I am having a issue getting my RH9 box to pass packets from 192.168.0.4 (W2K box) to 192.168.0.3 (2nd RH9 box ). The RH9 box is set up with 2 NICS (192.168.0.1/2)

Should the W2K box be using 192.168.0.1 as its gateway while the 2nd RH9 box uses 192.168.0.2 as its gateway.

How should the routing table be set?

Thanks for the help in advance.

Are any of the computers attached to the internet? It seems strange that you would be trying to use the RH9 box to pass packets to computers that are both on the same Subnet. I think a Hub (or router if connected to the Inet) would make your life much easier.

That being said, yes, it can be done. Check out the HOWTO for iptables and you can set it up so that the RH9 box in the middle will forward all packets from 192.168.0.3 to 192.168.0.4, and from 192.168.0.4 to 192.168.0.3.

slight

Yip...the Linux box is connected to the internet. This is more a experiment to help me understand Linux Routing etc. I've actually set the RH9 box up as a fileserver so my buddy (W2K) can play MP3's from it while I (RH9 #2) can pull other files from it. The next step is to allow RH9 #2 and W2K to access the inet going through RH9 #1.

How tough is this.

Thanks for the quick response.

Shouldn't be too tough, once you get the sytax for Iptables down.

Does the RH9 box have 3 NICs in it then? One connected to each client and one connected to the Inet? If so, then just think of what route the packets will need to take to make it to their destination.

Packets coming from the Win2k box (which will have it's DG pointing to the NIC on the RH9 'router' that it is connected to) will need 2 rules. If the destination is internal, then the packets will be forwarded to the RH9 client. If the destination is external then the packets will be forwarded to the Inet.

slight

a few things you must to to setup a Linux router:

1. allow forwaring

edit the fllowing file: /etc/sysctl.conf

change the line that reads:

net.ipv4.ip_forward=0

to

net.ipv4.ip_forward=1

that turns on IP forwarding.

also do this to turn it on without rebooting:
# echo 1 > /proc/sys/net/ipv4/ip_forward


If you Linux box is getting an internet connection, do not edit it's gateway.


Another thing you need to know about routing and what not is that 192.168.X.X ip addresses cannot be seen on the internet. They are not internet routable. What you have to do is use your external IP address as a MASK (MASQ) for you 192.168 address. (MASQUERADE).

to do this, you'll have to use iptables (as suggested by slightcrazed).

/sbin/iptables -A POSTROUTIN -t nat -s 192.168.0.0/24 -d ! 192.168.0.0/24 -j MASQUERADE

that will alter the ip of you XP box so that anything leaving the router from the XP box will look like it came directly from the router. Linux automatically handles the packets comming back and knows to send replies back to the XP box.

You'll also want to setup the DNS servers on your XP box so that it will be able to resolve hostnames.

so if your internal ip on the linux box is 192.168.0.1....the XP should have its gateway as 192.168.0.1
it's subnet mask as 255.255.255.0 it's ip as something like 192.168.0.X (where X is not 1 or 255) and the DNS servers should be set to whatever your ISPs DNS servers are (they may be listed in /etc/resolv.conf on the Linux box)

you'll want to use more iptables rules for security also by the way. (you can do stuff like block ports outgoing and incomming, block certain ip addresses, block certain MAC addresses on your network from getting a connection, block all kinds of other stuff...).