RE: DSL (SOL/DOA)

Glen Lee Edwards Sun, 27 Aug 2000 20:35:29 -0700
Tom,

Not sure if this will help, but I couldn't get the routing to work using
linuxconf.  I set it up using the "route" command. man route.

The following is one way to do it:

$ route -n
Kernel IP routing table
Destination   Gateway      Genmask         Flags Metric Ref  Use Iface
10.0.0.1      10.0.0.2     255.255.255.255 UGH   0      0      0 eth0
192.168.1.11  192.168.1.10 255.255.255.255 UGH   0      0      0 eth1
192.168.1.12  192.168.1.10 255.255.255.255 UGH   0      0      0 eth1
127.0.0.0     0.0.0.0      255.0.0.0       U     0      0      0 lo
0.0.0.0       10.0.0.1     0.0.0.0         UG    0      0      0 eth0
 
eth0 address in Linux box is 10.0.0.2
eth1 address in Linux box is 192.168.1.10
eth0 address in the DSL router is 10.0.0.1 (this was automatically set
by DHCP in the router).
Other LAN addresses are 192.168.1.11 and 192.168.1.12

In the above setup 10.0.0.1, the LAN side of the DSL router address, is
set as the default gateway to the Internet (the bottom line).  To get
there 10.0.0.2 (eth0 on the Linux box) is set as the gateway to the HOST
10.0.0.1 (the LAN side of the DSL router) (the top line above). These two
lines gave me access to the Internet from my Linux box through my DSL
modem, but my LAN didn't work.

Instead of setting up a second network access through the routing table
for my LAN (couldn't get it to work) I gave the kernel instructions on how
to access each individual computer on the LAN:

192.168.1.11  192.168.1.10 255.255.255.255 UGH   0      0      0 eth1
192.168.1.12  192.168.1.10 255.255.255.255 UGH   0      0      0 eth1

"route add -host 192.168.1.11 gw 192.168.1.10 netmask 255.255.255.255 dev
eth1"

This tells the kernel that 192.168.1.10 (eth1) is the gateway to the host
192.168.1.11.

Now what's left is setting up packet forwarding through Linux.  To do this
you need to set your Linux box up as a firewall, proxy, or gateway.  The
easiest and least secure is to set up IP masquerading.  I won't try to
describe those.  There's plenty of documentation on how to do this on the
Internet.

Glen

On Mon, 21 Aug 2000, Burke, Thomas G. wrote:

>I've been watching this discussion with real interest, as I plan on
>upgrading to something quicker than 56k sometime in the "near" future...
>
>My concern/question is this:  Server masq's the internal (nonroutable)
>network onto another "internal" (nonroutable) network (say from 192.168.68.x
>to 10.0.0.x)....  Does the modem just forward anything that lands on it's
>interface to the outside world, with the exact same port no?
>
>Also, how do you tel the server to send things that way?  Set a default
>route to 10.0.0.1?
>
>It seems that there could be some problems with having two nonroutable
>networks in a row...
>
>> -----Original Message-----
>> From:        Charles Galpin [SMTP:[EMAIL PROTECTED]]
>> Sent:        Monday, August 21, 2000 9:46 AM
>> To:  redhad-list
>> Subject:     Re: DSL (SOL/DOA)
>> 
>> 
>> 
>> On Sat, 19 Aug 2000, Stephen E. Hargrove wrote:
>> 
>> > Okay, I've taken everyone's recommendations to heart concerning eth0,
>> > eth1 and my private network.  I can access all machines locally, but IP
>> > Masquerade isn't working (i.e., I can't ping outside of 192.168.2.0
>> > UNLESS I'm working from 192.168.2.1, in which case I can access both the
>> > private network and the Internet).  I've set up the following:
>> > 
>> > eth0: 192.168.2.1
>> > eth1: 192.168.1.10
>> > 
>> > 192.168.2.x is now my private network.  192.168.1.x relates to the
>> > outside world.  eth1 is set to 192.168.1.10 because it connects to my
>> > DSL modem/router which is set to 192.168.1.254. 
>> <snip>
>> > /etc/rc.d/rc.dsl contains my ipchains commands for setting up IP
>> > Masquerade.  In addition to the normal IP Masq commands (/sbin/depmod
>> > -a, /sbin/modprobe ip_masq_ftp, etc.), the following is executed:
>> > /sbin/ipchains -P forward DENY
>> > /sbin/ipchains -A forward -s 192.168.1.10/24 -j MASQ
>> 
>> Here is your problem. You are masquerading the *internal* network which is
>> 192.168.2.x So, try
>> 
>> /sbin/ipchains -A forward -s 192.168.2.0/24 -j MASQ
>> 
>> hth
>> charles
>> 
>> 
>> 
>> _______________________________________________
>> Redhat-list mailing list
>> [EMAIL PROTECTED]
>> https://listman.redhat.com/mailman/listinfo/redhat-list
>
>
>
>_______________________________________________
>Redhat-list mailing list
>[EMAIL PROTECTED]
>https://listman.redhat.com/mailman/listinfo/redhat-list
>



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
RE: DSL (SOL/DOA)

Reply via email to
