OT: Network setup - NAT
Hiisi
very-cool at rambler.ru
Mon Mar 30 06:52:58 UTC 2009
> Hiisi wrote:
> > Dear Fedora crowd!
> > I've a desktop running Fedora 10 connected to the Internet via LAN.
> > There's 3 network controllers in the desktop. One integrated to the
> > motherboard and two additional. I would like to connect other
> computers
> > (two laptops, one running fc9 and the other Window$ XP) to the
> Internet
> > via the desktop. I googled the question and found out that I need to
> > adjust thing called 'NAT'. For that purpose I did the following:
> > iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -j SNAT --to-source
> > 192.168.*.* where 192.168.*.* - is desktop' IP address. I want to
use
> > 192.168.2.0/24 as a network for laptops. I activated one of devices
> > (eth1), gave it IP address: ifconfig eth1 192.168.2.0/24 and
connected
> > f9 laptop to it. On the laptop I activated eth0 with the same IP.
The
> > problem is: it doesn't work. I can't ping anything from the laptop
> > except its own address (192.168.2.0). What should I do? Any help
will
> be
> > appreciated.
> > Thanks in advance.
> > --
> > Hiisi.
> >
> First of all, 192.168.2.0 should not be assigned to a NIC on your
> setup, because it is the network address, and has a special meaning.
>
> Next, you do not want the F10 NIC and the laptop NICs to have the
> same IP address. You probably want something like 192.168.2.1 for
> the NIC on the F10 machine, and 192.168.2.2 for the F9 laptop. (I
> don't know if both laptops are on the same NIC.)
>
> You will also have to add routes on all the machines. If you have
> configured ifcfg-eth0 correctly on the laptops, they will already
> have the routes.
>
> What you have to do on the F10 machine depends on how you have
> things physically connected, and you have to provide more
> information before we can address that.
>
> For configuring the firewall, a program like firestarter will help a
> lot.
>
> Mikkel
> --
>
> Do not meddle in the affairs of dragons,
> for thou art crunchy and taste good with Ketchup!
I submitted the same thread on fedoraforum.org and received useful
advices from there. But that didn't solve my problem. Here's what I have
now:
I assigned F10 eth1 an address 192.168.2.1/24
and done some additional iptables commands on F10:
iptables -A FORWARD -i eth1 -j ACCEPT
iptables -A FORWARD -o eth1 -j ACCEPT
iptables -t nat -A POSTROUTING
Also enabled stack forwarding with this command
on F10:
echo 1 > /proc/sys/net/ipv4/ip_forward
Assigned for F9 laptop IP 192.168.2.2
Setted laptop' route table so it's default gateway is 192.168.2.1
IT ALL DOESN'T WORK.
I can't go WEB from the laptop. I can ping the f10 machine. And I can
ping 192.168.2.2 from f10 machine.
Here's the ifconfig output of F10 machine:
[root at imt sampo]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0F:EA:22:A0:2C
inet addr:192.168.0.203 Bcast:192.168.1.255
Mask:255.255.254.0
inet6 addr: fe80::20f:eaff:fe22:a02c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7730 errors:0 dropped:0 overruns:0 frame:0
TX packets:591 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:804722 (785.8 KiB) TX bytes:165007 (161.1 KiB)
Interrupt:19 Base address:0xe000
eth1 Link encap:Ethernet HWaddr 00:40:F4:98:DB:E9
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::240:f4ff:fe98:dbe9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:117 errors:0 dropped:0 overruns:0 frame:0
TX packets:104 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:15917 (15.5 KiB) TX bytes:12848 (12.5 KiB)
Interrupt:19
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:800 (800.0 b) TX bytes:800 (800.0 b)
pan0 Link encap:Ethernet HWaddr E2:68:9C:B5:1C:09
inet addr:192.168.0.203 Bcast:192.168.1.255
Mask:255.255.254.0
inet6 addr: fe80::e068:9cff:feb5:1c09/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:21 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:3315 (3.2 KiB)
And its route:
[root at imt sampo]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.2.0 * 255.255.255.0 U 0 0 0
eth1
192.168.0.0 * 255.255.254.0 U 0 0 0
eth0
192.168.0.0 * 255.255.254.0 U 0 0 0
pan0
link-local * 255.255.0.0 U 1003 0 0
eth1
link-local * 255.255.0.0 U 1004 0 0
eth0
link-local * 255.255.0.0 U 1005 0 0
pan0
default mitht2.imt.ru 0.0.0.0 UG 0 0 0
eth0
Laptop' ifconfig:
eth0 Link encap:Ethernet HWaddr 00:13:77:30:56:44
inet addr:192.168.2.2 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::213:77ff:fe30:5644/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:299982 errors:0 dropped:0 overruns:0 frame:0
TX packets:16484 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:35998478 (34.3 MiB) TX bytes:2547936 (2.4 MiB)
Interrupt:18 Base address:0x8000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8857 errors:0 dropped:0 overruns:0 frame:0
TX packets:8857 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:469061 (458.0 KiB) TX bytes:469061 (458.0 KiB)
Laptop' route:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.2.0 * 255.255.255.0 U 0 0 0
eth0
link-local * 255.255.0.0 U 0 0 0
eth0
default 192.168.2.1 0.0.0.0 UG 0 0 0
eth0
Thanks for Re:!
--
Hiisi.
More information about the fedora-list
mailing list