LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 02-04-2007, 03:11 PM   #1
giancarlo76
LQ Newbie
 
Registered: May 2006
Location: Lucca, Italy
Distribution: Arch, Debian, Ubuntu
Posts: 12

Rep: Reputation: 0
Cannot reach some sites from LAN


An Ubuntu box connects to the Internet through ADSL (pppoe) and acts as a router for a small LAN. Between the router and the other machines there's an access point for wireless connection. Nearly everything works fine, except for the fact I cannot reach some sites from the internal network. I can browse the same sites from the Ubuntu box, but not from the others that are behind it. And, again, only a small list of sites is unreachable.
I tried keeping it as simple as possible, setting the ip forwarding to 1, flushing all of the iptables chains with
Code:
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
and then activating masquerading with
Code:
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
but with no success.
What else can I do to solve this problem?
Thanks.
 
Old 02-04-2007, 03:55 PM   #2
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
What sites are you trying to see that Ubuntu can and the lan machines cannot?

Brian
 
Old 02-04-2007, 04:20 PM   #3
giancarlo76
LQ Newbie
 
Registered: May 2006
Location: Lucca, Italy
Distribution: Arch, Debian, Ubuntu
Posts: 12

Original Poster
Rep: Reputation: 0
http://www.rai.it, for example.
What are you thinking about?
 
Old 02-04-2007, 04:39 PM   #4
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
That is just odd. If the iptables is flushed and simply masquerade setup then I am at a lost. The IP the site is using was not part of the non-used ones. There use to be a group of ips reserved not for use and one can add those to the iptables to block them in the event they were used in packet hacking.

Site comes up fine through my linux router which then goes through a wireless store bought router to get to my notebook.

I am guessing every lan machine cannot connect?
I would contact the manufactor of the wireless router. Check the faqs and docs on their site.

Brian
 
Old 02-04-2007, 05:16 PM   #5
giancarlo76
LQ Newbie
 
Registered: May 2006
Location: Lucca, Italy
Distribution: Arch, Debian, Ubuntu
Posts: 12

Original Poster
Rep: Reputation: 0
Yes, every machine but the gateway (the Ubuntu one). It actually seems a gateway's problem, because it comes out even through the wired network. I will try a live distro to see if it's a hardware failure.
 
Old 02-05-2007, 06:18 PM   #6
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
No more ideas as to the reason it does that and no other ideas to try.

Brian
 
Old 02-05-2007, 07:58 PM   #7
giancarlo76
LQ Newbie
 
Registered: May 2006
Location: Lucca, Italy
Distribution: Arch, Debian, Ubuntu
Posts: 12

Original Poster
Rep: Reputation: 0
Thanks anyway. I'll post here the results of any other try.
 
Old 03-14-2007, 11:03 AM   #8
giancarlo76
LQ Newbie
 
Registered: May 2006
Location: Lucca, Italy
Distribution: Arch, Debian, Ubuntu
Posts: 12

Original Poster
Rep: Reputation: 0
Ok, I solved it.
I first thought about an MTU problem: pppoeconf sets it to 1492 for the ppp0 interface, due to the package size most ISPs adopt. So I set the MTU to 1492 for every interface, instead of the default 1500, but with no result.
What actually did the trick was installing ipmasq. It does all the dirty work of ip forwarding and masquerading.
What I still don't understand is why even a fresh Debian install needs ipmasq to properly forward, expecially if I think that everything worked fine before I opened this post...
 
Old 03-14-2007, 08:35 PM   #9
vanigh
LQ Newbie
 
Registered: Apr 2006
Posts: 4

Rep: Reputation: 0
I'm a newb, May i ask how did you install ipmasq? did you do it with synaptic or command line?
Your help is appreciated?
 
Old 03-15-2007, 11:08 AM   #10
giancarlo76
LQ Newbie
 
Registered: May 2006
Location: Lucca, Italy
Distribution: Arch, Debian, Ubuntu
Posts: 12

Original Poster
Rep: Reputation: 0
It doesn't matter which one you use. Either install it via Synaptic or running

Code:
apt-get install ipmasq
being sure you activate the right repository (universe for Ubuntu).
It's quite straightforward, you don't need to configure it for a basic use.
 
  


Reply

Tags
iptables, network


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't reach some valid sites via http (FC4) kingbolete Linux - Networking 5 02-10-2006 02:51 PM
cannot reach internet from private LAN toodr Linux - Networking 12 10-23-2005 08:44 PM
Proftpd: Can reach withing LAN but not outside LAN Harlin Linux - Networking 4 07-18-2005 01:57 AM
Can not reach server from LAN after adding router Jedyte Linux - Networking 8 09-01-2004 11:48 AM
LAN Gaming, with router doesn't work, but can reach the internet GT_Onizuka Linux - Networking 4 02-26-2004 10:08 PM


All times are GMT -5. The time now is 05:18 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration