Dear List! I have F11 machine which shares WEB to small home wired network. F11 computer has 3 ethernet adapters - one built in motherboard (eth0, 'main' adapter) and two additional cards (eth1,2). With grate help of this list and even greater help of google I was able to set up NAT over it. It worked perfect while there was only one client in the home network - window$ laptop, connected to eth1 (eth2 was down). Now I added second laptop - it runs ubuntu. I turned on eth2 and tried to do the same trick with it but no lack until now. Here goes mine configuration: ifconfig eth0 Link encap:Ethernet HWaddr 00:0F:EA:22:A0:2C inet addr:192.168.0.203 Bcast:192.168.1.255 Mask:255.255.254.0 inet6 addr: fe80::20f:eaff:fe22:a02c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:124015 errors:0 dropped:0 overruns:0 frame:0 TX packets:25838 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:21230917 (20.2 MiB) TX bytes:4769745 (4.5 MiB) Interrupt:19 Base address:0xe000
eth1 Link encap:Ethernet HWaddr 00:80:48:2E:43:9C inet addr:192.168.2.20 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::280:48ff:fe2e:439c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:11044 errors:0 dropped:0 overruns:0 frame:0 TX packets:9539 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:8868181 (8.4 MiB) TX bytes:3991105 (3.8 MiB) Interrupt:18 Base address:0x8000
eth2 Link encap:Ethernet HWaddr 00:40:F4:98:DB:E9 inet addr:192.168.2.40 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::240:f4ff:fe98:dbe9/64 Scope:Link UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:75 errors:0 dropped:0 overruns:0 frame:0 TX packets:73 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:5935 (5.7 KiB) TX bytes:14586 (14.2 KiB) Interrupt:19 Base address:0xa000
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:329 errors:0 dropped:0 overruns:0 frame:0 TX packets:329 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:69191 (67.5 KiB) TX bytes:69191 (67.5 KiB)
route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.2.0 * 255.255.255.0 U 0 0 0 eth1 192.168.2.0 * 255.255.255.0 U 0 0 0 eth2 192.168.0.0 * 255.255.254.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 1002 0 0 eth0 link-local * 255.255.0.0 U 1003 0 0 eth1 link-local * 255.255.0.0 U 1004 0 0 eth2 default mitht2.imt.ru 0.0.0.0 UG 0 0 0 eth0
sysctl net.ipv4.ip_forward net.ipv4.ip_forward = 1
iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination
Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT) target prot opt source destination
cat /etc/sysconfig/iptables # Generated by iptables-save v1.4.3.1 on Tue Sep 1 23:36:23 2009 *nat :PREROUTING ACCEPT [1264:158963] :POSTROUTING ACCEPT [96:14688] :OUTPUT ACCEPT [462:49878] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT # Completed on Tue Sep 1 23:36:23 2009 # Generated by iptables-save v1.4.3.1 on Tue Sep 1 23:36:23 2009 *filter :INPUT ACCEPT [7849:1116249] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1219:189475] -A FORWARD -i eth0 -j ACCEPT -A FORWARD -i eth1 -j ACCEPT -A FORWARD -i eth2 -j ACCEPT COMMIT # Completed on Tue Sep 1 23:36:23 2009
Window$ laptop has 192.168.2.30 address and uses 192.168.2.20 (eth1 IP) as gateway. DNS is the same as on F11 machine. I've tried to set up 192.168.2.50 as IP for ubuntu laptop with default gateway of eth2 IP address: 192.168.2.40. It doesn't work. When I'm trying to ping 192.168.2.50 from F11 the result is: ping 192.168.2.50 PING 192.168.2.50 (192.168.2.50) 56(84) bytes of data.
From 192.168.2.20 icmp_seq=2 Destination Host Unreachable From 192.168.2.20 icmp_seq=3 Destination Host Unreachable From 192.168.2.20 icmp_seq=4 Destination Host Unreachable
^C As I can understand packets go from wrong IP. Namely, from eth1 when I would like them to go from eth2. How to fix that? Thank you for your attention! Respectfully -- Hiisi. Registered Linux User #487982. Be counted at: http://counter.li.org/
On Wed, Sep 2, 2009 at 7:07 AM, Hiisivery-cool@rambler.ru wrote:
Dear List! I have F11 machine which shares WEB to small home wired network. F11 computer has 3 ethernet adapters - one built in motherboard (eth0, 'main' adapter) and two additional cards (eth1,2). With grate help of this list and even greater help of google I was able to set up NAT over it. It worked perfect while there was only one client in the home network - window$ laptop, connected to eth1 (eth2 was down). Now I added second laptop - it runs ubuntu. I turned on eth2 and tried to do the same trick with it but no lack until now. Here goes mine configuration: ifconfig eth0 Link encap:Ethernet HWaddr 00:0F:EA:22:A0:2C inet addr:192.168.0.203 Bcast:192.168.1.255 Mask:255.255.254.0 inet6 addr: fe80::20f:eaff:fe22:a02c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:124015 errors:0 dropped:0 overruns:0 frame:0 TX packets:25838 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:21230917 (20.2 MiB) TX bytes:4769745 (4.5 MiB) Interrupt:19 Base address:0xe000
eth1 Link encap:Ethernet HWaddr 00:80:48:2E:43:9C inet addr:192.168.2.20 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::280:48ff:fe2e:439c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:11044 errors:0 dropped:0 overruns:0 frame:0 TX packets:9539 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:8868181 (8.4 MiB) TX bytes:3991105 (3.8 MiB) Interrupt:18 Base address:0x8000
eth2 Link encap:Ethernet HWaddr 00:40:F4:98:DB:E9 inet addr:192.168.2.40 Bcast:192.168.2.255 Mask:255.255.255.0
eth1 and eth2 use the same network 192.168.2.0/255.255.255.0 ! Here is your problem. This is not a NAT problem but a routing problem.
You have two solutions :
First you use another network on eth2 , say ip=192.168.3.20 Mask:255.255.255.0
The second one is to add route to tell your F11 your ubuntu is on eth2, but if you want your ubuntu to communicate with your windows, you need to add route on both laptop about that.
The first one is the easiest :-)
inet6 addr: fe80::240:f4ff:fe98:dbe9/64 Scope:Link UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:75 errors:0 dropped:0 overruns:0 frame:0 TX packets:73 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:5935 (5.7 KiB) TX bytes:14586 (14.2 KiB) Interrupt:19 Base address:0xa000
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:329 errors:0 dropped:0 overruns:0 frame:0 TX packets:329 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:69191 (67.5 KiB) TX bytes:69191 (67.5 KiB)
route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.2.0 * 255.255.255.0 U 0 0 0 eth1
This line say all addresses 192.168.2.* are on the eth1 side
192.168.2.0 * 255.255.255.0 U 0 0 0 eth2
This line say all addresses 192.168.2.* are on the eth2 side
Because eth1 is the first all packet will go to eth1
You need to replace this last one by
192.168.2.40 * 255.255.255.255 U 0 0 0 eth2
192.168.0.0 * 255.255.254.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 1002 0 0 eth0 link-local * 255.255.0.0 U 1003 0 0 eth1 link-local * 255.255.0.0 U 1004 0 0 eth2 default mitht2.imt.ru 0.0.0.0 UG 0 0 0 eth0
sysctl net.ipv4.ip_forward net.ipv4.ip_forward = 1
iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination
Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT) target prot opt source destination
cat /etc/sysconfig/iptables # Generated by iptables-save v1.4.3.1 on Tue Sep 1 23:36:23 2009 *nat :PREROUTING ACCEPT [1264:158963] :POSTROUTING ACCEPT [96:14688] :OUTPUT ACCEPT [462:49878] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT # Completed on Tue Sep 1 23:36:23 2009 # Generated by iptables-save v1.4.3.1 on Tue Sep 1 23:36:23 2009 *filter :INPUT ACCEPT [7849:1116249] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1219:189475] -A FORWARD -i eth0 -j ACCEPT -A FORWARD -i eth1 -j ACCEPT -A FORWARD -i eth2 -j ACCEPT COMMIT # Completed on Tue Sep 1 23:36:23 2009
Window$ laptop has 192.168.2.30 address and uses 192.168.2.20 (eth1 IP) as gateway. DNS is the same as on F11 machine. I've tried to set up 192.168.2.50 as IP for ubuntu laptop with default gateway of eth2 IP address: 192.168.2.40. It doesn't work. When I'm trying to ping 192.168.2.50 from F11 the result is: ping 192.168.2.50 PING 192.168.2.50 (192.168.2.50) 56(84) bytes of data.
From 192.168.2.20 icmp_seq=2 Destination Host Unreachable From 192.168.2.20 icmp_seq=3 Destination Host Unreachable From 192.168.2.20 icmp_seq=4 Destination Host Unreachable
^C As I can understand packets go from wrong IP. Namely, from eth1 when I would like them to go from eth2. How to fix that? Thank you for your attention! Respectfully -- Hiisi. Registered Linux User #487982. Be counted at: http://counter.li.org/
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
You should buy a network switch (about 10$), connect that to eth1 and connect both the clients to that switch. No further configuration needed, please do _not_ configure eth2.
Joerg Bergmann
Am Mittwoch, den 02.09.2009, 09:07 +0400 schrieb Hiisi:
Dear List! I have F11 machine which shares WEB to small home wired network. F11 computer has 3 ethernet adapters - one built in motherboard (eth0, 'main' adapter) and two additional cards (eth1,2). With grate help of this list and even greater help of google I was able to set up NAT over it. It worked perfect while there was only one client in the home network - window$ laptop, connected to eth1 (eth2 was down). Now I added second laptop - it runs ubuntu. I turned on eth2 and tried to do the same trick with it but no lack until now. Here goes mine configuration: ifconfig eth0 Link encap:Ethernet HWaddr 00:0F:EA:22:A0:2C inet addr:192.168.0.203 Bcast:192.168.1.255 Mask:255.255.254.0 inet6 addr: fe80::20f:eaff:fe22:a02c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:124015 errors:0 dropped:0 overruns:0 frame:0 TX packets:25838 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:21230917 (20.2 MiB) TX bytes:4769745 (4.5 MiB) Interrupt:19 Base address:0xe000
eth1 Link encap:Ethernet HWaddr 00:80:48:2E:43:9C inet addr:192.168.2.20 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::280:48ff:fe2e:439c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:11044 errors:0 dropped:0 overruns:0 frame:0 TX packets:9539 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:8868181 (8.4 MiB) TX bytes:3991105 (3.8 MiB) Interrupt:18 Base address:0x8000
eth2 Link encap:Ethernet HWaddr 00:40:F4:98:DB:E9 inet addr:192.168.2.40 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::240:f4ff:fe98:dbe9/64 Scope:Link UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:75 errors:0 dropped:0 overruns:0 frame:0 TX packets:73 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:5935 (5.7 KiB) TX bytes:14586 (14.2 KiB) Interrupt:19 Base address:0xa000
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:329 errors:0 dropped:0 overruns:0 frame:0 TX packets:329 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:69191 (67.5 KiB) TX bytes:69191 (67.5 KiB)
route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.2.0 * 255.255.255.0 U 0 0 0 eth1 192.168.2.0 * 255.255.255.0 U 0 0 0 eth2 192.168.0.0 * 255.255.254.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 1002 0 0 eth0 link-local * 255.255.0.0 U 1003 0 0 eth1 link-local * 255.255.0.0 U 1004 0 0 eth2 default mitht2.imt.ru 0.0.0.0 UG 0 0 0 eth0
sysctl net.ipv4.ip_forward net.ipv4.ip_forward = 1
iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination
Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT) target prot opt source destination
cat /etc/sysconfig/iptables # Generated by iptables-save v1.4.3.1 on Tue Sep 1 23:36:23 2009 *nat :PREROUTING ACCEPT [1264:158963] :POSTROUTING ACCEPT [96:14688] :OUTPUT ACCEPT [462:49878] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT # Completed on Tue Sep 1 23:36:23 2009 # Generated by iptables-save v1.4.3.1 on Tue Sep 1 23:36:23 2009 *filter :INPUT ACCEPT [7849:1116249] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1219:189475] -A FORWARD -i eth0 -j ACCEPT -A FORWARD -i eth1 -j ACCEPT -A FORWARD -i eth2 -j ACCEPT COMMIT # Completed on Tue Sep 1 23:36:23 2009
Window$ laptop has 192.168.2.30 address and uses 192.168.2.20 (eth1 IP) as gateway. DNS is the same as on F11 machine. I've tried to set up 192.168.2.50 as IP for ubuntu laptop with default gateway of eth2 IP address: 192.168.2.40. It doesn't work. When I'm trying to ping 192.168.2.50 from F11 the result is: ping 192.168.2.50 PING 192.168.2.50 (192.168.2.50) 56(84) bytes of data.
From 192.168.2.20 icmp_seq=2 Destination Host Unreachable From 192.168.2.20 icmp_seq=3 Destination Host Unreachable From 192.168.2.20 icmp_seq=4 Destination Host Unreachable
^C As I can understand packets go from wrong IP. Namely, from eth1 when I would like them to go from eth2. How to fix that? Thank you for your attention! Respectfully -- Hiisi. Registered Linux User #487982. Be counted at: http://counter.li.org/
Or your third option is to setup a bridge between eth1 and eth2. It means you will bind eth1 and eth2 together to form a "virtual switch" or bridge. Bridge will create its own virtual interface and then you should delete any IP addresses from the eth1 and eth2 and set just one IP address on the bridge interface. This solution is similar to the one suggested by Joerg, apart from the fact you do not even need network switch and your devices will be on the same network and will be able to communicate together.
Also in final, your IPtables rules won't be related to the eht1 and eth2 but to the bridge interface - so you need to change them.
You can find more info fore example here: http://www.linuxfoundation.org/en/Net:Bridge but I don't think you need to compile anything - I'm pretty sure this funcionality is built-in into Fedora for quite a long time now.
Bridge has one more advantage - if you decide to add yet another network card - it should be pretty easy to add it into bridge.
Feel free to search google for another examples - there are lots.
jaiv
On Wed, Sep 2, 2009 at 9:45 AM, Joerg Bergmann email@jbergmann.de wrote:
You should buy a network switch (about 10$), connect that to eth1 and connect both the clients to that switch. No further configuration needed, please do _not_ configure eth2.
Joerg Bergmann
Am Mittwoch, den 02.09.2009, 09:07 +0400 schrieb Hiisi:
Dear List! I have F11 machine which shares WEB to small home wired network. F11 computer has 3 ethernet adapters - one built in motherboard (eth0, 'main' adapter) and two additional cards (eth1,2). With grate help of this list and even greater help of google I was able to set up NAT over it. It worked perfect while there was only one client in the home network - window$ laptop, connected to eth1 (eth2 was down). Now I added second laptop - it runs ubuntu. I turned on eth2 and tried to do the same trick with it but no lack until now. Here goes mine configuration: ifconfig eth0 Link encap:Ethernet HWaddr 00:0F:EA:22:A0:2C inet addr:192.168.0.203 Bcast:192.168.1.255 Mask:255.255.254.0 inet6 addr: fe80::20f:eaff:fe22:a02c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:124015 errors:0 dropped:0 overruns:0 frame:0 TX packets:25838 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:21230917 (20.2 MiB) TX bytes:4769745 (4.5 MiB) Interrupt:19 Base address:0xe000
eth1 Link encap:Ethernet HWaddr 00:80:48:2E:43:9C inet addr:192.168.2.20 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::280:48ff:fe2e:439c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:11044 errors:0 dropped:0 overruns:0 frame:0 TX packets:9539 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:8868181 (8.4 MiB) TX bytes:3991105 (3.8 MiB) Interrupt:18 Base address:0x8000
eth2 Link encap:Ethernet HWaddr 00:40:F4:98:DB:E9 inet addr:192.168.2.40 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::240:f4ff:fe98:dbe9/64 Scope:Link UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:75 errors:0 dropped:0 overruns:0 frame:0 TX packets:73 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:5935 (5.7 KiB) TX bytes:14586 (14.2 KiB) Interrupt:19 Base address:0xa000
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:329 errors:0 dropped:0 overruns:0 frame:0 TX packets:329 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:69191 (67.5 KiB) TX bytes:69191 (67.5 KiB)
route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.2.0 * 255.255.255.0 U 0 0 0 eth1 192.168.2.0 * 255.255.255.0 U 0 0 0 eth2 192.168.0.0 * 255.255.254.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 1002 0 0 eth0 link-local * 255.255.0.0 U 1003 0 0 eth1 link-local * 255.255.0.0 U 1004 0 0 eth2 default mitht2.imt.ru 0.0.0.0 UG 0 0 0 eth0
sysctl net.ipv4.ip_forward net.ipv4.ip_forward = 1
iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination
Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT) target prot opt source destination
cat /etc/sysconfig/iptables # Generated by iptables-save v1.4.3.1 on Tue Sep 1 23:36:23 2009 *nat :PREROUTING ACCEPT [1264:158963] :POSTROUTING ACCEPT [96:14688] :OUTPUT ACCEPT [462:49878] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT # Completed on Tue Sep 1 23:36:23 2009 # Generated by iptables-save v1.4.3.1 on Tue Sep 1 23:36:23 2009 *filter :INPUT ACCEPT [7849:1116249] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1219:189475] -A FORWARD -i eth0 -j ACCEPT -A FORWARD -i eth1 -j ACCEPT -A FORWARD -i eth2 -j ACCEPT COMMIT # Completed on Tue Sep 1 23:36:23 2009
Window$ laptop has 192.168.2.30 address and uses 192.168.2.20 (eth1 IP) as gateway. DNS is the same as on F11 machine. I've tried to set up 192.168.2.50 as IP for ubuntu laptop with default gateway of eth2 IP address: 192.168.2.40. It doesn't work. When I'm trying to ping 192.168.2.50 from F11 the result is: ping 192.168.2.50 PING 192.168.2.50 (192.168.2.50) 56(84) bytes of data.
From 192.168.2.20 icmp_seq=2 Destination Host Unreachable From 192.168.2.20 icmp_seq=3 Destination Host Unreachable From 192.168.2.20 icmp_seq=4 Destination Host Unreachable
^C As I can understand packets go from wrong IP. Namely, from eth1 when I would like them to go from eth2. How to fix that? Thank you for your attention! Respectfully -- Hiisi. Registered Linux User #487982. Be counted at: http://counter.li.org/
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Hiisi wrote:
Dear List! I have F11 machine which shares WEB to small home wired network. F11 computer has 3 ethernet adapters - one built in motherboard (eth0, 'main' adapter) and two additional cards (eth1,2). With grate help of this list and even greater help of google I was able to set up NAT over it. It worked perfect while there was only one client in the home network - window$ laptop, connected to eth1 (eth2 was down). Now I added second laptop - it runs ubuntu. I turned on eth2 and tried to do the same trick with it but no lack until now. Here goes mine configuration:
Do you really need to keep the two private machines from talking to one another? If so change eth2 to 192.168.3.20 and run a separate network for each. Otherwise you might find less effort in investing in a switch and moving the work there. I appreciate that you may have policy or financial issues which prevent this, that hardware is inexpensive in the US but might no be at your location.
ifconfig eth0 Link encap:Ethernet HWaddr 00:0F:EA:22:A0:2C inet addr:192.168.0.203 Bcast:192.168.1.255 Mask:255.255.254.0 inet6 addr: fe80::20f:eaff:fe22:a02c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:124015 errors:0 dropped:0 overruns:0 frame:0 TX packets:25838 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:21230917 (20.2 MiB) TX bytes:4769745 (4.5 MiB) Interrupt:19 Base address:0xe000
eth1 Link encap:Ethernet HWaddr 00:80:48:2E:43:9C inet addr:192.168.2.20 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::280:48ff:fe2e:439c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:11044 errors:0 dropped:0 overruns:0 frame:0 TX packets:9539 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:8868181 (8.4 MiB) TX bytes:3991105 (3.8 MiB) Interrupt:18 Base address:0x8000
eth2 Link encap:Ethernet HWaddr 00:40:F4:98:DB:E9 inet addr:192.168.2.40 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::240:f4ff:fe98:dbe9/64 Scope:Link UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:75 errors:0 dropped:0 overruns:0 frame:0 TX packets:73 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:5935 (5.7 KiB) TX bytes:14586 (14.2 KiB) Interrupt:19 Base address:0xa000
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:329 errors:0 dropped:0 overruns:0 frame:0 TX packets:329 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:69191 (67.5 KiB) TX bytes:69191 (67.5 KiB)
route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.2.0 * 255.255.255.0 U 0 0 0 eth1 192.168.2.0 * 255.255.255.0 U 0 0 0 eth2 192.168.0.0 * 255.255.254.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 1002 0 0 eth0 link-local * 255.255.0.0 U 1003 0 0 eth1 link-local * 255.255.0.0 U 1004 0 0 eth2 default mitht2.imt.ru 0.0.0.0 UG 0 0 0 eth0
sysctl net.ipv4.ip_forward net.ipv4.ip_forward = 1
iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination
Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT) target prot opt source destination
cat /etc/sysconfig/iptables # Generated by iptables-save v1.4.3.1 on Tue Sep 1 23:36:23 2009 *nat :PREROUTING ACCEPT [1264:158963] :POSTROUTING ACCEPT [96:14688] :OUTPUT ACCEPT [462:49878] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT # Completed on Tue Sep 1 23:36:23 2009 # Generated by iptables-save v1.4.3.1 on Tue Sep 1 23:36:23 2009 *filter :INPUT ACCEPT [7849:1116249] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1219:189475] -A FORWARD -i eth0 -j ACCEPT -A FORWARD -i eth1 -j ACCEPT -A FORWARD -i eth2 -j ACCEPT COMMIT # Completed on Tue Sep 1 23:36:23 2009
Window$ laptop has 192.168.2.30 address and uses 192.168.2.20 (eth1 IP) as gateway. DNS is the same as on F11 machine. I've tried to set up 192.168.2.50 as IP for ubuntu laptop with default gateway of eth2 IP address: 192.168.2.40. It doesn't work. When I'm trying to ping 192.168.2.50 from F11 the result is: ping 192.168.2.50 PING 192.168.2.50 (192.168.2.50) 56(84) bytes of data.
From 192.168.2.20 icmp_seq=2 Destination Host Unreachable From 192.168.2.20 icmp_seq=3 Destination Host Unreachable From 192.168.2.20 icmp_seq=4 Destination Host Unreachable
^C As I can understand packets go from wrong IP. Namely, from eth1 when I would like them to go from eth2. How to fix that? Thank you for your attention! Respectfully -- Hiisi. Registered Linux User #487982. Be counted at: http://counter.li.org/
-
Alain Spineux -
Bill Davidsen -
Hiisi -
jaivuk -
Joerg Bergmann