Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 08-01-2004, 07:22 PM   #1
Registered: Jul 2004
Posts: 40

Rep: Reputation: 15
Route packets between cable modem and another router

Thanks to Peter_Robb, I am well on the right path with iptables and Linux.

I'm now wondering if the following is possible:

I have in my left hand a cable modem, on my (small) lap a Linksys ethernet router and an embedded linux server, and in my right a linux workstation client. Ordinarily the cable modem connects to the router which the workstation plugs into, and the world is a happy place.

However I want to insert my linux server between the cable modem and the router for two reasons. First, I want to be able to access via the fixed IP assigned by the ISP from the public internet. If I put the server behind the Linksys router, configuration changes (port forwarding) will be required and this increases the complexity. Secondly, should something break in the linux server (highly unlikely) the user should be able to remove it and plug from the router back to the cable modem without any change in configuration. In short, I want to keep it elegant.

In the end, the server will pass packets from the cable modem side (eth0) to eth1 where they can then be handled by the router and on to the clients.

I also must (obviously) do a bunch of filtering and protecting of the server itself as it will sit exposed. I must design this filtering so that only the server itself will go through them. I otherwise want no filtering between the cable modem and the router.

In this case, what I have is "Double NAT".

(Fortunately in most cases, the embedded linux server I am working with will either connect directly to a cable modem (or adsl modem) on eth0 and then provide a dhcp host to a client machine (or a switch with more than one) on eth1. This configuration, again thanks to Peter, works perfectly.)

In conclusion, rather than replace the existing router (usually a linksys) and therefore remove its firewalling and port forwarding, etc, i think it's better to keep it in the chain.

So here's what it will look like:

[Public Internet]
[Cable Modem]
[Embedded Linux server]
[Ethernet router (linksys)]
Various machines

Here's the sticking point:

The Cable Modem's ISP expects the client (in this case the linux server) to make a DHCP request for the ip address. The Linksys router is set up for this already, and I don't want to change anything on the Linksys router. This will allow a site to remove the Linux server and continue in operation should it fail, with no changes. Note that even tho DHCP is used, the same IP is always returned, guaranteed.

One problem:

The ISP looks for the MAC address of the ethernet card to authenticate the connection. If the MAC address is not what is on file with the ISP, there will be no IP granted. Therefore the Linksys router spoofs the IP address (there's a setting for it).

Is there a recommended way to do this when DHCP configures the eth0 interface? I searched and can't find an example of this. Any ideas?

Another problem:

In the current setup (sitting between the cable modem and the client, sans Linksys router) the server does NAT MASQUERADE. Is it legal to keep this in place in the new Double NAT configuration?

Also, it there any practical problem with doing this double natting, other than the possible performance hit?

Thanks for reading and sorry for the very long post.

I'm really excited to see this coming together. It would NEVER be possible without Linux and this great community.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't get to the internet through cable modem/router Myron Linux - Networking 4 03-03-2004 12:09 AM
Route dialup modem packets back through dialup instead of default route cable modem jogress Linux - Networking 1 10-21-2003 03:48 PM
Intenet through router and cable modem dhirajsharma Linux - Networking 4 09-24-2003 01:45 AM
For anyone with a cable modem and a router... strago Linux - Hardware 11 09-04-2003 04:04 PM
route to alcatel modem/router: LAN & internet HerrBee Linux - Networking 0 06-11-2003 02:16 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:46 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration