Hello,
I am trying to set up a remote computer in my basement area. Here is my current setup:

Cable modem --> Linksys wireless router --> LAPTOP --> netgear switch --> PC.

Also coming off of the Linksys, I have 2 additional PCs that are wired into the internal LAN ports. All PCs connected to the Linksys router pull a DHCP IP address and DNS info. Pinging and connecting to the Internet is not a problem with these systems.

LAPTOP (Fedora 6) has eth1 (wireless) with a DHCP address of 192.168.1.103, subnet mask of 255.255.255.0, and default gateway of 192.168.1.1.

LAPTOP also has an internal NIC (eth0) configured with a static IP address of 192.168.2.1, subnet mask 255.255.255.0. This connection is wired to a 100M Ethernet switch. LAPTOP can ping and browse without any issue.

The final connection is PC (Fedora 8). It has a single NIC, hard coded as 192.168.2.2, subnet mask 255.255.255.0, default gw is 192.168.2.1. I have hard set /etc/resolv.conf with the same name servers as all other PCs on the LAN.

LAPTOP has forwarding enabled (echo 1 > /proc/sys/net/ipv4/ip_forward). From PC, I can ping Internet hosts by IP addresses, and can load web pages if I know the IP addresses. What is not working is DNS name resolution nor DHCP requests. If I attempt to use DHCP, DHCP broadcasts are dropped at LAPTOP.

I have attempted to add iptables rules on LAPTOP, but am not at LAPTOP at the moment in order to print them out here.

Any assistance would be greatly appreciated!!

In the host connected to the two subnets, be sure you also configure the routes.

I once used my laptop to give the desktop wireless access to the internet. I used the 192.168.1.0/25 and 192.168.1.128/25 subnets, so my setup was similar to yours. I enabled IP forwarding in the Laptop and setup the routes.

It didn't work, however, until I modprobed the "tcp_conntrack" ( It might have been called ip_conntrack ) kernel module. I think it is called nf_conntrack now in recent kernels, so please forgive me for not remembering the old kernel module name. I don't understand why I needed to modprobe this module because I wasn't using masquerading. Note that I didn't add any firewall changes because I was using the NAT function of the router and not doing in in the laptop.

I did change the router's LAN network to 192.168.1.0/255.255.255.128.

I'm not sure what you mean by pinging dns name. If your internet IP address is registered with dns, you still can't ping it using your registered server's name from inside. Use the lan name or ip address instead.

Thanks for the quick reply. When I say I cannot ping dns name, I am referring to www.linuxquestions.org, www.google.com, www.msn.com, etc. Once I have the IP addresses of these websites, I can open Firefox, and type in http://64.179.4.146. Webpage appears as normal.

Which nameservers are you using.

Is there a firewall on LAPTOP that might be blocking the DNS requests from PC.

Cheers.

LAPTOP has iptables running. Even when I disable iptables, I still cannot resolve names.

from PC:

[root@epc ~]# cat /etc/resolv.conf
search triad.rr.com
nameserver 24.25.5.150
nameserver 24.25.5.149
[root@epc ~]# ping www.linuxquestions.org
ping: unknown host www.linuxquestions.org
[root@epc ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:01:02:07:1D2
inet addr:192.168.2.2 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::201:2ff:fe07:1dd2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:559 errors:0 dropped:0 overruns:0 frame:0
TX packets:431 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:54850 (53.5 KiB) TX bytes:46268 (45.1 KiB)
Interrupt:3 Base address:0xcf80

[root@epc ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 0 0 0 eth0
default 192.168.2.1 0.0.0.0 UG 0 0 0 eth0
[root@epc ~]#



From LAPTOP:
[root@omni6k ~]# ping www.linuxquestions.org
PING www.linuxquestions.org (64.179.4.146) 56(84) bytes of data.
64 bytes from web2.linuxquestions.org (64.179.4.146): icmp_seq=1 ttl=45 time=41.7 ms
64 bytes from web2.linuxquestions.org (64.179.4.146): icmp_seq=2 ttl=45 time=42.9 ms
64 bytes from web2.linuxquestions.org (64.179.4.146): icmp_seq=3 ttl=45 time=43.9 ms
64 bytes from web2.linuxquestions.org (64.179.4.146): icmp_seq=4 ttl=45 time=44.3 ms
64 bytes from web2.linuxquestions.org (64.179.4.146): icmp_seq=5 ttl=45 time=44.5 ms
64 bytes from web2.linuxquestions.org (64.179.4.146): icmp_seq=6 ttl=45 time=42.4 ms
64 bytes from web2.linuxquestions.org (64.179.4.146): icmp_seq=7 ttl=45 time=41.6 ms
64 bytes from web2.linuxquestions.org (64.179.4.146): icmp_seq=8 ttl=45 time=42.4 ms

--- www.linuxquestions.org ping statistics ---
8 packets transmitted, 8 received, 0% packet loss, time 16109ms
rtt min/avg/max/mdev = 41.688/43.011/44.569/1.062 ms
[root@omni6k ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:04:75:19:90:57
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::204:75ff:fe19:9057/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:442 errors:0 dropped:0 overruns:0 frame:0
TX packets:590 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:49000 (47.8 KiB) TX bytes:57178 (55.8 KiB)
Interrupt:10 Base address:0xe400

[root@omni6k ~]# ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:02:2D:2D:CD:25
inet addr:192.168.1.103 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::202:2dff:fe2d:cd25/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8288 errors:12 dropped:12 overruns:0 frame:12
TX packets:4978 errors:1 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:10496008 (10.0 MiB) TX bytes:1052301 (1.0 MiB)
Interrupt:3 Base address:0x100

[root@omni6k ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 * 255.255.255.0 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
default 192.168.1.1 0.0.0.0 UG 0 0 0 eth1
[root@omni6k ~]#


---------------------------------
From PC, when I ping www.linuxquestions, i see the following in Wireshark:
Name: www.linuxquestions.org.triad.rr.com

triad.rr.com is appended to every query that is put out.

If I edit /etc/resolv.conf and remove the search triad.rr.com, the DNS queries are submitted properly, but the response is never forwarded back to PC.

I will attempt to save and post the screenshot from the Wireshark capture.

Just realized I cannot post attachments yet.

How does your router know to send traffic for 192.168.2.x to your laptop?

Either

• you have to add that route to your router (and to every pc in 192.168.1.x that you want to be able to communicate with 192.168.2.x) -- don't know if that is possible with the Linksys router, though.
• or your laptop will have to masquerade the 192.168.2.x subnet.

(You can also do a mix: masquerade all traffic to router/Internet, but add routes to all pcs in 192.168.1.x)

Frankly, I'm baffled how you were able to get anything through at all so far.

As to DHCP: The sensible (and probably only possible) solution is to make your laptop the dhcp server for the 192.168.2.x network. (Because your Linksys will most likely never even know of the existence of that network)

Rupert

I'm not as much concerned with PCs on the 192.168.1.1 network seeing the 192.168.2.0 network as much as I am trying to get the 192.168.2.0 network to see the Internet.

How would I masquerade the 192.168.2 subnet?

e.g.
If that IP address is not permanent, do instead:

Thanks for the quick reply. When I tried both of these commands, I got the error message:

[root@omni6k neal]# iptables -t nat -A POSTROUTING -i eth0 -o eth1 -j MASQUERADE
iptables v1.3.8: Can't use -i with POSTROUTING

Try `iptables -h' or 'iptables --help' for more information.

Any other suggestions?

Oops.
Just leave out '-i eth0'.