Re: Internet/LAN simulation
From: Juhan Leemet (juhan_at_logicognosis.com)
Date: 08/02/04
- Next message: Juhan Leemet: "Re: Problem solved - still cannot ping Linux machine from Win XP and vice versa"
- Previous message: Neil Cherry: "Re: Routing 10.0.0.0 through Linksys router to my Cisco DSLmodem?"
- In reply to: Some_Other_Nerd: "Internet/LAN simulation"
- Next in thread: Some_Other_Nerd: "Re: Internet/LAN simulation"
- Reply: Some_Other_Nerd: "Re: Internet/LAN simulation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 02 Aug 2004 19:40:40 -0200
On Mon, 02 Aug 2004 08:22:15 -0700, Some_Other_Nerd wrote:
> I am trying to test a gateway/server/firewall in a semi-fake
> environment before using it for real, but for some reason, I can't get
> it to ping the 'internet' computer.
Which is the 'internet" computer? I don't see any labelled like that.
Do you mean "a real computer on the real internet"? Something like
www.ibm.com? I'll assume that's what you mean.
Also, be aware that some gateways and/or machines specifically block ping!
Which specific machine or site are you trying to ping?
I assume you can do it directly from your "real-internet" gateway machine?
and from your server machines and dhcp-clients attached to your hub? but
not from your fake-internet machines behind your "gateway-test" machine?
> layout:
>
> <real-internet>
> \ | | | /
> [isp]
> |
> {eth0}
> (masquerade)
> [gateway-current]
> {eth1}
> |
> [--------hub----------] - - - <internal servers>
> | | | | | !\!
> <dhcp-clients> !\!
> {eth1}
> [gateway-test]
> (masquerade)
> {eth0}
> |
> [fake-internet]
>
> note:
> %!\\!% is a disconnected cable (for testing)
> %\{[^\}]*\}% is the network interface
> %\[[^\]]*\]% is a single machine
> %<[^>]*>% is a group of machines
> %\([^\)]*\)% is a nat action
> %(\||/|\-|\\)% is (part of) a cable
This is totally incomprehensible to me. What are you trying to say?
BTW, I'm not sure if you can apply NAT twice (nested?)? Normally, for an
internal network you would just do routing, and not NAT. There is normally
only one NAT done at the gateway, where you HAVE to mash all your IP
connections onto a single IP address given you by your ISP. Anyone else?
> details:
>
> gateway-test:
> eth0:
> address 1.1.1.2
> netmask 255.255.255.0
> network 1.1.1.0
> broadcast 1.1.1.255
> eth1:
> address 192.168.1.65 (attached to a real LAN, using dhcp)
> netmask 255.255.255.0
> network 192.168.1.0
> broadcast 1.1.1.255
> gateway 192.168.1.1
>
> fake-internet:
> eth0
> address 1.1.1.1
> netmask 255.255.255.0
> network 1.1.1.0
> broadcast 1.1.1.255
>
> gateway-current:
> eth0
> address 204.x.x.x
> netmask 255.x.x.x
> network 204.x.x.x
> broadcast 204.x.x.x
> gateway 204.x.x.x
> eth1
> address 192.168.1.1
> netmask 255.255.255.0
> network 192.168.1.0
> broadcast 192.168.1.255
>
> LAN-dhcp:
> address 192.168.1.32 - 192.168.1.100
> netmask 255.255.255.0
> network 192.168.1.32 - 192.168.1.100
> broadcast 192.168.1.255
> gateway 192.168.1.1
>
> LAN-static
> address 192.168.1.2 - 192.168.1.31
> netmask 255.255.255.0
> network 192.168.1.32 - 192.168.1.100
> broadcast 192.168.1.255
> gateway 192.168.1.1
>
> TIA
-- Juhan Leemet Logicognosis, Inc.
- Next message: Juhan Leemet: "Re: Problem solved - still cannot ping Linux machine from Win XP and vice versa"
- Previous message: Neil Cherry: "Re: Routing 10.0.0.0 through Linksys router to my Cisco DSLmodem?"
- In reply to: Some_Other_Nerd: "Internet/LAN simulation"
- Next in thread: Some_Other_Nerd: "Re: Internet/LAN simulation"
- Reply: Some_Other_Nerd: "Re: Internet/LAN simulation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
