Hi experts,
I am having a strange issue with ip_forwarding on centos 6.4. here is what I am doing.
on centos 6.4 virtual I have 2 NIC... eth0 on nat and connected to internet. eth1 is 192.168.0.254 and is set as host only.
on xp virtual I have 1 NIC having 192.168.0.10 and gateway set to 192.168.0.254 while DNS set to 8.8.8.8 and 8.8.4.4
now both systems can ping each other fine and server can ping internet fine.
then I set ip_forward to 1 in /etc/sysctl.conf and did sysctl -p to make it effective.
then I tried both with iptables disabled totally and then setting
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j MASQUERADE
on xp internet explorer when I try to open any site, I see "waiting for .........." at the status bar but then it can't connect
I have also changed selinux to permissive. and tcpdump shows packets from xp going to internet but it somehow don't seem to work........
I can imagine it might be a small issue but its making me crazy now since I am unable to make it work since 2 days
here is the output of tcpdump -vvv -i eth0
[root@myserver ~]# tcpdump -vvv -i eth0
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
16:39:38.415525 IP (tos 0x0, ttl 127, id 44024, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.53483 > google-public-dns-a.google.com.domain: [udp sum ok] 14226+ A?
www.gmail.com. (31)
16:39:38.422949 IP (tos 0x0, ttl 64, id 1865, offset 0, flags [DF], proto UDP (17), length 66)
10.0.2.15.38936 > WiMaxCPE.domain: [bad udp cksum 665!] 12641+ PTR? 8.8.8.8.in-addr.arpa. (38)
16:39:38.482845 IP (tos 0x0, ttl 64, id 16971, offset 0, flags [none], proto UDP (17), length 222)
WiMaxCPE.domain > 10.0.2.15.38936: [udp sum ok] 12641 q: PTR? 8.8.8.8.in-addr.arpa. 1/6/0 8.8.8.8.in-addr.arpa. [4h38m44s] PTR google-public-dns-a.google.com. ns: in-addr.arpa. [49m18s] NS f.in-addr-servers.arpa., in-addr.arpa. [49m18s] NS a.in-addr-servers.arpa., in-addr.arpa. [49m18s] NS b.in-addr-servers.arpa., in-addr.arpa. [49m18s] NS c.in-addr-servers.arpa., in-addr.arpa. [49m18s] NS d.in-addr-servers.arpa., in-addr.arpa. [49m18s] NS e.in-addr-servers.arpa. (194)
16:39:38.486147 IP (tos 0x0, ttl 64, id 1928, offset 0, flags [DF], proto UDP (17), length 68)
10.0.2.15.50295 > WiMaxCPE.domain: [bad udp cksum df28!] 31645+ PTR? 15.2.0.10.in-addr.arpa. (40)
16:39:38.489434 IP (tos 0x0, ttl 64, id 16972, offset 0, flags [none], proto UDP (17), length 68)
WiMaxCPE.domain > 10.0.2.15.50295: [udp sum ok] 31645 NXDomain* q: PTR? 15.2.0.10.in-addr.arpa. 0/0/0 (40)
16:39:38.492986 IP (tos 0x0, ttl 64, id 1935, offset 0, flags [DF], proto UDP (17), length 71)
10.0.2.15.38441 > WiMaxCPE.domain: [bad udp cksum 289f!] 49247+ PTR? 1.15.168.192.in-addr.arpa. (43)
16:39:38.495949 IP (tos 0x0, ttl 64, id 16973, offset 0, flags [none], proto UDP (17), length 93)
WiMaxCPE.domain > 10.0.2.15.38441: [udp sum ok] 49247* q: PTR? 1.15.168.192.in-addr.arpa. 1/0/0 1.15.168.192.in-addr.arpa. [0s] PTR WiMaxCPE. (65)
16:39:39.414136 IP (tos 0x0, ttl 127, id 44029, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.53483 > google-public-dns-b.google.com.domain: [udp sum ok] 14226+ A?
www.gmail.com. (31)
16:39:39.415323 IP (tos 0x0, ttl 64, id 2857, offset 0, flags [DF], proto UDP (17), length 66)
10.0.2.15.38093 > WiMaxCPE.domain: [bad udp cksum f334!] 25799+ PTR? 4.4.8.8.in-addr.arpa. (38)
16:39:39.854644 IP (tos 0x0, ttl 64, id 16974, offset 0, flags [none], proto UDP (17), length 110)
WiMaxCPE.domain > 10.0.2.15.38093: [udp sum ok] 25799 q: PTR? 4.4.8.8.in-addr.arpa. 1/0/0 4.4.8.8.in-addr.arpa. [1d] PTR google-public-dns-b.google.com. (82)
16:39:40.413730 IP (tos 0x0, ttl 127, id 44034, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.53483 > google-public-dns-a.google.com.domain: [udp sum ok] 14226+ A?
www.gmail.com. (31)
16:39:42.416580 IP (tos 0x0, ttl 127, id 44043, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.53483 > google-public-dns-a.google.com.domain: [udp sum ok] 14226+ A?
www.gmail.com. (31)
16:39:42.416803 IP (tos 0x0, ttl 127, id 44044, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.53483 > google-public-dns-b.google.com.domain: [udp sum ok] 14226+ A?
www.gmail.com. (31)
16:39:43.415288 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.2 tell 10.0.2.15, length 28
16:39:43.415646 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.0.2.2 is-at 52:54:00:12:35:02 (oui Unknown), length 46
16:39:43.416620 IP (tos 0x0, ttl 64, id 6859, offset 0, flags [DF], proto UDP (17), length 67)
10.0.2.15.56570 > WiMaxCPE.domain: [bad udp cksum b9ed!] 64027+ PTR? 2.2.0.10.in-addr.arpa. (39)
16:39:43.420301 IP (tos 0x0, ttl 64, id 16975, offset 0, flags [none], proto UDP (17), length 67)
WiMaxCPE.domain > 10.0.2.15.56570: [udp sum ok] 64027 NXDomain* q: PTR? 2.2.0.10.in-addr.arpa. 0/0/0 (39)
16:39:46.439571 IP (tos 0x0, ttl 127, id 44059, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.53483 > google-public-dns-a.google.com.domain: [udp sum ok] 14226+ A?
www.gmail.com. (31)
16:39:46.440133 IP (tos 0x0, ttl 127, id 44060, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.53483 > google-public-dns-b.google.com.domain: [udp sum ok] 14226+ A?
www.gmail.com. (31)
16:39:55.741198 IP (tos 0x0, ttl 127, id 44116, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.64245 > google-public-dns-a.google.com.domain: [udp sum ok] 22223+ A?
www.gmail.com. (31)
16:39:56.737947 IP (tos 0x0, ttl 127, id 44121, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.64245 > google-public-dns-b.google.com.domain: [udp sum ok] 22223+ A?
www.gmail.com. (31)
16:39:57.741730 IP (tos 0x0, ttl 127, id 44126, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.64245 > google-public-dns-a.google.com.domain: [udp sum ok] 22223+ A?
www.gmail.com. (31)
16:39:59.742024 IP (tos 0x0, ttl 127, id 44135, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.64245 > google-public-dns-a.google.com.domain: [udp sum ok] 22223+ A?
www.gmail.com. (31)
16:39:59.742274 IP (tos 0x0, ttl 127, id 44136, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.64245 > google-public-dns-b.google.com.domain: [udp sum ok] 22223+ A?
www.gmail.com. (31)
16:40:03.748258 IP (tos 0x0, ttl 127, id 44153, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.64245 > google-public-dns-a.google.com.domain: [udp sum ok] 22223+ A?
www.gmail.com. (31)
16:40:03.748845 IP (tos 0x0, ttl 127, id 44154, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.64245 > google-public-dns-b.google.com.domain: [udp sum ok] 22223+ A?
www.gmail.com. (31)
16:40:13.012143 IP (tos 0x0, ttl 127, id 44198, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.55850 > google-public-dns-a.google.com.domain: [udp sum ok] 48632+ A?
www.gmail.com. (31)
16:40:14.034206 IP (tos 0x0, ttl 127, id 44203, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.55850 > google-public-dns-b.google.com.domain: [udp sum ok] 48632+ A?
www.gmail.com. (31)
16:40:15.035108 IP (tos 0x0, ttl 127, id 44204, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.55850 > google-public-dns-a.google.com.domain: [udp sum ok] 48632+ A?
www.gmail.com. (31)
16:40:15.179466 IP (tos 0x0, ttl 127, id 44205, offset 0, flags [none], proto UDP (17), length 65)
10.0.2.15.64246 > google-public-dns-a.google.com.domain: [udp sum ok] 47109+ A? support.mozilla.org. (37)
16:40:16.176905 IP (tos 0x0, ttl 127, id 44206, offset 0, flags [none], proto UDP (17), length 65)
10.0.2.15.64246 > google-public-dns-b.google.com.domain: [udp sum ok] 47109+ A? support.mozilla.org. (37)
16:40:17.038636 IP (tos 0x0, ttl 127, id 44207, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.55850 > google-public-dns-a.google.com.domain: [udp sum ok] 48632+ A?
www.gmail.com. (31)
16:40:17.039094 IP (tos 0x0, ttl 127, id 44208, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.55850 > google-public-dns-b.google.com.domain: [udp sum ok] 48632+ A?
www.gmail.com. (31)
16:40:17.178017 IP (tos 0x0, ttl 127, id 44209, offset 0, flags [none], proto UDP (17), length 65)
10.0.2.15.64246 > google-public-dns-a.google.com.domain: [udp sum ok] 47109+ A? support.mozilla.org. (37)
16:40:18.011913 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.2 tell 10.0.2.15, length 28
16:40:18.013006 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.0.2.2 is-at 52:54:00:12:35:02 (oui Unknown), length 46
16:40:19.180949 IP (tos 0x0, ttl 127, id 44210, offset 0, flags [none], proto UDP (17), length 65)
10.0.2.15.64246 > google-public-dns-a.google.com.domain: [udp sum ok] 47109+ A? support.mozilla.org. (37)
16:40:19.181388 IP (tos 0x0, ttl 127, id 44211, offset 0, flags [none], proto UDP (17), length 65)
10.0.2.15.64246 > google-public-dns-b.google.com.domain: [udp sum ok] 47109+ A? support.mozilla.org. (37)
16:40:21.042925 IP (tos 0x0, ttl 127, id 44212, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.55850 > google-public-dns-a.google.com.domain: [udp sum ok] 48632+ A?
www.gmail.com. (31)
16:40:21.043481 IP (tos 0x0, ttl 127, id 44213, offset 0, flags [none], proto UDP (17), length 59)
10.0.2.15.55850 > google-public-dns-b.google.com.domain: [udp sum ok] 48632+ A?
www.gmail.com. (31)
16:40:23.187266 IP (tos 0x0, ttl 127, id 44214, offset 0, flags [none], proto UDP (17), length 65)
10.0.2.15.64246 > google-public-dns-a.google.com.domain: [udp sum ok] 47109+ A? support.mozilla.org. (37)
16:40:23.187687 IP (tos 0x0, ttl 127, id 44215, offset 0, flags [none], proto UDP (17), length 65)
10.0.2.15.64246 > google-public-dns-b.google.com.domain: [udp sum ok] 47109+ A? support.mozilla.org. (37)
^C
42 packets captured
42 packets received by filter
0 packets dropped by kernel