[rlug] Re: Ce nu este bine?

Ciprian FRIGIOI Fri, 17 Oct 2003 06:47:20 -0700

Stii ce nu inteleg...? cum dumnezeu ai reusit sai ai urmatoarele:
192.168.2.1     192.168.2.2     255.255.255.255 UGH   0      0        0 eth2
192.168.2.0     192.168.2.2     255.255.255.0   UG    0      0        0 eth2
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2


ai doua rute care pointeaza la destinatii diferite in aceasi placa de retea
pe prima poti sa o scoti...la celelalte tre' sa faci ca 192.168.2.0 sa 
fie routat  in 192.168.2.2
scoate ruta catre 0.0.0.0 shi ai rezolvat problema




Laurentiu STEFAN wrote:
> De pe un server pe altul merge OK. in cele 2 retele nu merge...
> 
> ====================
> 
> Pe serverul cu 2 placi de retea:
> 
> # traceroute 192.168.2.1
> traceroute to 192.168.2.1 (192.168.2.1), 30 hops max, 38 byte packets
>  1  192.168.2.1 (192.168.2.1)  0.891 ms  0.513 ms  0.428 ms
> # traceroute 193.231.113.125
> traceroute to 193.231.113.125 (193.231.113.125), 30 hops max, 38 byte
> packets
>  1  perlea (193.231.113.125)  4.528 ms  4.800 ms  0.564 ms
> # route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 192.168.2.1     192.168.2.2     255.255.255.255 UGH   0      0        0 eth2
> 193.231.113.125 192.168.2.2     255.255.255.255 UGH   0      0        0 eth2
> 81.180.46.32    0.0.0.0         255.255.255.224 U     0      0        0 eth0
> 192.168.2.0     192.168.2.2     255.255.255.0   UG    0      0        0 eth2
> 192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2
> 192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
> 0.0.0.0         81.180.46.33    0.0.0.0         UG    0      0        0 eth0
> 
> ---
> modprobe ipt_MASQUERADE
> iptables -F; iptables -t nat -F; iptables -t mangle -F
> #iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 81.180.46.46
> iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/255.255.255.0 -d !
> 192.168.2.0/255.255.255.0 -j SNAT --to 81.180.46.46
> iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.150/255.255.255.255 -j
> SNAT --to 81.180.46.46
> #iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.1/255.255.255.255 -j
> SNAT --to 81.180.46.46
> #iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d 192.168.2.1 -j
> SNAT --to 192.168.2.1
> #iptables -t nat -A PREROUTING -d 192.168.2.0/24 -s 192.168.0.0/24 -j
> DNAT --to 192.168.0.1
> #iptables -t nat -A PREROUTING -d 193.231.113.0/24 -s 192.168.0.0/24 -j
> DNAT --to 192.168.0.1
> echo 1 > /proc/sys/net/ipv4/ip_forward
> modprobe ip_conntrack_ftp
> modprobe ip_nat_ftp
> 
> 
> =============
> 
> Pe server-ul 2
> 
> # traceroute 81.180.46.46
> traceroute to 81.180.46.46 (81.180.46.46), 30 hops max, 38 byte packets
>  1  Ialomita.Ro (81.180.46.46)  0.689 ms  0.667 ms  0.607 ms
> route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 255.255.255.255 0.0.0.0         255.255.255.255 UH    0      0        0 eth1
> 81.180.46.46    192.168.2.2     255.255.255.255 UGH   0      0        0 eth1
> 193.231.113.124 0.0.0.0         255.255.255.252 U     0      0        0 eth0
> 192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
> 0.0.0.0         193.231.113.126 0.0.0.0         UG    0      0        0 eth0
> ---
> modprobe ipt_MASQUERADE
> iptables -F; iptables -t nat -F; iptables -t mangle -F
> #iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 193.231.113.125
> iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.0/255.255.255.0 -j
> SNAT --to 193.231.113.125
> echo 1 > /proc/sys/net/ipv4/ip_forward
> modprobe ip_conntrack_ftp
> modprobe ip_nat_ftp
> 
> 
> 
> ----- Original Message -----
> From: "Andrei Pelinescu-Onciul" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, October 17, 2003 8:30 AM
> Subject: [rlug] Re: Ce nu este bine?
> 
> 
> 
>>On Oct 17, 2003 at 04:21, Laurentiu STEFAN <[EMAIL PROTECTED]> wrote:
>>
>>>Am mai pus intrebarea asta... insa nu am reusit sa o rezolv...
>>>Server cu 3 placi de retea.
>>>eth0 legatura cu net-ul (IP real)
>>>eth1 intra intr-un hub si are IP-ul 192.168.0.1
>>>eth2 intra intro retea de alte hub-uri si are IP-ul 192.168.2.2 (in
> 
> aceasta retea 192.168.2.1 este serverul pe eth1 si pe eth0 are IP real)
> 
>>>Vreau ca din 192.168.0.X sa vad 192.168.2.1 (serviciile oferite de
> 
> respectivul server)
> 
>>>S-a incercat mai multe variante:
>>>
>>>iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d 192.168.2.1 -j
> 
> SNAT --to 192.168.2.1
> 
>>In afara de ce a zis Alex (probabil nu it trebuie nat, doar sa setezi
>>rutele corect si ip_forward pe on), vezi ca oricum tu incercai sa faci
>>nat aiurea. Iti trebuia SNAT cu --to-source 192.168.2.2 (asta e adresa
>>care o sa apara ca adresa sursa).
>>
>>
>>Andrei
>>
>>---
>>Detalii despre listele noastre de mail: http://www.lug.ro/
>>
>>
> 
> 
> 
> 
> --- 
> Detalii despre listele noastre de mail: http://www.lug.ro/
> 
> 
> 
> 

-- 
Ciprian FRIGIOI
Network Administrator
Network Operation Center
Genius Network Galati Romania



--- 
Detalii despre listele noastre de mail: http://www.lug.ro/

[rlug] Re: Ce nu este bine?

Raspunde prin e-mail lui