DebianThis forum is for the discussion of Debian Linux.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I have been using Debian etch now for over a year. Recently, due to a hardware upgrade I installed the amd-64 version of etch. It installs fine and I believe I will be able to use it effectively, possibly even with Apache-mpm-worker and fastcgi-php
But, I keep running into an issue with NAT redirection on my internal network and it's unique to amd-64 Debian Kernel 2.6. The adpater works fine. I can ping it, I can use the local network with Vista, I can successfully connect to webmin from the internal adapter. The internet adapter works fine as well.
Does anyone know of a reason the firewall would act differently in the 64 bit version of etch?
Adapters are both Realtek. One is VIA RhineII, the other is a brand new Netgear FA311 10/100 and they both work find under 686 kernels.
Ok, I installed a fresh basic amd64, no X, installed webmin and ssh, set IPTables with webmin and it fails to masquerade. Then I checked modules and it looks OK. I tried with different hardware since I've had BIOS issue with the VIA RhineII and I want to eliminate it. I'm posting this over the NAT with the 686 kernel.
The amd64 is installed on a SATA drive, the x86 is on an IDE so there may be some disk differences. I don't know what all these modules do but I do see the network and IP Tables modules. I entered new IPTables rules with the appropriate interface names. The network hardware seem fine. No errors and the links go up and down OK. I can access both internet and internal net independently but no masquerade. Below is: /etc/network/interfaces iptables-save and lsmod outputs. This iptables has squid redirection, the other does not.
# The loopback network interface
auto lo eth1 eth3
iface lo inet loopback
# The primary network interface
iface eth3 inet static
post-up iptables-restore < /etc/iptables.up.rules
You don not need BIND to get NAT working, they have nothing to do with one another. BIND just translates names to numeric addresses. You may want your server acting as DNS for your LAN, in which case you'll want BIND, but it isn't a requirement in the broad sense. It certainly won't hurt to have, and isn't very resource intensive, but it isn't needed.
Thank you for your help. I feel even more sheepish since I wrote my experiences down in a How-To for the Home Server Webmaster: http://home.trbailey.net/tech/iptables.html
I've added that link and updated it to reflect my latest experience.