Re: NAT-setup: modification requared

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hiisi wrote:

Dear List!
I have F11 machine which shares WEB to small home wired network. F11 computer has 3 ethernet adapters - one built in motherboard (eth0, 'main' adapter) and two additional cards (eth1,2). With grate help of this list and even greater help of google I was able to set up NAT over it. It worked perfect while there was only one client in the home network - window$ laptop, connected to eth1 (eth2 was down). Now I added second laptop - it runs ubuntu. I turned on eth2 and tried to do the same trick with it but no lack until now. Here goes mine configuration:
Do you really need to keep the two private machines from talking to one another? If so change eth2 to 192.168.3.20 and run a separate network for each. Otherwise you might find less effort in investing in a switch and moving the work there. I appreciate that you may have policy or financial issues which prevent this, that hardware is inexpensive in the US but might no be at your location. 


ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0F:EA:22:A0:2C
         inet addr:192.168.0.203  Bcast:192.168.1.255 Mask:255.255.254.0
         inet6 addr: fe80::20f:eaff:fe22:a02c/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:124015 errors:0 dropped:0 overruns:0 frame:0
         TX packets:25838 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:21230917 (20.2 MiB)  TX bytes:4769745 (4.5 MiB)
         Interrupt:19 Base address:0xe000

eth1      Link encap:Ethernet  HWaddr 00:80:48:2E:43:9C
         inet addr:192.168.2.20  Bcast:192.168.2.255 Mask:255.255.255.0
         inet6 addr: fe80::280:48ff:fe2e:439c/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:11044 errors:0 dropped:0 overruns:0 frame:0
         TX packets:9539 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:8868181 (8.4 MiB)  TX bytes:3991105 (3.8 MiB)
         Interrupt:18 Base address:0x8000

eth2      Link encap:Ethernet  HWaddr 00:40:F4:98:DB:E9
         inet addr:192.168.2.40  Bcast:192.168.2.255 Mask:255.255.255.0
         inet6 addr: fe80::240:f4ff:fe98:dbe9/64 Scope:Link
         UP BROADCAST MULTICAST  MTU:1500  Metric:1
         RX packets:75 errors:0 dropped:0 overruns:0 frame:0
         TX packets:73 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:5935 (5.7 KiB)  TX bytes:14586 (14.2 KiB)
         Interrupt:19 Base address:0xa000

lo        Link encap:Local Loopback
         inet addr:127.0.0.1  Mask:255.0.0.0
         inet6 addr: ::1/128 Scope:Host
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:329 errors:0 dropped:0 overruns:0 frame:0
         TX packets:329 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:69191 (67.5 KiB)  TX bytes:69191 (67.5 KiB)

route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.2.0 * 255.255.255.0 U 0 0 0 eth1 192.168.2.0 * 255.255.255.0 U 0 0 0 eth2 192.168.0.0 * 255.255.254.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 1002 0 0 eth0 link-local * 255.255.0.0 U 1003 0 0 eth1 link-local * 255.255.0.0 U 1004 0 0 eth2 default mitht2.imt.ru 0.0.0.0 UG 0 0 0 eth0 

sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1

iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.3.1 on Tue Sep  1 23:36:23 2009
*nat
:PREROUTING ACCEPT [1264:158963]
:POSTROUTING ACCEPT [96:14688]
:OUTPUT ACCEPT [462:49878]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Tue Sep  1 23:36:23 2009
# Generated by iptables-save v1.4.3.1 on Tue Sep  1 23:36:23 2009
*filter
:INPUT ACCEPT [7849:1116249]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1219:189475]
-A FORWARD -i eth0 -j ACCEPT
-A FORWARD -i eth1 -j ACCEPT
-A FORWARD -i eth2 -j ACCEPT
COMMIT
# Completed on Tue Sep  1 23:36:23 2009
Window$ laptop has 192.168.2.30 address and uses 192.168.2.20 (eth1 IP) as gateway. DNS is the same as on F11 machine. I've tried to set up 192.168.2.50 as IP for ubuntu laptop with default gateway of eth2 IP address: 192.168.2.40. It doesn't work. When I'm trying to ping 192.168.2.50 from F11 the result is: 
ping 192.168.2.50
PING 192.168.2.50 (192.168.2.50) 56(84) bytes of data.

From 192.168.2.20 icmp_seq=2 Destination Host Unreachable
From 192.168.2.20 icmp_seq=3 Destination Host Unreachable
From 192.168.2.20 icmp_seq=4 Destination Host Unreachable

^C
As I can understand packets go from wrong IP. Namely, from eth1 when I would like them to go from eth2. 
How to fix that?
Thank you for your attention!
Respectfully
--
Hiisi.
Registered Linux User #487982. Be counted at: http://counter.li.org/




--
Bill Davidsen <davidsen@xxxxxxx>
  "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux