Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 02-06-2013, 05:27 PM   #1
LQ Newbie
Registered: Feb 2013
Posts: 2

Rep: Reputation: Disabled
Linux routing problem

I'm having a problem using Linux (CentOS 6.3) as a router that I've tried to outline below. Goal is that computers on LAN2 should be able to access the internet with the Linux server inline acting as the router between LAN2 & LAN1. I don't want to NAT LAN2 to a pool of addresses in LAN1, I just want to route through the Linux box and have the cable modem perform NAT through its outside interface.

Any help is appreciated as I've been banging my head on this for a while now.

Cable Modem     (default gw =
    | LAN1 =
Linux Router    (default gw = (forwarding enabled via sysctl)
    | LAN2 =
ComputerA       (default gw =
Routing table for Cable Modem: via
default via

Routing table for Linux Router (multiple tables):
(Main) dev outside proto kernel scope link src dev inside proto kernel scope link src
default via dev outside

(201) dev outside scope link dev inside scope link
default via dev inside

Rules for Linux Router:
0: from all lookup local
32765: from lookup 201
32766: from all lookup main
32767: from all lookup default

Routing table on ComputerA:
default via

ComputerA cannot access the internet.
ComputerA can ping as follows: yes yes yes no

What am I missing? Why can't ComputerA access the internet and/or ping an internet host that is known to respond to icmp (Google DNS)?

Old 02-06-2013, 07:40 PM   #2
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677
Is the cable modem performing NAT translation for the network, or merely routing traffic which it won't do on it's WAN interface since it's in a reserved private only address. In other words, does it only perform NAT translation for the network its LAN switch is on?
If that is the case, maybe treating the network as a the DMZ could trick the modem. to provide NAT if it allows a DMZ port configured on a separate private network.

You could configure the Linux router to masquarade addresses when the source is from a address and the destination isn't a local address. So you would only be doing, what you want to avoid doing, if the destination is on the Internet. You could NAT to a single address. This would be using double-nattng for the hosts on the network.

Another option could be to subnet the 172.20.101 network with the host addresses changed from the 192.168.220 network to the top subnet. The router's LAN interface would still have /24 scope encompassing both /25 subnets.

Good Luck.
1 members found this post helpful.
Old 02-08-2013, 05:34 PM   #3
LQ Newbie
Registered: Feb 2013
Posts: 2

Original Poster
Rep: Reputation: Disabled
Makes sense

That makes sense. I'll check out the DMZ idea you suggested, but I'm betting that will fail as well. I'll need to see if our provider can give us a simple modem/bridge rather than a modem/gateway and then perform all the translation on the server.

Thank you. I'll reply regarding whether-or-not the DMZ idea works after I test.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
linux source routing problem seth3k Linux - Networking 2 07-09-2011 06:34 AM
ftp routing problem on linux server dont_stop_me Linux - Networking 5 02-01-2009 02:41 PM
help please :) Problem routing through Linux box jrd426 Linux - Newbie 22 03-11-2006 06:26 PM
A routing Linux to win system problem jarethfox Linux - Networking 2 08-03-2003 09:08 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:12 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration