====== Routing Through a Gateway ======

To allow the ''icct-net'', ''jupiter-net'' and ''saturn-net'' sub-nets to reach each other they need to have a gateway router defined at each join point. For hosts you have already provided for this by having set the //default gateway// to the cluster node.





===== Configuring a gateway =====

Before you can actually reach the other sub-nets, and the Internet, you still have to configure the cluster servers. These have two interfaces, one in each network that they talk to. These are set up independently to talk to their networks. Before they can perform routing between the two networks, they have to be set up to //forward// IP packets to one another. By default, this feature is turned off. To turn IP forwarding on, you have to enable IP forwarding in the Linux kernel. Most firewall and routing HOWTOs instruct you to do this by running the following command as root [Rankin, 2005((Kyle Rankin, “Hack #40 Create an Emergency Router”, //Knoppix Hacks//, O'Reilly Media Inc., 2005.)), Hubert et al., 2003((Bert Hubert et al., Linux Advanced Routing & Traffic Control HOWTO, Version 1.1, 22 July 2003, http://www.ibiblio.org/pub/Linux/docs/HOWTO/other-formats/html_single/Adv-Routing-HOWTO.html.))]. 
<cli>
root@myhost:~# echo 1 > /proc/sys/net/ipv4/ip_forward
</cli>

However, under Ubuntu, you must change that command so that it works under the ''sudo'' environment by typing:
<cli>
icct@myhost:~$ sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
</cli>

However, this only works until the next boot. To make this change permanent edit the file ''/etc/network/options'' and change the line which states ''ip_forward=no'' to ''ip_forward=yes''. When this is done it will look like this:

  # /etc/network/options - for ICCT network
  # set ip_forward=yes if you need to set
  # up a machine with two network interface cards
  # as a router
  ip_forward=yes
  spoofprotect=yes
  syncookies=no

You may need to reboot to turn this setting on. To reboot, use:
<cli>
icct@myhost:~$ sudo /sbin/shutdown -r now
</cli>

Once IP forwarding is turned on, the interfaces are set up using ''route add'' to match the aliases defined in ''/etc/hosts'' and **Table 1** in [[eg-253:network:step2#our_configuration|our configuration]].

You should assign the addresses ''jupiter-if1'' and ''saturn-if1'' to ''eth0'' on both cluster servers. The ''if1'' interface will be serve as the gateway from ''icct-net'' to the subnet. Similarly the addresses of ''jupiter-if2'' and ''saturn-if2'' will be assigned to ''eth1''. You will note from the settings in the ''/etc/hosts'' file that ''jupiter-if2'' and ''saturn-if2'' are defined as aliases for ''jupiter'' and ''saturn'' respectively and that ''jupiter'' and ''saturn'' have already been set as the gateways for the hosts on their respective sub-nets.

To set up the interfaces, we only need to tell ''jupiter-if1'' and ''saturn-if1'' that they can route to ''icct-net'', and ''jupiter-if2'', and ''saturn-if2'' that they are part of ''jupiter-net'' and ''saturn-net'' respectively. We also need to tell ''saturn-if1'' that it can route to ''jupiter-net'' via gateway ''gw-jupiter'', and ''jupiter-if1'' that it can route to saturn-net via gateway ''gw-saturn''. Finally, both interfaces are told that ''solaris'' is the default gateway so that any IP packets not intended for the ''192.168.0.0'' network will be routed via the Linksys gateway router.

To illustrate this in more concrete terms, this is what the settings should look like in ''/etc/networks/interfaces'' on ''jupiter'':

    # Interface in icct-net does the routing,
    # so needs to know about the rest of the network.
    
    auto eth0
    iface eth0 inet static
      address 192.168.1.3
      netmask 255.255.255.0
      gateway 192.168.1.1 # default for jupiter is solaris
      # route to saturn-net
      up   route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.1.4
      down route del -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.1.4
    
    # Interface in jupiter-net is much simpler
    auto eth0
    iface eth1 inet static
      address 192.168.2.1
      netmask 255.255.255.0

The settings are similar on ''saturn'', just adjust the IP addresses according to **Table 2**.

Once the cluster gateway routers are configured, and networking is restarted, you should be able to ping any host (including the Internet gateway router and the Internet) from any host on the ICCT network.












----

[[eg-253:network:step3|Previous Step]] | [[eg-253:network:home|Home]] | [[eg-253:network:step5|Next Step]]