ip masquerading

John Summerfield debian at herakles.homelinux.org
Sun Nov 25 05:59:56 UTC 2007 

bruce wrote:
> Hi John!!
> 
> I've forgotten something, as I thought this was working at one time, so it's
> back to the basics....

You haven't said whether you're using network mangler. It will not work 
with network mangler.

> 
> to begin, i have two boxes:
> 
>   box1              -->>>     box2
> 
>  box1
>   eth0 - 192.168.1.2
> 
>  box2
>   ath0 - 192.168.1.5
>   eth0 - 192.168.2.5
> 
> from box1, i can ping box2/ath0 as they're on the same subnet. i can't ping
> box2/eth0.
> 
> from box2, i can ping box1. on box2, i can ping both nics.
> 
> how the heck do i setup box2 so box1 can ping box2/eth0??
> 
> is there a route cmd i can try on box2 that does a forward of traffic? is

man route

> this even possible? i'm pretty sure it should be possible. while i'm
> focusing on just a single box to connect to box2/eth0, i want to have all
> the boxes in my system eventually connect to box2/eth0, just like they do
> with box2/ath0... i shouldn't have to have a route cmd on each box,
> particulary as some boxes are windows, and don't have route!!
> 
> so.. what's the simple solution for this issue?
> 
> i can post my iptables/route output on box2...
> 
> thanks
> 
> 
> -----Original Message-----
> From: fedora-list-bounces at redhat.com
> [mailto:fedora-list-bounces at redhat.com]On Behalf Of John Summerfield
> Sent: Saturday, November 24, 2007 6:46 PM
> To: For users of Fedora
> Subject: Re: ip masquerading
> 
> 
> bruce wrote:
>> hi...
>>
>> i have a situation where i have a system with two connections, one
> wireless,
>> one eth connetion. i can currently connect with the wireless ath0 to my
>> network/internet/etc...
>>
>> however, when i activate the eth0 at the same time, i can't access the
>> network via ath0. as far as i can tell, i need to implement ip masquerade
> to
>> have eth0 map, to ath0...
>>
>> my test ip addresses are:
>>  ath0 - 192.168.1.33
>>  eth0 - 192.168.2.33
>>
>> any thoughts/comments/pointers...
> 
> You don't need IP masquerading, unless this system's going to be a
> gateway to the Internet for other computers.
> 
> You don't need IP masquerading if some other device is already doing it.
> The other device does need enough routes to access everything connecting
> through it, but in the usual case (you only have one subnet) that's how
> it's working. In your case, I assume you're using a "hardware" router
> and it's IP address is 192.168.1.1 or 192.168.1.254 (these are defaults
> for some brands). If it can be configured to route traffic to
> 192.168.2.33 via 192.168.1.33, then you don't need IP masquerading, you
> just need to configure the route.
> 
> You do need both interfaces active at the same time, and network manager
> cannot do that at present, I've just engaged in a lengthy discussion
> about that either on this list, or on -test.
> 
> I don't know whether network manager can be configured to do one network
> and not the other.
> 
> In addition to configuring both network interfaces to be active at the
> same time, you also need to enable forwarding in /etc/sysctl.conf
> 
> Here's script I run for myself, for a similar task. It doesn't show
> everything, and it won't suit you without some work.
> [root at localhost ~]# cat bin/startrelay
> #!/bin/bash
> ifdown eth0
> ifconfig eth0 172.17.0.1
> route add -net 192.168.9.0 gw 172.17.0.19  netmask 255.255.255.0 eth0
> service dhcpd restart
> 
> [root at localhost ~]#
> 
> ath0 in this system provides access to the Internet via a Linux system
> function as an Internet gateway. It's configured via system-network-config.
> 
> "ifdown eth0" takes down the configuration established by
> system-config-network for eth0, I don't want this configuration to be
> standard.
> 
> 
> --
> 
> Cheers
> John
> 
> -- spambait
> 1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu
> -- Advice
> http://webfoot.com/advice/email.top.php
> http://www.catb.org/~esr/faqs/smart-questions.html
> http://support.microsoft.com/kb/555375
> 
> You cannot reply off-list:-)
> 
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> 


-- 

Cheers
John

-- spambait
1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

More information about the fedora-list mailing list