because of personal reasons. I say quite arrogantly that no computer has defeated me yet, so I wanted to keep that one up! And I had to go for the iMac because all of the G4s are on constant Graphic Desing usage. My main problem was the lack of a second ethernet port and the lack of support for IPAliasing on a single NIC on behalf of the programs. But fortunately the latest build of gNAT managed to include the support I needed so I downloaded it and it's working like a charm. I had tried it before but it didn't work for me back then.

I have, however, new problems now, which I'll nail down just the same, hopefully. And if your help is included in this task I'll be most thankful. I have four fixed IPs from my braodband ISP (guessed right!) which I assigned to the company's four primary computers, one of them being the iMac. They can see the nat'ed computers because AppleTalk is on, but I wanted to turn it off for security reasons. So in order to get the remaining three computers to see the nat'ed ones I have to get a static port mapping table running on the iMac, but I don't have much idea on how to do this. I've been advised to use Brickhouse because it supports it and gNAT apparently doesn't. I'd love to hear your suggestions on this one. The fixed IPs are on the 10.0.0.x range which means they are already nat'ed and can't be seen by the ISP's mainframes, but I don't think it'd be a good idea to just hook up all the computers on my company to that subnetwork because that'd be a violation of the four IPs contract ( I was already suggested to do this). All I'm trying to do is provide Internet access to the G4s because they really need it, while retaining both ways fluent comunication (without AppleTalk!) between all the computers in the company, mainly for AFP.

I think I have already flooded you with enough questions. Sorry for replying so late and for the length. I could really use your help on this one. By the way, are you a member of any of Apple's user lists?

Thank you for the support and the time. Yours, sincerily,...


Juan.

P.S.: Where are you from? Your spanish is not bad, ¡para nada! Yo soy de Venezuela, y tambien soy un usuario ansestral de Macintosh, pero con alguna experiencia en Linux.