NAT-setup: modification requared

Joerg Bergmann email at jbergmann.de
Wed Sep 2 08:45:10 UTC 2009


You should buy a network switch (about 10$), connect that to
eth1 and connect both the clients to that switch. No further
configuration needed, please do _not_ configure eth2.

Joerg Bergmann

Am Mittwoch, den 02.09.2009, 09:07 +0400 schrieb Hiisi:
> Dear List!
> I have F11 machine which shares WEB to small home wired network. F11 
> computer has 3 ethernet adapters - one built in motherboard (eth0, 
> 'main' adapter) and two additional cards (eth1,2). With grate help of 
> this list and even greater help of google I was able to set up NAT over 
> it. It worked perfect while there was only one client in the home 
> network - window$ laptop, connected to eth1 (eth2 was down). Now I added 
> second laptop - it runs ubuntu. I turned on eth2 and tried to do the 
> same trick with it but no lack until now. Here goes mine configuration:
> ifconfig
> eth0      Link encap:Ethernet  HWaddr 00:0F:EA:22:A0:2C
>           inet addr:192.168.0.203  Bcast:192.168.1.255 
> Mask:255.255.254.0
>           inet6 addr: fe80::20f:eaff:fe22:a02c/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:124015 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:25838 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:21230917 (20.2 MiB)  TX bytes:4769745 (4.5 MiB)
>           Interrupt:19 Base address:0xe000
> 
> eth1      Link encap:Ethernet  HWaddr 00:80:48:2E:43:9C
>           inet addr:192.168.2.20  Bcast:192.168.2.255 
> Mask:255.255.255.0
>           inet6 addr: fe80::280:48ff:fe2e:439c/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:11044 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:9539 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:8868181 (8.4 MiB)  TX bytes:3991105 (3.8 MiB)
>           Interrupt:18 Base address:0x8000
> 
> eth2      Link encap:Ethernet  HWaddr 00:40:F4:98:DB:E9
>           inet addr:192.168.2.40  Bcast:192.168.2.255 
> Mask:255.255.255.0
>           inet6 addr: fe80::240:f4ff:fe98:dbe9/64 Scope:Link
>           UP BROADCAST MULTICAST  MTU:1500  Metric:1
>           RX packets:75 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:73 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:5935 (5.7 KiB)  TX bytes:14586 (14.2 KiB)
>           Interrupt:19 Base address:0xa000
> 
> lo        Link encap:Local Loopback
>           inet addr:127.0.0.1  Mask:255.0.0.0
>           inet6 addr: ::1/128 Scope:Host
>           UP LOOPBACK RUNNING  MTU:16436  Metric:1
>           RX packets:329 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:329 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:69191 (67.5 KiB)  TX bytes:69191 (67.5 KiB)
> 
> route
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use 
> Iface
> 192.168.2.0     *               255.255.255.0   U     0      0        0 
> eth1
> 192.168.2.0     *               255.255.255.0   U     0      0        0 
> eth2
> 192.168.0.0     *               255.255.254.0   U     0      0        0 
> eth0
> link-local      *               255.255.0.0     U     1002   0        0 
> eth0
> link-local      *               255.255.0.0     U     1003   0        0 
> eth1
> link-local      *               255.255.0.0     U     1004   0        0 
> eth2
> default         mitht2.imt.ru   0.0.0.0         UG    0      0        0 
> eth0
> 
> sysctl net.ipv4.ip_forward
> net.ipv4.ip_forward = 1
> 
> iptables -L -t nat
> Chain PREROUTING (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain POSTROUTING (policy ACCEPT)
> target     prot opt source               destination
> MASQUERADE  all  --  anywhere             anywhere
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> cat /etc/sysconfig/iptables
> # Generated by iptables-save v1.4.3.1 on Tue Sep  1 23:36:23 2009
> *nat
> :PREROUTING ACCEPT [1264:158963]
> :POSTROUTING ACCEPT [96:14688]
> :OUTPUT ACCEPT [462:49878]
> -A POSTROUTING -o eth0 -j MASQUERADE
> COMMIT
> # Completed on Tue Sep  1 23:36:23 2009
> # Generated by iptables-save v1.4.3.1 on Tue Sep  1 23:36:23 2009
> *filter
> :INPUT ACCEPT [7849:1116249]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [1219:189475]
> -A FORWARD -i eth0 -j ACCEPT
> -A FORWARD -i eth1 -j ACCEPT
> -A FORWARD -i eth2 -j ACCEPT
> COMMIT
> # Completed on Tue Sep  1 23:36:23 2009
> 
> Window$ laptop has 192.168.2.30 address and uses 192.168.2.20 (eth1 IP) 
> as gateway. DNS is the same as on F11 machine.
> I've tried to set up 192.168.2.50 as IP for ubuntu laptop with default 
> gateway of eth2 IP address: 192.168.2.40. It doesn't work. When I'm 
> trying to ping 192.168.2.50 from F11 the result is:
> ping 192.168.2.50
> PING 192.168.2.50 (192.168.2.50) 56(84) bytes of data.
> >From 192.168.2.20 icmp_seq=2 Destination Host Unreachable
> >From 192.168.2.20 icmp_seq=3 Destination Host Unreachable
> >From 192.168.2.20 icmp_seq=4 Destination Host Unreachable
> ^C
> As I can understand packets go from wrong IP. Namely, from eth1 when I 
> would like them to go from eth2.
> How to fix that?
> Thank you for your attention!
> Respectfully
> --
> Hiisi.
> Registered Linux User #487982. Be counted at: http://counter.li.org/
> 




More information about the users mailing list