Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 26 subscribers
  • Views 3664 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Internal LAN routing

rfcat_vk

Background.

Summers, coming and threatening to be very hot, so taking the opportunity  to merge two XGs into one more efficient box. I have two ISP connections for the moment.

I have setup rules to allow the various users to connect to their existing ISP, not a problem until I try to connect everything.

On one network I have the printers which I would like to share with the other network eg printers and users on 192 and other users 172 networks.

The issue being when trying to route traffic between internal networks the route requires a gateway. This does not seen logical to me that I need to send internal traffic out of a gateway which does not know about the other gateway. The other method would be using a firewall rule, but again that requires a gateway.

I will try to setup an internal interface as a gateway. I hope the solution does not require using the CLI, because that is also not  logical.

Your thoughts would be appreciated.

Ian



This thread was automatically locked due to age.
Parents
  • 0

    Not thinking laterally, I think I have the routing fixed. Putting into practice will be the final test.

    Next silly question, where does routing sit in the traffic processing priorities, above or below firewall rules? Logically it should be above firewall rules.

    Ian

  • 0 in reply to rfcat_vk

    That was a disaster, as soon as I connected the second ISP link the XG stopped passing traffic. Deleted all the new configuration, still no traffic. Restored to this morning's backup and still no traffic. The XG appeared to be very confused, it would pass some traffic according to the log viewer, but drop 90% using the wrong rule. Testing indicated that the XG had a internet connection but was very confused. After 10 minutes I have connectivity again. Wfif died, stopped broadcasting.

    Not happy.

    I will start the reconfiguration again and see if I can locate what caused the confusion. I suspect I should have powered off the XG and removed the power for awhile, the issue appeared to be the external interface NIC getting partially hung even after a restart.

     

    ian

  • 0 in reply to rfcat_vk

    The XG requires shutdown and power removed after I test each step and remove the second ISP link. The DHCP gets screwed and hands out wrong DNS servers, which don't work because the link is no longer connected. Which raises another question why does the XG choose the dns  supplied by the second ISP over my preferred ISP?

    Probably need to hard code the DNS entries to stop the failures.

    Ian

Reply
  • 0 in reply to rfcat_vk

    The XG requires shutdown and power removed after I test each step and remove the second ISP link. The DHCP gets screwed and hands out wrong DNS servers, which don't work because the link is no longer connected. Which raises another question why does the XG choose the dns  supplied by the second ISP over my preferred ISP?

    Probably need to hard code the DNS entries to stop the failures.

    Ian

Children
  • 0 in reply to rfcat_vk

    A complete restructure of the additional networks has them working, a bit of a surprise.

    Performance is response times is a bit slow on both ISP connections, but speed tests show normal throughput. I suspect this points at DNS issues and fixing lots of invalid packets.

    The interlan printing does not work, still investigating and my mail rule is now ignored, strange.

    Ian