How to route multiple subnets from ISP


#1

My ISP is providing me with two subnets:

aaa.bbb.188.160/27 (subnetA)
xxx.yyy.195.224/27 (subnetX)

ISP router - aaa.bbb.188.161 (my routers static 0.0.0.0/0 route)
My Router - eth0 has 2 IPs
aaa.bbb.188.164
xxx.yyy.195.225

ISP is routing subnetX to my router IP aaa.bbb.188.164.

When I put a server on subnetX with a gateway of my router, xxx.yyy.195.225, I can ping my router subnetA but not the ISP router on subnetA. I can’t ping anything from subnetX other than other devices on subnetX and my router. I can’t get to google for example.

When I traceroute to a device on subnetX from anywhere in the world it does make it to my aaa.bbb.188.164 router, but stops there. This tells me that my ISP is routing the subnet correctly, but my router does not know how to handle it even though both subnets are local to the interface.

I have done this plenty of times with Cisco, but can’t quite figure it out on Vy.


#2

can you post your interface config and routing config (ip route)


#3

Here is eth0
address aaa.bbb.188.164/27
address aaa.bbb.188.165/27
address aaa.bbb.188.166/27
address aaa.bbb.188.167/27
address aaa.bbb.188.168/27
address aaa.bbb.188.170/27
address aaa.bbb.188.179/27
address aaa.bbb.188.178/27
address aaa.bbb.188.177/27
address aaa.bbb.188.174/27
address aaa.bbb.188.184/27
address xxx.yyy.195.225/27
duplex auto
smp_affinity auto
speed auto

Routing Table
S>* 0.0.0.0/0 [1/0] via aaa.bbb.188.161, eth0
C>* aaa.bbb.188.160/27 is directly connected, eth0
C>* xxx.yyy.195.224/27 is directly connected, eth0
C>* 127.0.0.0/8 is directly connected, lo
C>* 192.168.254.0/24 is directly connected, eth1


#4

Anyone have any thoughts here? Am I missing something really simple?


#5

Ok, it was really simple. I stepped away for a few days and came back.

It was firewall related. I have an inbound rules applied to eth0. I allowed 188.164 to any/any to 195.225/27

Hope this helps others.


#6

Hi
If ISP is routing subnetX to my router IP aaa.bbb.188.164.

Why do you have address xxx.yyy.195.225/27 on eth0? Would it not be nicer to have it behind the router? Then you don’t need to NAT those addresses.