On Mon, 25 Dec 2000, Aaron Solochek wrote: [snip description of machines] > What I want to do is get machine B's packets through to machine C. > Ideally, machine B would have a realworld ip -- a setup where > machine A listened for 2 real ips, and forwarded all packets for one > out over its eth1 on the 10.0.10.* network. However, I will settle > for the easiest solution which allows machine B to be on the > network.
Exactly: you need machine A to listen for 2 "real" IPs. Masquerading alone will not do what you described, because it has multiple machines share only one "real" IP. The easiest-sounding solution (and the only one I've ever used :) is proxy ARP. With proxy ARP, you add an entry for machine B's IP address into machine A's ARP table, so that A takes responsibility for that address on the network hooked up to eth0. > I've read a million howto's, and I had a setup working a few months > ago, but it was doing so masqurading. [snip] Well, Aaron, you should have read a million and two :) First, read the explanation of ARP tables and the quick example of proxy ARP in the Network Administrator's Guide: http://ibiblio.unc.edu/mdw/LDP/nag2/x-087-2-iface.verify.arp.html Then, if you need more info, the Proxy ARP Subnetting HOWTO might be helpful (since you're not doing subnetting, you can't exactly follow the examples verbatim, but whatever you need for your setup should be simpler than what's in the HOWTO): http://ibiblio.unc.edu/mdw/HOWTO/mini/Proxy-ARP-Subnet/index.html Also, don't forget to turn on IP forwarding (in /etc/network/options) and clean out the firewall rules from your previous attempts. Brad
