Networking gurus (especially Linux) - GoFuckYourself.com

SpaceAce · 09-25-2002, 06:10 PM

I'm having problems getting connection sharing via IP Masquerading (IP-forwarding) to work. I have two machines.

A) SuSE Linux 8.0, two ethernet cards.
B) Windows XP Pro, 1 ethernet card

The ethernet cards in machine "A" are eth0, which connects to the internet and eth1, which connects to machine "B".

I've assigned the IP addresses as:
eth0 in machine "A": assigned by DHCP (when I assign an address manually, it breaks everything and I can't even ping internal network machines)

eth1 in machine "A": 192.168.0.2 (or .1 during some tests)

Machine "B": 192.168.0.3

On the XP machine I have the gateway set to 192.168.0.2 (eth1), LMHOSTS and WINS stuff disabled.

I've got IP forwarding rules set up using IP_TABLES (not IP_CHAINS) and a little startup script that I snagged from a how-to to fire up all the proper modules.

Now, I can ping everything on the internal network just fine. No problems pinging the XP machine from the Linux box and vice versa. I can also ping the ppp0 address (65.whatever from my ISP) from the XP box with no problems.

The problem is, I can't reach anything outside of the internal network from the XP box either by name or IP address. I always get "can't find the host" errors.

/proc/sys/net/ipv4/ip_forward is set to "1" which was the only real suggestion I found for a problem like mine. When I run tcpdump on the Linux machine and try to connect to outside addresses, tcpdump shows

(with tcpdump listening on eth1)
192.168.0.3 > (whatever address I am trying to ping): icmp: echo request
192.168.0.3 > (whatever address I am trying to ping): icmp: echo request
192.168.0.3 > (whatever address I am trying to ping): icmp: echo request

On the XP box it is showing "ping request timed out".

This is driving me nuts. I'd really appreciate help with this.

Thanks,
SpaceAce

fnet · 09-25-2002, 06:41 PM

sure you don't want to just get a linksys router? i'm not being a smartass, i'm just wondering how much time you're putting in to have explicit control of something that would be much easier to manage if were preconfigured...

SpaceAce · 09-25-2002, 06:51 PM

I'm not quite sure what you mean. Are you talking about a router specifically for DSL sharing? That would be OK, but I also plan to use SAMBA to share files.

SpaceAce

AcidMax · 09-25-2002, 08:12 PM

You probably need to setup a route on the Linux box to tell it where to send the packets from the 192.168.0.x network to. I think it is netstat -r that will show you the routing table. I would do some research on routes and setting a default route.

Example:

Internet - 216.1.1.1 (your IP assigned by DSL company) This is one of the network cards, should be coming from DSL/Cable modem of some sort. Could also just be PPP connection if you are on dialup.

The 2nd NIC in this box needs to have the address of 192.168.0.(whatever) depending on your setup, for sake of setting things up we will say it is 192.168.0.2.

Then on your WindowsXP box set the ip to 192.168.0.3 (gateway of 192.168.0.2).

So on the Linux box you need to set your default route. This means that anything coming in the 192.168.0.2 nic, needs to go out the 216.1.1.1 NIC (DSL/Cable/Modem).

Take a look at the default routes and I think that will answer your questions and get you up and working.

AJ

SpaceAce · 09-25-2002, 11:03 PM

Hi, AJ. Thanks for the reply. As far as I can tell, that is handled by the iptables module. Part of the setup is telling iptables which is the internal interface and which is the external and it does

iptables FORWARD -i (internal NIC) -o (external NIC) -j ACCEPT

which should send all packets from internal to external. I suppose I can still define the default gateway for the internal NIC and see what happens, but it certainly wasn't part of the instructions I read.

I'll go give that a shot.

Edit: Uhoh, the address for the external NIC is assigned by DHCP. How to set the default gateway? Sigh.

Thanks,
SpaceAce

EscortBiz · 09-25-2002, 11:18 PM

try not using it in the dny lst also use sco maybe

09-25-2002, 06:10 PM	#1
SpaceAce Confirmed User Join Date: Jul 2002 Location: Magrathea Posts: 6,493	Networking gurus (especially Linux) I'm having problems getting connection sharing via IP Masquerading (IP-forwarding) to work. I have two machines. A) SuSE Linux 8.0, two ethernet cards. B) Windows XP Pro, 1 ethernet card The ethernet cards in machine "A" are eth0, which connects to the internet and eth1, which connects to machine "B". I've assigned the IP addresses as: eth0 in machine "A": assigned by DHCP (when I assign an address manually, it breaks everything and I can't even ping internal network machines) eth1 in machine "A": 192.168.0.2 (or .1 during some tests) Machine "B": 192.168.0.3 On the XP machine I have the gateway set to 192.168.0.2 (eth1), LMHOSTS and WINS stuff disabled. I've got IP forwarding rules set up using IP_TABLES (not IP_CHAINS) and a little startup script that I snagged from a how-to to fire up all the proper modules. Now, I can ping everything on the internal network just fine. No problems pinging the XP machine from the Linux box and vice versa. I can also ping the ppp0 address (65.whatever from my ISP) from the XP box with no problems. The problem is, I can't reach anything outside of the internal network from the XP box either by name or IP address. I always get "can't find the host" errors. /proc/sys/net/ipv4/ip_forward is set to "1" which was the only real suggestion I found for a problem like mine. When I run tcpdump on the Linux machine and try to connect to outside addresses, tcpdump shows (with tcpdump listening on eth1) 192.168.0.3 > (whatever address I am trying to ping): icmp: echo request 192.168.0.3 > (whatever address I am trying to ping): icmp: echo request 192.168.0.3 > (whatever address I am trying to ping): icmp: echo request On the XP box it is showing "ping request timed out". This is driving me nuts. I'd really appreciate help with this. Thanks, SpaceAce

09-25-2002, 06:41 PM	#2
fnet Confirmed User Join Date: Jul 2002 Posts: 1,721	sure you don't want to just get a linksys router? i'm not being a smartass, i'm just wondering how much time you're putting in to have explicit control of something that would be much easier to manage if were preconfigured... __________________ the sound of one hand googlewhacking

09-25-2002, 08:12 PM	#4
AcidMax Confirmed User Join Date: May 2002 Location: MI Posts: 1,827	You probably need to setup a route on the Linux box to tell it where to send the packets from the 192.168.0.x network to. I think it is netstat -r that will show you the routing table. I would do some research on routes and setting a default route. Example: Internet - 216.1.1.1 (your IP assigned by DSL company) This is one of the network cards, should be coming from DSL/Cable modem of some sort. Could also just be PPP connection if you are on dialup. The 2nd NIC in this box needs to have the address of 192.168.0.(whatever) depending on your setup, for sake of setting things up we will say it is 192.168.0.2. Then on your WindowsXP box set the ip to 192.168.0.3 (gateway of 192.168.0.2). So on the Linux box you need to set your default route. This means that anything coming in the 192.168.0.2 nic, needs to go out the 216.1.1.1 NIC (DSL/Cable/Modem). Take a look at the default routes and I think that will answer your questions and get you up and working. AJ __________________ Latest MMA news. http://www.mmawrapup.com

09-25-2002, 11:03 PM	#5
SpaceAce Confirmed User Join Date: Jul 2002 Location: Magrathea Posts: 6,493	Hi, AJ. Thanks for the reply. As far as I can tell, that is handled by the iptables module. Part of the setup is telling iptables which is the internal interface and which is the external and it does iptables FORWARD -i (internal NIC) -o (external NIC) -j ACCEPT which should send all packets from internal to external. I suppose I can still define the default gateway for the internal NIC and see what happens, but it certainly wasn't part of the instructions I read. I'll go give that a shot. Edit: Uhoh, the address for the external NIC is assigned by DHCP. How to set the default gateway? Sigh. Thanks, SpaceAce Last edited by SpaceAce; 09-25-2002 at 11:09 PM..

09-25-2002, 11:18 PM	#6
EscortBiz Fuck Checks, CASH only! Join Date: May 2002 Location: New York City Posts: 19,422	try not using it in the dny lst also use sco maybe __________________ Spanking, Medical Fetish, Sleeping, Strap-on Anal Lesbians, Girls Fucking Guys, Handjob site REAL HOT, Shemales, Anal and Ass Licking sites 100% Real EXCLUSIVE with amazing retention, ccbill payouts, lots of content FREE FTP HOSTING Promote the largest and oldest member paid escort site, Converts 10 times better then any dating site, CCBill payouts ICQ# 158802076

09-25-2002, 06:51 PM	#3
SpaceAce Confirmed User Join Date: Jul 2002 Location: Magrathea Posts: 6,493	I'm not quite sure what you mean. Are you talking about a router specifically for DSL sharing? That would be OK, but I also plan to use SAMBA to share files. SpaceAce