NAT-setup: modification requared

Hiisi very-cool at rambler.ru
Wed Sep 2 05:07:54 UTC 2009 

Dear List!
I have F11 machine which shares WEB to small home wired network. F11 
computer has 3 ethernet adapters - one built in motherboard (eth0, 
'main' adapter) and two additional cards (eth1,2). With grate help of 
this list and even greater help of google I was able to set up NAT over 
it. It worked perfect while there was only one client in the home 
network - window$ laptop, connected to eth1 (eth2 was down). Now I added 
second laptop - it runs ubuntu. I turned on eth2 and tried to do the 
same trick with it but no lack until now. Here goes mine configuration:
ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0F:EA:22:A0:2C
          inet addr:192.168.0.203  Bcast:192.168.1.255 
Mask:255.255.254.0
          inet6 addr: fe80::20f:eaff:fe22:a02c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:124015 errors:0 dropped:0 overruns:0 frame:0
          TX packets:25838 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:21230917 (20.2 MiB)  TX bytes:4769745 (4.5 MiB)
          Interrupt:19 Base address:0xe000

eth1      Link encap:Ethernet  HWaddr 00:80:48:2E:43:9C
          inet addr:192.168.2.20  Bcast:192.168.2.255 
Mask:255.255.255.0
          inet6 addr: fe80::280:48ff:fe2e:439c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:11044 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9539 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:8868181 (8.4 MiB)  TX bytes:3991105 (3.8 MiB)
          Interrupt:18 Base address:0x8000

eth2      Link encap:Ethernet  HWaddr 00:40:F4:98:DB:E9
          inet addr:192.168.2.40  Bcast:192.168.2.255 
Mask:255.255.255.0
          inet6 addr: fe80::240:f4ff:fe98:dbe9/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:75 errors:0 dropped:0 overruns:0 frame:0
          TX packets:73 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5935 (5.7 KiB)  TX bytes:14586 (14.2 KiB)
          Interrupt:19 Base address:0xa000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:329 errors:0 dropped:0 overruns:0 frame:0
          TX packets:329 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:69191 (67.5 KiB)  TX bytes:69191 (67.5 KiB)

route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use 
Iface
192.168.2.0     *               255.255.255.0   U     0      0        0 
eth1
192.168.2.0     *               255.255.255.0   U     0      0        0 
eth2
192.168.0.0     *               255.255.254.0   U     0      0        0 
eth0
link-local      *               255.255.0.0     U     1002   0        0 
eth0
link-local      *               255.255.0.0     U     1003   0        0 
eth1
link-local      *               255.255.0.0     U     1004   0        0 
eth2
default         mitht2.imt.ru   0.0.0.0         UG    0      0        0 
eth0

sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1

iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.3.1 on Tue Sep  1 23:36:23 2009
*nat
:PREROUTING ACCEPT [1264:158963]
:POSTROUTING ACCEPT [96:14688]
:OUTPUT ACCEPT [462:49878]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Tue Sep  1 23:36:23 2009
# Generated by iptables-save v1.4.3.1 on Tue Sep  1 23:36:23 2009
*filter
:INPUT ACCEPT [7849:1116249]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1219:189475]
-A FORWARD -i eth0 -j ACCEPT
-A FORWARD -i eth1 -j ACCEPT
-A FORWARD -i eth2 -j ACCEPT
COMMIT
# Completed on Tue Sep  1 23:36:23 2009

Window$ laptop has 192.168.2.30 address and uses 192.168.2.20 (eth1 IP) 
as gateway. DNS is the same as on F11 machine.
I've tried to set up 192.168.2.50 as IP for ubuntu laptop with default 
gateway of eth2 IP address: 192.168.2.40. It doesn't work. When I'm 
trying to ping 192.168.2.50 from F11 the result is:
ping 192.168.2.50
PING 192.168.2.50 (192.168.2.50) 56(84) bytes of data.
>From 192.168.2.20 icmp_seq=2 Destination Host Unreachable
>From 192.168.2.20 icmp_seq=3 Destination Host Unreachable
>From 192.168.2.20 icmp_seq=4 Destination Host Unreachable
^C
As I can understand packets go from wrong IP. Namely, from eth1 when I 
would like them to go from eth2.
How to fix that?
Thank you for your attention!
Respectfully
--
Hiisi.
Registered Linux User #487982. Be counted at: http://counter.li.org/

More information about the users mailing list