Thanks to
"Matthew Stier" <mstier@hotmail.com>
"Rick von Richter" <rickv@mwh.com>
Apparently Solaris is too brain dead to handle variable subnet routing, but
it _should_ do so in Solaris 2.6 (currently in Beta).
My alternatives are to replace the Solaris machine with Linux (which works!
I did my original plan based on Linux tests!) or to redesign the network so
that the routing is done on a Cisco instead. I'll probably have to take this
latter path because the inhouse team doesn't like the idea of "unsupported"
software.
Blurgh :-( Some days it just doesn't pay to think clever :-(
rgds
Stephen
ORIGINAL MESSAGE FOLLOWS
> Hi all! Here's one for the networking Sun managers out there...
>
> Here is the situation I want to build.... it's a private "10.x.y.z" network
> spread over multiple countries. My problem is in the London office.
>
> Originally we had the following:
>
> le0 C.D.E.F netmask 255.255.255.252
> qe0 G.H.I.1 netmask 255.255.255.0
> qe0:1 J.K.L.1 netmask 255.255.255.0
> qe0:2 192.168.1.1 netmask 255.255.255.0
>
> default route C.D.E.F'
>
> This works great, machines on the qe0 and qe0:1 networks can see the internet
> fine.
>
> Now we add the "10" network.
>
> qe3 10.11.3.101 netmask 255.255.255.0
> qe0:3 10.11.0.1 netmask 255.255.0.0
> route 10.0.0.0 via 10.11.3.100
>
> NOTE I have now variably subnetted the "10" network into a class C mask
> (connection to a Cisco), a class B mask (local network) and a class A
> mask (the other countries), with the other countries defaulting via the
> Cisco.
>
> I thought this should work, with more specific routes overriding less
> specific routes.
>
> When I tested this config on a Linux machine, it seemed to work fine.
>
> But it doesn't seem to be the case on my Solaris 2.4 system. I can
> ping/telnet the Cisco, great!
> I can ping a machine on 10.11.3.x, great! BUT the routing of the rest
> of the 10 network isn't so great :-(
>
> 10.0.x.y correctly goes to the Cisco
> 10.1.a.b is routed via the internet...!!!!!
>
> Does Solaris 2.4 have a problem with variable length subnet masks? Or am I
> doing something really really stupid?
>
> Thanks for your time!
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:49 CDT