Let’s say your local subnet is 192.168.1.0/24, which means that all IP addresses between 192.168.1.1 and 192.168.1.254 are considered to be local.
If you ping any machine within this local subnet, your Mac OS X client or server doesn’t need a router to access the other machine, as a layer 2 ethernet switch will just do the job.
Yet, if you connect to an external machine, let’s say to 213.64.55.1, Mac OS X sends the request to the router you entered in the Network Preference Pane in System Preferences.
Now let’s imagine your setup looks like this:
Let’s also imagine, you are sitting in front of the machine with the ip address 192.168.1.10.
On the top of the picture you see a demilitarized zone (DMZ), in which we placed our mail and web server. Only the server uses the upper internet connection.
On the left-hand side we see a second internet connection, which is the default gateway for all our machines.
The firewall on the left has the internal IP address 192.168.1.1, while the firewall on the top has the internal IP address 192.168.1.254.
Let’s also imagine that the firewall on the top is the only way for our internal network to connect to our web server, which has the IP address 192.168.2.100. This means, that the web server has its own subnet that it only shares with our upper firewall.
On the client machine, we enter 192.168.1.1 -the IP address of the default gateway on the left- as the router address in Mac OS X’s network preferences.
If now you ping the web server’s address 192.168.2.100, you will get a “no route to host” error message.
This happens, because our router on the left doesn’t know about the web server.
There are three solutions to this challenge:
- Each time you want to access the web server, you change your default router to 192.168.1.254, the upper firewall. In fact, this is not a solution for daily usage.
- You set up a static route in your firewall on the left. Even cheap routers like Draytek Vigor machines can do this. This way your client computers just use the default gateway, and the gateway takes care for the rest. Probably the easiest solution if you have access to your network resources.
- The third solution -which is the one we will discuss here- is to tell your client machine to use the upper firewall whenever you want to access the web server.
You find howtos all over the internet, in which you learn how to set up a static route on a UNIX system like Mac OS X.
Yet, after a reboot static routes disappear, and you need to install a startup item or launchd job to automatically set up your static route after a reboot.
I found a nice little GUI application to take care for the whole process (see RouteSplit), yet, the routes set up with it don’t survive a reboot on 10.4 machines.
So here’s the way how to set up static routes which persist after a reboot of your machine, no matter if you are on 10.4 or 10.5:
- Try if the route command works fine. An example command in /Applications/Utilities/Terminal would be
sudo route add -host 192.10.2.100 192.168.1.254
where ‘-host’ means we are going to add a static route to a single machine only.If instead of a single machine you need to access a whole network using a second router, you would choose ‘-net’ instead. ’192.10.2.100′ is the IP address of our web server, ’192.10.1.254′ is the address of the router we need to go through. After you entered the command, try if you can now ping the web server.
If it works, everything went fine.
If -as an alternative- you want to set the upper router as the gateway to the subnet 192.168.2.0/24, you would enter
sudo route add -net 192.168.2.0 192.168.1.254 -netmask 255.255.255.0Read the route man pages for details of setting static routes.
- Secondly, we need to convince Mac OS X to automatically set the static route after a reboot.
In 10.5 we can simply use a launchd entry in /Library/LaunchDaemons, which can look like this. Just copy the file into /Library/LaunchDaemons/ and activate it by typing
sudo launchctl load -w /Library/LaunchDaemons/setstaticroute.plist
Now 10.5 will load the static route at startup and set the route again every 20 minutes if for any reason Mac OS X loses the route later on.So far so good. Yet, in 10.4 this doesn’t work. If you are using 10.4 machines, the best way to set the route during startup is creating a startup item. This version also works for 10.5.
To do so, copy this file to your machine, unzip it, and copy the folder named SetStaticRoute into /Library/StartupItems/ (including its content). Adapt the file ‘SetStaticRoute’ according to the description above.
Reboot your system, and now you should be able to use the static route.
Okay, now you have a method of setting up static routes which survive a system’s reboot.
If you want to set up the same static routes on multiple Macs, the easiest way to do so is to use Apple Remote Desktop.
Select all machines and chose COPY from the tool bar. Now select the unpacked folder named ‘SetStaticRoute’ and copy it to /Library/StartupItems/. After a reboot all these machines can use the additional route.
One last thing: Are you interested in having the whole thing as a GUI application?
I am thinking of writing it, yet, I need some kind of mental support to take the time 
So if you want this as an app, please send me your feedback.