I concur with all of this - although my network topology does include a computer thats routing packets between my wireless networks and my older computers - including my 1997 Powermac...
Setting up NAT on a computer is painful. PPPoE NAT is even harder - which is why the decent ISP's (all bar one) give real routers over here Cian On 06/05/05, Joseph E. Sacco, Ph.D. <[EMAIL PROTECTED]> wrote: > Albrecht, > > My experiences with using a computer as a gateway to the Internet for a > home network have taught me that it can be done, but why would you want > to. It's not very efficient, and is a waste of a compute resource. > > The simplest solution is use a router that performs NAT as your gateway: > > ISP > -------- > | > | > DSL Modem > --------- > | > | > Router [with builtin NAT & firewall] > -------- > | > | > Switch [for additional ports] > -------- > |...| > |...| > local machines > > I am using a LinkSys BEFSX41: > * performs NAT > * builtin firewall > * supports 2 VPN's > * acts as a 4 port switch > > I need more than four switch ports so I have added an additional LinkSys > 8 port switch [EG0801W]. > > The router is "dual-homed", meaning that it has two IP addresses: > * a DHCP address assigned by the ISP > * local network IP address, 192.168.0.254 [assigned by me] > > All local machines set 192.168.0.254 as the gateway. > > For example, > > % netstat -rn > Kernel IP routing table > Destination Gateway Genmask Flags MSS Window irtt Iface > 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo > 0.0.0.0 192.168.0.254 0.0.0.0 UG 0 0 0 eth0 > > The gateway router / NAT solution works well and requires little > maintenance once configured. > > -Joseph > > ============================================================================================== > On Fri, 2005-05-06 at 11:47 +0000, Albrecht Dre� wrote: > > Hi, > > > > sorry for a slightly off-topic question regarding NAT with a PPPoE network. > > > > I have a home network looking as follows: > > > > 192.168.42.3 > > ----------- ------- > > | G4 Silver | | |---DSL Modem (ppp0) > > ISDN---|ippp0 eth0|---|Switch |---more Macs (192.168.42.x) > > ----------- ------- > > > > The G4 is running Yellowdog 4.01 with a self-compiled 2.6.11.4 kernel. > > > > The "old" setup was an ISDN connection (no DSL present), and the G4 worked > > as router. Everything was perfect for the "local" net, except that the > > hardware (AVM Fritz) was not supported by MacOS, so I had no internet on > > the G4 (and connected clients) when running OS X. > > > > Therefore, I removed the ISDN card, got DSL, plugged the modem into the > > switch, and now everything works fine with OS X. After a little fiddling > > around with ipfw and natd, I have routing support with OS X client. > > > > Now I tried Linux, and I have internet on the G4 itself, but packets from > > the local net are apparently not routed/forwarded correctly. I did not > > change the NAT rules in iptables (except replacing ippp0 by ppp0, of > > course): > > > > <snip> > > [EMAIL PROTECTED] root]# iptables -t nat -L -n > > Chain PREROUTING (policy ACCEPT) > > target prot opt source destination > > > > Chain POSTROUTING (policy ACCEPT) > > target prot opt source destination > > MASQUERADE all -- 192.168.42.0/24 0.0.0.0/0 > > > > Chain OUTPUT (policy ACCEPT) > > target prot opt source destination > > </snip> > > > > Running tcpdump on both eth0 and ppp0, I can see that e.g. a http (tcp/80) > > request from the local net is going through eth0, and the same packet is > > then passed via ppp0. The response, though, is *not* returned to the > > requesting client. > > > > I am using the kernel-based pppoe modules (pppoe, pppox), not the roaring > > penguin package coming with YDL. Does anyone have an idea why forwarding > > doesn't work with this setup? Any hints how I should configure my box? Or > > is it impossible to use the dsl modem and the local net at the same > > Ethernet interface (but why does it work with OS X, then)? Any pointers? > > > > HELP! I'm really lost here... > > > > Thanks in advance for any help, > > > > Cheers, Albrecht. > > > > _______________________________________________ > > yellowdog-general mailing list > > [email protected] > > http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general > > HINT: to Google archives, try '<keywords> site:terrasoftsolutions.com' > -- > joseph_sacco [at] comcast [dot] net > > _______________________________________________ > yellowdog-general mailing list > [email protected] > http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general > HINT: to Google archives, try '<keywords> site:terrasoftsolutions.com' > -- ------------------------- "We're busy running out of time" _______________________________________________ yellowdog-general mailing list [email protected] http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general HINT: to Google archives, try '<keywords> site:terrasoftsolutions.com'
