NAT-setup: modification requared

jaivuk jaivuk at googlemail.com
Wed Sep 2 09:24:46 UTC 2009 

Or your third option is to setup a bridge between eth1 and eth2. It means
you will bind eth1 and eth2 together to form a "virtual switch" or bridge.
Bridge will create its own virtual interface and then you should delete any
IP addresses from the eth1 and eth2 and set just one IP address on the
bridge interface. This solution is similar to the one suggested by Joerg,
apart from the fact you do not even need network switch and your devices
will be on the same network and will be able to communicate together.

Also in final, your IPtables rules won't be related to the eht1 and eth2 but
to the bridge interface - so you need to change them.

You can find more info fore example here:
http://www.linuxfoundation.org/en/Net:Bridge but I don't think you need to
compile anything - I'm pretty sure this funcionality is built-in into Fedora
for quite a long time now.

Bridge has one more advantage - if you decide to add yet another network
card - it should be pretty easy to add it into bridge.

Feel free to search google for another examples - there are lots.

jaiv

On Wed, Sep 2, 2009 at 9:45 AM, Joerg Bergmann <email at jbergmann.de> wrote:

> You should buy a network switch (about 10$), connect that to
> eth1 and connect both the clients to that switch. No further
> configuration needed, please do _not_ configure eth2.
>
> Joerg Bergmann
>
> Am Mittwoch, den 02.09.2009, 09:07 +0400 schrieb Hiisi:
> > Dear List!
> > I have F11 machine which shares WEB to small home wired network. F11
> > computer has 3 ethernet adapters - one built in motherboard (eth0,
> > 'main' adapter) and two additional cards (eth1,2). With grate help of
> > this list and even greater help of google I was able to set up NAT over
> > it. It worked perfect while there was only one client in the home
> > network - window$ laptop, connected to eth1 (eth2 was down). Now I added
> > second laptop - it runs ubuntu. I turned on eth2 and tried to do the
> > same trick with it but no lack until now. Here goes mine configuration:
> > ifconfig
> > eth0      Link encap:Ethernet  HWaddr 00:0F:EA:22:A0:2C
> >           inet addr:192.168.0.203  Bcast:192.168.1.255
> > Mask:255.255.254.0
> >           inet6 addr: fe80::20f:eaff:fe22:a02c/64 Scope:Link
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           RX packets:124015 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:25838 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:1000
> >           RX bytes:21230917 (20.2 MiB)  TX bytes:4769745 (4.5 MiB)
> >           Interrupt:19 Base address:0xe000
> >
> > eth1      Link encap:Ethernet  HWaddr 00:80:48:2E:43:9C
> >           inet addr:192.168.2.20  Bcast:192.168.2.255
> > Mask:255.255.255.0
> >           inet6 addr: fe80::280:48ff:fe2e:439c/64 Scope:Link
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           RX packets:11044 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:9539 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:1000
> >           RX bytes:8868181 (8.4 MiB)  TX bytes:3991105 (3.8 MiB)
> >           Interrupt:18 Base address:0x8000
> >
> > eth2      Link encap:Ethernet  HWaddr 00:40:F4:98:DB:E9
> >           inet addr:192.168.2.40  Bcast:192.168.2.255
> > Mask:255.255.255.0
> >           inet6 addr: fe80::240:f4ff:fe98:dbe9/64 Scope:Link
> >           UP BROADCAST MULTICAST  MTU:1500  Metric:1
> >           RX packets:75 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:73 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:1000
> >           RX bytes:5935 (5.7 KiB)  TX bytes:14586 (14.2 KiB)
> >           Interrupt:19 Base address:0xa000
> >
> > lo        Link encap:Local Loopback
> >           inet addr:127.0.0.1  Mask:255.0.0.0
> >           inet6 addr: ::1/128 Scope:Host
> >           UP LOOPBACK RUNNING  MTU:16436  Metric:1
> >           RX packets:329 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:329 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:0
> >           RX bytes:69191 (67.5 KiB)  TX bytes:69191 (67.5 KiB)
> >
> > route
> > Kernel IP routing table
> > Destination     Gateway         Genmask         Flags Metric Ref    Use
> > Iface
> > 192.168.2.0     *               255.255.255.0   U     0      0        0
> > eth1
> > 192.168.2.0     *               255.255.255.0   U     0      0        0
> > eth2
> > 192.168.0.0     *               255.255.254.0   U     0      0        0
> > eth0
> > link-local      *               255.255.0.0     U     1002   0        0
> > eth0
> > link-local      *               255.255.0.0     U     1003   0        0
> > eth1
> > link-local      *               255.255.0.0     U     1004   0        0
> > eth2
> > default         mitht2.imt.ru   0.0.0.0         UG    0      0        0
> > eth0
> >
> > sysctl net.ipv4.ip_forward
> > net.ipv4.ip_forward = 1
> >
> > iptables -L -t nat
> > Chain PREROUTING (policy ACCEPT)
> > target     prot opt source               destination
> >
> > Chain POSTROUTING (policy ACCEPT)
> > target     prot opt source               destination
> > MASQUERADE  all  --  anywhere             anywhere
> >
> > Chain OUTPUT (policy ACCEPT)
> > target     prot opt source               destination
> >
> > cat /etc/sysconfig/iptables
> > # Generated by iptables-save v1.4.3.1 on Tue Sep  1 23:36:23 2009
> > *nat
> > :PREROUTING ACCEPT [1264:158963]
> > :POSTROUTING ACCEPT [96:14688]
> > :OUTPUT ACCEPT [462:49878]
> > -A POSTROUTING -o eth0 -j MASQUERADE
> > COMMIT
> > # Completed on Tue Sep  1 23:36:23 2009
> > # Generated by iptables-save v1.4.3.1 on Tue Sep  1 23:36:23 2009
> > *filter
> > :INPUT ACCEPT [7849:1116249]
> > :FORWARD ACCEPT [0:0]
> > :OUTPUT ACCEPT [1219:189475]
> > -A FORWARD -i eth0 -j ACCEPT
> > -A FORWARD -i eth1 -j ACCEPT
> > -A FORWARD -i eth2 -j ACCEPT
> > COMMIT
> > # Completed on Tue Sep  1 23:36:23 2009
> >
> > Window$ laptop has 192.168.2.30 address and uses 192.168.2.20 (eth1 IP)
> > as gateway. DNS is the same as on F11 machine.
> > I've tried to set up 192.168.2.50 as IP for ubuntu laptop with default
> > gateway of eth2 IP address: 192.168.2.40. It doesn't work. When I'm
> > trying to ping 192.168.2.50 from F11 the result is:
> > ping 192.168.2.50
> > PING 192.168.2.50 (192.168.2.50) 56(84) bytes of data.
> > >From 192.168.2.20 icmp_seq=2 Destination Host Unreachable
> > >From 192.168.2.20 icmp_seq=3 Destination Host Unreachable
> > >From 192.168.2.20 icmp_seq=4 Destination Host Unreachable
> > ^C
> > As I can understand packets go from wrong IP. Namely, from eth1 when I
> > would like them to go from eth2.
> > How to fix that?
> > Thank you for your attention!
> > Respectfully
> > --
> > Hiisi.
> > Registered Linux User #487982. Be counted at: http://counter.li.org/
> >
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> Guidelines:
> http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/users/attachments/20090902/462c7981/attachment-0001.html

More information about the users mailing list