Re: NAT-setup: modification requared



Hiisi wrote:
Dear List!
I have F11 machine which shares WEB to small home wired network. F11 computer has 3 ethernet adapters - one built in motherboard (eth0, 'main' adapter) and two additional cards (eth1,2). With grate help of this list and even greater help of google I was able to set up NAT over it. It worked perfect while there was only one client in the home network - window$ laptop, connected to eth1 (eth2 was down). Now I added second laptop - it runs ubuntu. I turned on eth2 and tried to do the same trick with it but no lack until now. Here goes mine configuration:

Do you really need to keep the two private machines from talking to one another? If so change eth2 to 192.168.3.20 and run a separate network for each. Otherwise you might find less effort in investing in a switch and moving the work there. I appreciate that you may have policy or financial issues which prevent this, that hardware is inexpensive in the US but might no be at your location.

ifconfig
eth0 Link encap:Ethernet HWaddr 00:0F:EA:22:A0:2C
inet addr:192.168.0.203 Bcast:192.168.1.255 Mask:255.255.254.0
inet6 addr: fe80::20f:eaff:fe22:a02c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:124015 errors:0 dropped:0 overruns:0 frame:0
TX packets:25838 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:21230917 (20.2 MiB) TX bytes:4769745 (4.5 MiB)
Interrupt:19 Base address:0xe000

eth1 Link encap:Ethernet HWaddr 00:80:48:2E:43:9C
inet addr:192.168.2.20 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::280:48ff:fe2e:439c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11044 errors:0 dropped:0 overruns:0 frame:0
TX packets:9539 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8868181 (8.4 MiB) TX bytes:3991105 (3.8 MiB)
Interrupt:18 Base address:0x8000

eth2 Link encap:Ethernet HWaddr 00:40:F4:98:DB:E9
inet addr:192.168.2.40 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::240:f4ff:fe98:dbe9/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:75 errors:0 dropped:0 overruns:0 frame:0
TX packets:73 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5935 (5.7 KiB) TX bytes:14586 (14.2 KiB)
Interrupt:19 Base address:0xa000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:329 errors:0 dropped:0 overruns:0 frame:0
TX packets:329 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:69191 (67.5 KiB) TX bytes:69191 (67.5 KiB)

route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 * 255.255.255.0 U 0 0 0 eth1
192.168.2.0 * 255.255.255.0 U 0 0 0 eth2
192.168.0.0 * 255.255.254.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 1002 0 0 eth0
link-local * 255.255.0.0 U 1003 0 0 eth1
link-local * 255.255.0.0 U 1004 0 0 eth2
default mitht2.imt.ru 0.0.0.0 UG 0 0 0 eth0

sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1

iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.3.1 on Tue Sep 1 23:36:23 2009
*nat
:PREROUTING ACCEPT [1264:158963]
:POSTROUTING ACCEPT [96:14688]
:OUTPUT ACCEPT [462:49878]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Tue Sep 1 23:36:23 2009
# Generated by iptables-save v1.4.3.1 on Tue Sep 1 23:36:23 2009
*filter
:INPUT ACCEPT [7849:1116249]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1219:189475]
-A FORWARD -i eth0 -j ACCEPT
-A FORWARD -i eth1 -j ACCEPT
-A FORWARD -i eth2 -j ACCEPT
COMMIT
# Completed on Tue Sep 1 23:36:23 2009

Window$ laptop has 192.168.2.30 address and uses 192.168.2.20 (eth1 IP) as gateway. DNS is the same as on F11 machine.
I've tried to set up 192.168.2.50 as IP for ubuntu laptop with default gateway of eth2 IP address: 192.168.2.40. It doesn't work. When I'm trying to ping 192.168.2.50 from F11 the result is:
ping 192.168.2.50
PING 192.168.2.50 (192.168.2.50) 56(84) bytes of data.
From 192.168.2.20 icmp_seq=2 Destination Host Unreachable
From 192.168.2.20 icmp_seq=3 Destination Host Unreachable
From 192.168.2.20 icmp_seq=4 Destination Host Unreachable
^C
As I can understand packets go from wrong IP. Namely, from eth1 when I would like them to go from eth2.
How to fix that?
Thank you for your attention!
Respectfully
--
Hiisi.
Registered Linux User #487982. Be counted at: http://counter.li.org/



--
Bill Davidsen <davidsen@xxxxxxx>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines