ADSL, Proxy & Bridge
Jhon Ramawi Putra
jhonrp at pamapersada.com
Mon Aug 1 01:34:13 UTC 2005
redhat-install-list-bounces at redhat.com wrote on 07/26/2005 07:06:05 PM:
> On Tuesday 26 Jul 2005 02:49, Jhon Ramawi Putra wrote:
> > redhat-install-list-bounces at redhat.com wrote on 07/26/2005 12:45:52
AM:
> > > Jhon Ramawi Putra wrote:
> > > > Dear Gurus...
> > > >
> > > > May be this is a beginner question, but any help will be
appreciated.
> > > > This is existing my network diagram:
> > > >
> > > > (.....Internet.....) --- [ADSL MODEM]-----[LAN Switch] ----
Desktops
> > > > (192.168.0.1, etc....)
> > > > 192.168.0.9
> > > >
> > > > The ADSL Modem act as gateway.
> > > >
> > > > Now i want to configure my network to be like this:
> > > >
> > > > (.....Internet.....) ---[ADSL MODEM]
> > > > ip : 10.0.0.1, net mask : 255.0.0.0
> > > >
> > > >
> > > > eth0: 10.0.0.2, net mask : 255.0.0.0
> > > > [Computer A]
> > > > eth1:192.168.0.10 netmask : 255.255.255.0
> > > >
> > > >
> > > > [LAN Switch] ---- Desktops (192.168.0.1, etc ...
with
> > > >
> > > > netmask : 255.255.255.0)
> > > >
> > > > The ADSL Modem is attached to Computer A via eth0. Then my eth1 is
> > > > connected to LAN. I want to make Computer A as Proxy Server .
> > > >
> > > > Then i tried to make a "bridge" using brctl, and followed every
step
> >
> > in
> >
> > > > "How to" documents that i found from googling, but i got no
success.
> > > > Computer A can ping to LAN Clients dan Browse to Internet. LAN
Clients
> >
> > can
> >
> > > > ping Computer A, but they can't ping The ADSL Modem and browse
> >
> > internet.
> >
> > > > So, i assumed that the bridge didn't working well.
> > >
> > > You need to enable IP forwarding in computer-a to make it act as a
> > > router. For that, either do this:
> > >
> > > echo 1 >/proc/sys/net/ipv4/ip_forward
> > >
> > > or change the line in /etc/sysctl.conf that reads:
> > >
> > > net.ipv4.ip_forward = 0
> > >
> > > to
> > >
> > > net.ipv4.ip_forward = 1
> > >
> > > and either reboot or use "sysctl -w net.ipv4.ip_forward=1". For
proxy
> > > operations, you should install and configure squid.
> > >
----------------------------------------------------------------------
> > > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com
-
> > > - VitalStream, Inc. http://www.vitalstream.com
-
> > > - -
> > > - Admitting you have a problem is the first step toward getting -
> > > - medicated for it. -- Jim Evarts (http://www.TopFive.com) -
> > >
----------------------------------------------------------------------
> > >
> > > _______________________________________________
> > > Redhat-install-list mailing list
> > > Redhat-install-list at redhat.com
> > > https://www.redhat.com/mailman/listinfo/redhat-install-list
> > > To Unsubscribe Go To ABOVE URL or send a message to:
> > > redhat-install-list-request at redhat.com
> > > Subject: unsubscribe
> >
> > Thanks Rick,
> >
> > I did this:
> > > echo 1 >/proc/sys/net/ipv4/ip_forward
> >
> > but i didn't do this one:
> > > and either reboot or use "sysctl -w net.ipv4.ip_forward=1".
> >
> > Before i configured the bridge, i assigned each NIC card with IP. Then
i
> > read this in
> >
http://www.faqs.org/docs/Linux-HOWTO/Ethernet-Bridge-netfilter-HOWTO.html
> >
> > "But now they became part of the logical bridge device and therefore
need
> > no IP configuration any longer"
> >
> > and another tutorial said that i should not assigned IP address first
to
> > the NICs card before configure the bridge nor set DHCP for it. So, may
be
> > that was my fault :)
> >
> > Ok, i'll try to set it up again (end of this week...). Thanks
Rick....!
> >
> > Best Regards,
> > Jhon Ramawi Putra
> >
>
> In your case you need Computer A to act as a router, not a bridge. A
bridge
> sits between different segments of the *same* subnet, and provides a
> transparent link between the two. It may, or may not, have an IP address
> which is part of the same subnet.
>
> In your case you have two different networks on either side of Computer
A,
> 10/8 on one side and 192.168.0/24 on the other side, so the machine
needs to
> act as a router between these networks. Eth0 and eth1 are already setup
to be
> part of each network, so all you need is to configure routing to route
> packets between eth0 and eth1 for these two networks.
>
> --
> Nigel Wade, System Administrator, Space Plasma Physics Group,
> University of Leicester, Leicester, LE1 7RH, UK
> E-mail : nmw at ion.le.ac.uk
> Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555
>
> _______________________________________________
> Redhat-install-list mailing list
> Redhat-install-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-install-list
> To Unsubscribe Go To ABOVE URL or send a message to:
> redhat-install-list-request at redhat.com
> Subject: unsubscribe
Hello Nigel....
Finally, i followed your advice and ... the "computer a" now is a router
and run perfectly.
So, my step are:
(1) Reinstall Fedora Core 3
(2) Set eth0 192.168.0.9 netmask 255.255.255.0 and eth1 10.0.0.1 netmask
255.0.0.0
(3) Edit rc.local , add these lines:
DEVICE=eth1
iptables -A FORWARD -o $DEVICE -i ! $DEVICE -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -f -j ACCEPT
iptables -t nat -A POSTROUTING -o $DEVICE -j MASQUERADE
echo "1" > /proc/sys/net/ipv4/ip_forward
(4) Set gateway on eth1 = 10.0.0.2 (ADSL Modem IP)
(5) Restart
(6) Set Gateway IP on LAN Clients to 10.0.0.1
(7) Browse internet!!
May be this is a simple configuration, but i hope this would be usefull.
Now, ready to install Squid and friends.. :)
Thanks Rick and Nigel for the advices!
Best Regards,
Jhon Ramawi Putra
More information about the Redhat-install-list
mailing list