Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
10-30-2001, 05:59 AM
|
#1
|
|
LQ Newbie
Registered: Jul 2001
Location: UK
Distribution: RH 7.1
Posts: 24
Rep: 
|
Iptables Masquerading
I am trying to setup ip masquerading on my home network but am having some troubles!
My first machine (router) has two interfaces eth0,eth1. eth0 is on the internet, eth1 internal. I have tried to setup masquerading with the following rules.
iptables -t nat -F POSTROUTING
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
I have setup up another machine with this machine as it's gateway and tried to ping a server. I get:
Redirect Host(New nexthop: 10.255.255.254)
Destination Host unreachable
The routers IP is 10.116.0.1 (internal) which makes me wonder about the ip given for nexthop.
Sorry if this is messy or doesn't make much sense but i'm writing this using lynx on a console (due to this problem!)
Any help would be greatly appreciated!
Chris
|
|
|
|
|
10-30-2001, 09:10 AM
|
#2
|
|
Member
Registered: Feb 2001
Location: Colorado Springs, CO
Distribution: Redhat v8.0 (soon to be Fedora? or maybe I will just go back to Slackware)
Posts: 857
Rep:
|
What is the total output for 'ifconfig' on both machines?
or better yet, what does /etc/sysconfig/network-scripts/ifcfg-eth0 and /etc/sysconfig/network-scripts/ifcfg-eth1 show on both machines?
What does 'route' show on both machines?
|
|
|
|
|
10-31-2001, 04:58 AM
|
#3
|
|
LQ Newbie
Registered: Jul 2001
Location: UK
Distribution: RH 7.1
Posts: 24
Original Poster
Rep:
|
I have looked at the output of route on the router machine and it appears that the IP address given for nexthop is the default gateway for eth1 (the internal interface).
Within 'ifcfg-eth1' no gateway is set up. Does this need to be done?
To my mind this seems to mean that iptables is trying to pass the masqueraded packets through the wrong interface, even though the '-o' option is set to eth0 (external interface).
Any idea why?
Cheers,
Chris
|
|
|
|
|
10-31-2001, 01:25 PM
|
#4
|
|
Member
Registered: Feb 2001
Location: Colorado Springs, CO
Distribution: Redhat v8.0 (soon to be Fedora? or maybe I will just go back to Slackware)
Posts: 857
Rep:
|
Here is how I usually set it up:
I configure the external NIC with the gateway and IP addy that my ISP provides. I configure the internal NIC with an internal IP but I use the external NIC as the gateway. All of that shows up in the ifcfg-eth? scripts.
I make sure that I have ip_forward on and I set the MASQ up in IPCHAINS. Restart your network after doing all that and you shouuld be good to go.
The routing should be set up correctly automatically once you get the other IP info correct for each NIC.
|
|
|
|
|
11-01-2001, 04:34 AM
|
#5
|
|
LQ Newbie
Registered: Jul 2001
Location: UK
Distribution: RH 7.1
Posts: 24
Original Poster
Rep:
|
Thanks for your help kevin. It turned out in the end to be a spurious entry in /etc/sysconfig/network. I believe this was caused by the use of the 'netconfig' program. I had originally configured everything by hand, and when it didn't work I used this program! Guess that'll teach me for trying to do things the quick way!!!!
Cheers,
Chris
|
|
|
|
All times are GMT -5. The time now is 03:51 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
