Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm running into an odd issue with a simple masqueraded network. I've browsed the posts here and the internet but can't seem to find anyone with a similiar issue.
My network setup is as follows: I have a cable modem plugged into a windows XP machine with 2 NICs. 1 receiving the internet IP and the other an internal LAN address (192.168.0.1) going to a hub with 2 other machines (192.168.0.2 and .3). I have just recently replaced the XP "router" with a linux box, pulled 1 of the interfaces out of the XP machine and reassigned its remaining NIC with the internal address to 192.168.0.4. My linux machine now has 2 interfaces, 1 with the external IP (assigned by my ISPs dhcp server) and the other with a 192.168.0.1 address.
eth0 = external dynamic IP (24.170.170.xxx)
eth1 = lan IP (192.168.0.1)
I'm able to access the internet from my linux machine but cannot from my internal lan. However, I can ping my internal machines from my linux box and vise versa. I cannot ping on interface from the other though. For example, executing:
ping -I eth1 207.69.188.185
I get a Destination Host Unreachable.
However, pinging the same IP from eth0 returns results - so its definitely got a connection to the internet (I'm able to lynx to google). I'm also not able to ping eth0 from eth1 (same results).
Thought it might be a routing issue but everything looked fine. Default gateway is set when I bring up eth0. When I try to add a route for eth1 to use the gateway dhcp set in my /etc/resolve.conf (when I brought up eth0) I get a "Network is unreachable" error.
So I did a traceroute to see what my first hop was. Interesting it was a private IP: 10.107.192.1. However, the IP assigned to me when I bring up eth0 is NOT a private IP (24.170.170.186 currently).
<sigh>
XP seems to have no trouble sharing the connection but iptables is causing a log of frustration.
I'd be happy to provide any additional information you might need. Not quite sure where to go from here...
You are getting too technical.Try to think simple.The hits from the internal network come to your gw (ie)internal ip.From there you have not routed the traffic to the external ip.(ie)from eth1 to eth0.Without which the packets comming inside your gateway will not know what is to be done.Correct me if iam wrong.
I have a line like this in my firewall which may be of use to you.
# This rule will accept connections from local machines.
$IPTABLES -A INPUT -i lo -j ACCEPT
$IPTABLES -A INPUT -s 192.168.0.0/24 -d 0/0 -p all -j ACCEPT
As far as gateways go.... Your default gateway on the firewall should be set via DHCP from your internet provider. It should be an address in the same subnet as your external ip address. The default gateway for all your internal machines should be the firewall's internal address.
As far as iptables goes.... What is contained in your FORWARD table (iptables -L FORWARD) Packets coming in one interface and out the other hit the FORWARD table, so if the default is deny, you might be getting blocked there.
Thank you all for your replies! I really appreciate it.
I actually got it working. Kinda embarrassed...it turned out to be dns issues on my internal machines. Figured it out by noticing I could ping machines on the internet by their IP from my local machines. That was a giveaway.
Still don't know quite why I can't ping "pingable" internet machines from eth1 (my internal 192.168.0.1 interface) but can from machines within my lan. Oh well...not too worried about that.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.