[rlug] Re: Ce nu este bine?

Ciprian FRIGIOI Fri, 17 Oct 2003 06:53:33 -0700

scuze m-am tampit....e vineri...

route add -net 192.168.2.0 mask 255.255.255.0 gw 192.168.2.1 dev eth2


Ciprian FRIGIOI wrote:
> Stii ce nu inteleg...? cum dumnezeu ai reusit sai ai urmatoarele:
> 192.168.2.1     192.168.2.2     255.255.255.255 UGH   0      0        0 eth2
> 192.168.2.0     192.168.2.2     255.255.255.0   UG    0      0        0 eth2
> 192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2
> 
> ai doua rute care pointeaza la destinatii diferite in aceasi placa de retea
> pe prima poti sa o scoti...la celelalte tre' sa faci ca 192.168.2.0 sa 
> fie routat  in 192.168.2.2
> scoate ruta catre 0.0.0.0 shi ai rezolvat problema
> 
> 
> 
> 
> Laurentiu STEFAN wrote:
> 
>>De pe un server pe altul merge OK. in cele 2 retele nu merge...
>>
>>====================
>>
>>Pe serverul cu 2 placi de retea:
>>
>># traceroute 192.168.2.1
>>traceroute to 192.168.2.1 (192.168.2.1), 30 hops max, 38 byte packets
>> 1  192.168.2.1 (192.168.2.1)  0.891 ms  0.513 ms  0.428 ms
>># traceroute 193.231.113.125
>>traceroute to 193.231.113.125 (193.231.113.125), 30 hops max, 38 byte
>>packets
>> 1  perlea (193.231.113.125)  4.528 ms  4.800 ms  0.564 ms
>># route -n
>>Kernel IP routing table
>>Destination     Gateway         Genmask         Flags Metric Ref    Use
>>Iface
>>192.168.2.1     192.168.2.2     255.255.255.255 UGH   0      0        0 eth2
>>193.231.113.125 192.168.2.2     255.255.255.255 UGH   0      0        0 eth2
>>81.180.46.32    0.0.0.0         255.255.255.224 U     0      0        0 eth0
>>192.168.2.0     192.168.2.2     255.255.255.0   UG    0      0        0 eth2
>>192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2
>>192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
>>127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
>>0.0.0.0         81.180.46.33    0.0.0.0         UG    0      0        0 eth0
>>
>>---
>>modprobe ipt_MASQUERADE
>>iptables -F; iptables -t nat -F; iptables -t mangle -F
>>#iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 81.180.46.46
>>iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/255.255.255.0 -d !
>>192.168.2.0/255.255.255.0 -j SNAT --to 81.180.46.46
>>iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.150/255.255.255.255 -j
>>SNAT --to 81.180.46.46
>>#iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.1/255.255.255.255 -j
>>SNAT --to 81.180.46.46
>>#iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d 192.168.2.1 -j
>>SNAT --to 192.168.2.1
>>#iptables -t nat -A PREROUTING -d 192.168.2.0/24 -s 192.168.0.0/24 -j
>>DNAT --to 192.168.0.1
>>#iptables -t nat -A PREROUTING -d 193.231.113.0/24 -s 192.168.0.0/24 -j
>>DNAT --to 192.168.0.1
>>echo 1 > /proc/sys/net/ipv4/ip_forward
>>modprobe ip_conntrack_ftp
>>modprobe ip_nat_ftp
>>
>>
>>=============
>>
>>Pe server-ul 2
>>
>># traceroute 81.180.46.46
>>traceroute to 81.180.46.46 (81.180.46.46), 30 hops max, 38 byte packets
>> 1  Ialomita.Ro (81.180.46.46)  0.689 ms  0.667 ms  0.607 ms
>>route -n
>>Kernel IP routing table
>>Destination     Gateway         Genmask         Flags Metric Ref    Use
>>Iface
>>255.255.255.255 0.0.0.0         255.255.255.255 UH    0      0        0 eth1
>>81.180.46.46    192.168.2.2     255.255.255.255 UGH   0      0        0 eth1
>>193.231.113.124 0.0.0.0         255.255.255.252 U     0      0        0 eth0
>>192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
>>127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
>>0.0.0.0         193.231.113.126 0.0.0.0         UG    0      0        0 eth0
>>---
>>modprobe ipt_MASQUERADE
>>iptables -F; iptables -t nat -F; iptables -t mangle -F
>>#iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 193.231.113.125
>>iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.0/255.255.255.0 -j
>>SNAT --to 193.231.113.125
>>echo 1 > /proc/sys/net/ipv4/ip_forward
>>modprobe ip_conntrack_ftp
>>modprobe ip_nat_ftp
>>
>>
>>
>>----- Original Message -----
>>From: "Andrei Pelinescu-Onciul" <[EMAIL PROTECTED]>
>>To: <[EMAIL PROTECTED]>
>>Sent: Friday, October 17, 2003 8:30 AM
>>Subject: [rlug] Re: Ce nu este bine?
>>
>>
>>
>>
>>>On Oct 17, 2003 at 04:21, Laurentiu STEFAN <[EMAIL PROTECTED]> wrote:
>>>
>>>
>>>>Am mai pus intrebarea asta... insa nu am reusit sa o rezolv...
>>>>Server cu 3 placi de retea.
>>>>eth0 legatura cu net-ul (IP real)
>>>>eth1 intra intr-un hub si are IP-ul 192.168.0.1
>>>>eth2 intra intro retea de alte hub-uri si are IP-ul 192.168.2.2 (in
>>
>>aceasta retea 192.168.2.1 este serverul pe eth1 si pe eth0 are IP real)
>>
>>
>>>>Vreau ca din 192.168.0.X sa vad 192.168.2.1 (serviciile oferite de
>>
>>respectivul server)
>>
>>
>>>>S-a incercat mai multe variante:
>>>>
>>>>iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d 192.168.2.1 -j
>>
>>SNAT --to 192.168.2.1
>>
>>
>>>In afara de ce a zis Alex (probabil nu it trebuie nat, doar sa setezi
>>>rutele corect si ip_forward pe on), vezi ca oricum tu incercai sa faci
>>>nat aiurea. Iti trebuia SNAT cu --to-source 192.168.2.2 (asta e adresa
>>>care o sa apara ca adresa sursa).
>>>
>>>
>>>Andrei
>>>
>>>---
>>>Detalii despre listele noastre de mail: http://www.lug.ro/
>>>
>>>
>>
>>
>>
>>
>>--- 
>>Detalii despre listele noastre de mail: http://www.lug.ro/
>>
>>
>>
>>
> 
> 

-- 
Ciprian FRIGIOI
Network Administrator
Network Operation Center
Genius Network Galati Romania



--- 
Detalii despre listele noastre de mail: http://www.lug.ro/

[rlug] Re: Ce nu este bine?

Raspunde prin e-mail lui