routing setup

thirumala · 04-08-2004, 12:28 PM

Hi,

I want to setup a router on linux PC for testing with NISTNet with the following config:

GW-------SW[lan]-------------[eth0 linux box with redhat 9.0 eth1]--------client pc

Eth0: 192.168.10.40 with 192.165.10.0 network
Router/GW: 192.168.10.1

Eth1: 192.168.20.1 with 192.168.20.0 network

Client PC: 192.168.20.25 with gateway set to 192.168.20.1

I have enabled IP-forwarding using
echo "1" > /proc/sys/net/ipv4/ip_forward

And

FORWARD_IPV4=yes in sysctl.conf file.

At present I am able to ping from linux box towards both sides but not from client pc to GW or clients on lan to client pc.

I want to route any type of traffic between eth0 and eth1 without any filters {for NIST Net testing]. What do I need to do?

What is the basic iptables script to achieve this?

anybody, please help me out with this problem.

Thanks,
Thiru

paijm021 · 04-08-2004, 02:51 PM

routing with linux is a dream comming true. (compared with M$) :^)

zymurgist · 04-08-2004, 03:01 PM

Did you compile routing into the kernel? Not always there by default.

thirumala · 04-09-2004, 09:17 AM

Quote:

Originally posted by thirumala
Hi,

I want to setup a router on linux PC for testing with NISTNet with the following config:

GW-------SW[lan]-------------[eth0 linux box with redhat 9.0 eth1]--------client pc

Eth0: 192.168.10.40 with 192.165.10.0 network
Router/GW: 192.168.10.1

Eth1: 192.168.20.1 with 192.168.20.0 network

Client PC: 192.168.20.25 with gateway set to 192.168.20.1

I have enabled IP-forwarding using
echo "1" > /proc/sys/net/ipv4/ip_forward

And

FORWARD_IPV4=yes in sysctl.conf file.

At present I am able to ping from linux box towards both sides but not from client pc to GW or clients on lan to client pc.

I want to route any type of traffic between eth0 and eth1 without any filters {for NIST Net testing]. What do I need to do?

What is the basic iptables script to achieve this?

anybody, please help me out with this problem.

Thanks,
Thiru

Hi,
any help from anybody!

thanks,
Thiru

maxut · 04-09-2004, 09:32 AM

stop iptables.

or delete rules:
iptables -F

so it will become a router without filter. what's your distro?

thirumala · 04-09-2004, 12:49 PM

Quote:

Originally posted by maxut
stop iptables.

or delete rules:
iptables -F

so it will become a router without filter. what's your distro?

thanks for the reply, please have a look at below explanation:

Setup:

LAN-------SW-------------[eth0 linux box with redhat 9.0 eth1]--------client pc

Eth0: 192.168.10.40 with 192.165.10.0 network
Router/GW: 192.168.10.1

Eth1: 192.168.20.1 with 192.168.20.0 network

Client PC: 192.168.20.25 with gateway:192.168.20.1

I want to route any type of traffic between eth0 and eth1.

Here is “route” command output:

192.168.20.0 * 255.255.255.0 U 0 0 0 eth1
192.168.10.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 0 l0

and

I have enabled IP-forwarding using
< echo "1" > /proc/sys/net/ipv4/ip_forward >

And FORWARD_IPV4=yes in sysctl.conf file.

With the above basic setup, I am able to ping

Ø client PC to eth1, eth0
Ø LAN PC to eth0 only

With the following implementation:

iptables –t nat -A POSTROUTING –o eth0 –j MASQUERADE

I am able to ping:

Ø client PC to eth1, eth0 and LAN PCs
Ø LAN PC to eth0 only

I am not able to ping either eth1 or client PC from LAN PCs. Why?

-Thanks,
Thiru