Hi there. I'm Lucas, and I'm from Argentina. I was wondering if
you could help me with the following subject. First of all, forgive me
for my english expressions since it is not my native languaje. I'll
try to be as clearer as I can.
The thing is the following. i have this topology
LAN <----> eth0 <-> Linux Box <-> eth1<-----> AS/400
|
ppp0
|
Internet
All the PCs in the Lan segment have Ethernet NICs, while the AS/400
has a Token Ring NIC.
All I need is to course traffic from any machine (PCs or AS/400) to
the internet thru the LInux Box. That's no problem at all. I've
implemented NAT for the Lan segment using iptables with no
trouble. The problem comes up when I need the PCs to access the AS/400
and also when the AS/400 needs to access the internet. I think that's
when the bridging "ghost" appears.
This is what I think it must be done. Please correct me or tell me the
right answer:
1) Compile the kernel with the driver for the token ring nic, which
must be placed in the linux box in orther to arrive to the AS/400.
Also compile the ethernet driver for the same reason, so as to arrive
to the Ethernet Segment.
2) Compile routing stuff, so as to be able to use iptables and
masquerading. Compile, under Newtworking options, 802.1d Ethernet
Bridging, so the linux box will act as a bridge. If needed, I'm using
kernel 2.4.19 with patch bridge-nf-0.0.7-against-2.4.19.diff, which I
installed correctly. I also compiled the netfilter (firewalling)
support, under the 802.1d Ethernet Bridging option.
Will this work for communicating Token Ring with Ethernet? Since its
title only mentions Ethernet Bridging, I need the Ehternet machines to
see the AS/400 and viceversa.
3) Download the bridge-utils. Do the following ....
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig eth0 0.0.0.0 promisc
ifconfig eth1 0.0.0.0 promisc
ifconfig br0 up
3.1) Add the following with iptables (simplest, so to check if it
works)
#iptables -A FORWARD -s $LAN -d $AS400 -j ACCEPT
#iptables -A FORWARD -s $AS400 -d $LAN -j ACCEPT
#iptables -t nat -A POSTROUTING -o ppp0 -j ACCEPT
will these work? I have not tried yet ...
The cofusing thing to me is that the above iptables roules only apply
on the Layer 3 of the OSI model, but bridging works on the Layer 2 of
the OSI model. What I mean is that I need no routing for the AS/400 to
see the Ethernet devices ... and viceversa. Am I wrong? So if this is
true, How do I implement all this ...
AHHHHH, I'm going crazy ...
4) Now, the 1stquestion: How am I gonna get to the
internet thru the linux box setting 0.0.0.0 to my interfaces, from my
PCs? I just don't understand it. With no ip I wont find the interfaces
...
5) 2nd: Is it possible to implement a linux box being router and
bridge at the same time, for the topology I have and to achieve what I
need?
Well people, thank you very much for your time. I really need an
answer 'cuz this is and urgent job I need to finish. I apreciate your
help and I'll invite you guys with some beer if this works ;-)
thank again
Lucas
ps: send me your postal address so I can send the beer ...
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
