Hi all This question is not related to Fedora, however, because of the kind of Linux talent available here, I am posting this question here. Please do help. I am using a cable ISP who uses Linux based servers, and provides outbound connectivity using 172.16.x.x IP range, NAT & transparent squid proxy. Since, I wanted to connect my computer to the net directly, I asked for a static real-ip. I myself use a dedicated Linux GW with 192.168.x.x address range, a dedicated minimum install linux GW with NAT & transparent squid proxying, a Green Subnet & a DMZ subnet on which I have putup a apache/qmail setup. I use port forwarding from the GW to DMZ for mail & web. I have also setup a qmail server on the Green Subnet, which I use to send my outgoing mail presently, till my real IP really works (DMZ server is normally off, unless testing, till I can get the setup right). Now the issue is this. They have allocated an IP 202.x.x.139 and have given me a GW address of 202.x.x.137. When an incoming http request comes to my server, it records (apache logs) the GW address i.e. 137 as the visitor address in my apache logs in all cases....original IP address of the visitor is not recorded. On the other hand, when I send my mail, the server on the other end records two IP addresses in the email headers...one is the IP address of my server in the Green Subnet of my LAN i.e. 192.168.x.x and the second is 202.x.x.130 (My ISP says 130 is the alias of the 137) Also, when I visit any site like checkmyip.com, it shows my IP address as 202.x.x.130. Now, the argument is this...I say all sites, irrespective of the protocol (smtp/http outgoing/incoming), only the ip address issued to me i.e. 202.x.x.139 should be recorded everywhere, as the job of the gateway is routing & not two-way port forwarding and the source IP addresses should not be magled/changed by the Linux router/machine.. On the other hand, the ISP claims, its not so....when using Linux for routing the gateway address will be recorded...and the results or the so-called problem issues I am raising are invalid. As the Linux machine is sending the packets to the net, it has to tell its IP in the packets, by changing the source address. Please let me know, what is correct. The packets should be routed to the network from the network CIDR address, which I think can be derived from the IP address and the routing after that should be taken care of by the ISPs Linux routers/servers, without mangling the source IP of the packets. If we cant work it out, I will have to shift to a dial-up connection, which is quite expensive compared to flat rate always on connection. However, this goes against all I think I have learned about Linux & TCP/IP and before I get the service disconnected, I want to tell the person that he is wrong here. Can someone please advise me, if I am right? and what the ISP seems to be doing & what he should be doing? Sorry for a loooong post but I thought, I rather err on the side of clarity. Hope you guys can help me, like so many others you have helped. With best regards and thanks in advance. Sanjay. P.S: I have CCd this email to the tech guys of my ISP,....if you are not using any SPAM challenge/blocking devices & it would not be too much trouble, please cc the replies to them also.
