LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-02-2010, 08:52 AM   #1
netguy2000
Member
 
Registered: Oct 2003
Location: Karachi, PAKISTAN
Distribution: Redhat, Fedora, Open BSD, FreeBSD, SlackWare
Posts: 109

Rep: Reputation: 15
Question public IP pool behind linux router


Dear Guru help require.
I have scenario to solve, I have to configure public IP on my network PC which are behind Linux router.

110.88.89.66/32(router WAN-IP eth1) --> 192.168.1.1 eth0 and 110.88.90.69/29 eth0:1 (router LAN-IP)
default GateWay of my linux router is 110.88.89.65

now I configure IP 110.88.90.90/29 on my windows machine, and Internet is working fine , but I get 110.88.89.66 on www.whatismyip.com, question is WHY this IP shows on whatismyip.com???? why 110.88.90.90 not shows on whatismyip.com??? what I am doing wronge?? help me

what router or iptables command I mis??


NETGUY.
 
Old 08-02-2010, 11:30 AM   #2
lartman
LQ Newbie
 
Registered: Jan 2004
Location: Sydney, Australia
Distribution: RHEL
Posts: 22

Rep: Reputation: 17
Is the router configured to do NAT?
 
Old 08-02-2010, 12:52 PM   #3
armbp1972
LQ Newbie
 
Registered: May 2006
Posts: 4

Rep: Reputation: 0
It looks to me the same, your linux router is doing some kind of NAT
 
Old 08-04-2010, 03:06 AM   #4
netguy2000
Member
 
Registered: Oct 2003
Location: Karachi, PAKISTAN
Distribution: Redhat, Fedora, Open BSD, FreeBSD, SlackWare
Posts: 109

Original Poster
Rep: Reputation: 15
Question

yes my linux router also do NATing
but i dont think this problem belongs to NAT.
if so then please help me how and why?

NETGUY.
 
Old 08-04-2010, 05:45 PM   #5
lxf
LQ Newbie
 
Registered: Jul 2010
Posts: 22

Rep: Reputation: 2
You should provide more information about your router and network. First you should provide us your network stuff from your router (especially NAT rules, routes and interfaces). Beside of that I still didn't get why you use 192.168.1/24 as you seem to not need it. In short: be more verbose.
 
Old 08-05-2010, 02:04 AM   #6
netguy2000
Member
 
Registered: Oct 2003
Location: Karachi, PAKISTAN
Distribution: Redhat, Fedora, Open BSD, FreeBSD, SlackWare
Posts: 109

Original Poster
Rep: Reputation: 15
following are my Linux router information

eth1= WAN IP= 110.88.89.66/32
Gateway= 110.88.89.65
eth0= LAN IP= 192.168.1.1/24

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0

routing table is

110.88.89.64 0.0.0.0 255.255.255.252
192.168.1.0 0.0.0.0 255.255.255.0
0.0.0.0 110.88.89.65 0.0.0.0

My ISP gave me IP Pool 110.88.90.68/29 to use this on my LAN.
my question is how can I use this IP pool on LAN side interface.
i think now its simple.

192.168.1.0 /24 is my LAN network and I can not change this, because i have near 180 PCs on my LAN.

Help require.

NETGUY.
 
Old 08-05-2010, 02:15 AM   #7
lartman
LQ Newbie
 
Registered: Jan 2004
Location: Sydney, Australia
Distribution: RHEL
Posts: 22

Rep: Reputation: 17
Configure 2 addresses on the lan nic.
eth0 = 192.168.1.1/24
eth0.1 = 110.88.90.69/29
remove masquerade all and configure nat for just the 192.168.1.0/24 subnet.
 
Old 08-05-2010, 03:55 AM   #8
netguy2000
Member
 
Registered: Oct 2003
Location: Karachi, PAKISTAN
Distribution: Redhat, Fedora, Open BSD, FreeBSD, SlackWare
Posts: 109

Original Poster
Rep: Reputation: 15
what will be the NAT command for 192.168.1.0/24 and 110.88.90.68/29
Plz help

NET
 
Old 08-05-2010, 07:23 AM   #9
netguy2000
Member
 
Registered: Oct 2003
Location: Karachi, PAKISTAN
Distribution: Redhat, Fedora, Open BSD, FreeBSD, SlackWare
Posts: 109

Original Poster
Rep: Reputation: 15
i DID this

configure eth0:1 with IP 110.88.90.69/29
and

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 192.168.1.0/24 0.0.0.0/0

my PC on LAN side IP is 110.88.90.70/29 and it gateway is 110.88.90.69 with google DNS

Now what to do??? still not working

NETGUY.
 
Old 08-05-2010, 07:44 AM   #10
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655
You have a block of 8 IPs.
Code:
     8      3    /29          255.255.255.248
The last three bits determine which host is addressed.

The first one will have these bits all zeros. This is your network address. The last one has all three bits ones. This is your broadcast address. One of IP addresses will be used for your router's gateway address. By convention, the first or last legal IP address for your network (not ending in 000 or 111).

Your IP addresses are all over the place. Please indicate what block of address you were given by your ISP.
Maybe you transposed a couple numbers.
This doesn't make sense: 110.88.90.69/29
But this does: 110.88.90.96/29

You have two networks. One with a private address range. Another with a public address range. Your router will have one rule to route traffic for each range, with the private being masqueraded to one or more of your public IP addresses.

If you have a block of public IP addresses because you are offering services on the Internet, then you should have two firewalls and place the public hosts in the DMZ. You want to isolate the LAN traffic from incoming Internet traffic. You could also use three NICs. One for the WAN, one for the DMZ and one for the LAN.

I would recommend you read through the Network Administrators Guide book. It is an O'Reilly book. The second edition is available for free:

www.tldp.org/ldp/nag2/nag2.pdf

Last edited by jschiwal; 08-05-2010 at 08:01 AM.
 
Old 08-05-2010, 07:47 AM   #11
lartman
LQ Newbie
 
Registered: Jan 2004
Location: Sydney, Australia
Distribution: RHEL
Posts: 22

Rep: Reputation: 17
Something like:
Code:
# NAT for the private subnet
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth1 -j MASQUERADE
iptables -A FORWARD -i eth1 -d 192.168.1.0/24 -m state --state RELATED,ESTABLISHED -j ACCEPT

# forward everything for the public subnet 
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth1 -d 110.88.90.??/29 -j ACCEPT

Last edited by lartman; 08-05-2010 at 07:57 AM. Reason: You're right jschiwal.
 
Old 10-31-2011, 08:03 AM   #12
xmachina47x
LQ Newbie
 
Registered: Feb 2009
Posts: 1

Rep: Reputation: 0
Quote:
Originally Posted by netguy2000 View Post
i DID this

configure eth0:1 with IP 110.88.90.69/29
and

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 192.168.1.0/24 0.0.0.0/0

my PC on LAN side IP is 110.88.90.70/29 and it gateway is 110.88.90.69 with google DNS

Now what to do??? still not working

NETGUY.
hello
is it working now? if so..can you please help me to..i have the same problem 10x a lot
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
I need to setup a Linux router for my 2 public subnets drcoco Linux - Networking 4 05-17-2006 10:36 PM
linux as3 working as router with 2 public IPs rajeshdogra Linux - Networking 1 07-18-2005 08:53 AM
Linux as a router but for multiple public IPs gnirtS Linux - Networking 8 03-07-2005 04:08 PM
Static Public IP on Linux gateway behind ADSL router Eivissa Linux - Networking 2 11-16-2004 08:10 AM
Narrowing the IP pool on my Router jong357 Linux - Wireless Networking 4 11-05-2004 08:54 PM


All times are GMT -5. The time now is 08:01 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration