DSL (SOL/DOA)

Stephen E. Hargrove Sat, 19 Aug 2000 15:51:07 -0700
Okay, I've taken everyone's recommendations to heart concerning eth0,
eth1 and my private network.  I can access all machines locally, but IP
Masquerade isn't working (i.e., I can't ping outside of 192.168.2.0
UNLESS I'm working from 192.168.2.1, in which case I can access both the
private network and the Internet).  I've set up the following:

eth0: 192.168.2.1
eth1: 192.168.1.10

192.168.2.x is now my private network.  192.168.1.x relates to the
outside world.  eth1 is set to 192.168.1.10 because it connects to my
DSL modem/router which is set to 192.168.1.254.  Following is my netstat
-rn:

Kernel IP routing table
Destination     Gateway           Genmask              Flags  MSS
Window  irtt Iface
192.168.2.1      0.0.0.0               255.255.255.255 UH             0
0                   0 eth0
192.168.1.10    0.0.0.0               255.255.255.255 UH             0
0                   0 eth1
192.168.2.0      0.0.0.0               255.255.255.0
U                 0 0                   0 eth0
192.168.1.0      0.0.0.0               255.255.255.0
U                 0 0                   0 eth1
127.0.0.0          0.0.0.0               255.0.0.0
U                 0 0                   0  lo
0.0.0.0              192.168.1.254  0.0.0.0
UG              0 0                   0 eth1

I execute the following in my rc.local during boot-up (this is necessary
because the tulip driver conflicts with the eth0 driver if they're both
activated during boot-up):

insmod /lib/modules/2.2.12-20/net/tulip.o
/etc/sysconfig/network-scripts/ifup eth1
route add default gw 192.168.1.254 eth1
/etc/rc.d/rc.dsl

/etc/rc.d/rc.dsl contains my ipchains commands for setting up IP
Masquerade.  In addition to the normal IP Masq commands (/sbin/depmod
-a, /sbin/modprobe ip_masq_ftp, etc.), the following is executed:
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 192.168.1.10/24 -j MASQ

/proc/sys/net/ipv4/ip_forward is set to 1
/proc/sys/net/ipv4/ip_dynaddr is set to 1

The default gateway on all machines within the 192.168.2.x network is
set to 192.168.2.1.  For example, here's the netstat on one of the
machines:

Kernel IP routing table
Destination     Gateway       Genmask             Flags  MSS Window
irtt Iface
192.168.2.6     0.0.0.0           255.255.255.255 UH             0
0                   0 eth0
192.168.2.0     0.0.0.0           255.255.255.0      U                0
0                   0 eth0
192.168.2.0     0.0.0.0           255.255.255.0      U                0
0                   0 eth0
127.0.0.0         0.0.0.0           255.0.0.0
U                0 0                   0 lo
0.0.0.0            192.168.2.1    0.0.0.0
UG             0 0                   0 eth0

All Win9x machines point to 192.168.2.1 as well.

I've run a traceroute to an external address, and here's the result:

# traceroute 208.221.108.11
traceroute to 208.221.108.11 (208.221.108.11), 30 hops max, 38 byte
packets
1  pappy (192.168.2.1)  0.588 ms  0.431 ms  0.422 ms
2  * * *
3  * * *
4  * * *

etc., etc., etc.  It appears that 192.168.2.1 isn't routing the packets
to 192.168.1.10.  Again, from the machine defined as 192.168.2.1, I can
access the private network and the world.  But from any other machine, I
can only access the 192.168.2.x network.  I'm sure the fix is something
simple, but right now, it's beyond me.  Anyone have any ideas?

Thanks.
--
Steve




_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
DSL (SOL/DOA)

Reply via email to
