This must be the easiest question ever, but I''ve been stumped for days. I can''t seem to get my Linux box to route traffic through to my Win box. What I have is: T1 Gateway : 100.0.0.1 eth1 (Connected to gateway) : 100.0.0.2 eth2 (Connected to Win) : 100.0.0.3 Win box : 100.0.0.202 (eth0 is connected to DSL, but that doesn''t matter for now) for the rules, I have: 0: from all lookup local 32766: from all lookup main 32767: from all lookup 253 for the routes I have: 100.0.0.202 dev eth2 proto kernel scope link src 100.0.0.3 100.0.0.1 dev eth1 proto kernel scope link src 100.0.0.2 127.0.0.1 dev lo scope link default via 100.0.0.1 dev eth1 All I''m trying to do is to get the Windows machine to be able to use the Internet. I''ve read everything I could find, but I can''t seem to get it to work. I''ve tried ''echo 1 > /proc/sys/net/ipv4/ip_forward'', flushing the cache, reading the adv routing howto over and over, but I can''t seem to get this to work. Any sugestions? Thanks, Fei Lung $ chown flung universe =======================================================================Easy and free access to your email anywhere! http://www.starten.net/mail ========================================================================
On Fri, Mar 02, 2001 at 05:05:50PM -0500, Fei Lung wrote:> This must be the easiest question ever, but I''ve been stumped for > days. I can''t seem to get my Linux box to route traffic through > to my Win box. What I have is:The problem is that your Windows box doesn''t have a publically routable IP address, probably. Search with google.com on ''rusty three line guide masquerading'' - this will allow your windows box to roam the internet using the IP address of your gateway. If you *do* have routable IP addresses for yuur subnet, your gateway needs to know where to send data intended for your subnet. IP is very much a two-way thing. Regards, bert -- http://www.PowerDNS.com Versatile DNS Services Trilab The Technology People ''SYN! .. SYN|ACK! .. ACK!'' - the mating call of the internet
My Windows box does have a publicly routable IP address. Actually, I have a /24 subnet and I aws just using the windows box to test with before I take the network down to install the machine as a router. In the future, after I get this working, I will add a DSL line to it, but first, I need to get the forwarding working. Thanks, Fei Lung At Friday, 2 March 2001, bert hubert <ahu@ds9a.nl> wrote:>On Fri, Mar 02, 2001 at 05:05:50PM -0500, Fei Lung wrote: >> This must be the easiest question ever, but I''ve been stumped for >> days. I can''t seem to get my Linux box to route traffic through >> to my Win box. What I have is: > >The problem is that your Windows box doesn''t have a publically routableIP>address, probably. Search with google.com on ''rusty three line guide >masquerading'' - this will allow your windows box to roam the internetusing>the IP address of your gateway. > >If you *do* have routable IP addresses for yuur subnet, your gatewayneeds>to know where to send data intended for your subnet. IP is very much a >two-way thing. > >Regards, > >bert > >-- >http://www.PowerDNS.com Versatile DNS Services >Trilab The Technology People >''SYN! .. SYN|ACK! .. ACK!'' - the mating call of the internet >=======================================================================Easy and free access to your email anywhere! http://www.starten.net/mail ========================================================================
Fei Lung wrote:> > This must be the easiest question ever, but I''ve been stumped for > days. I can''t seem to get my Linux box to route traffic through > to my Win box. What I have is: > > T1 Gateway : 100.0.0.1 > eth1 (Connected to gateway) : 100.0.0.2 > eth2 (Connected to Win) : 100.0.0.3 > Win box : 100.0.0.202 > (eth0 is connected to DSL, but that doesn''t matter for now) > > for the rules, I have: > 0: from all lookup local > 32766: from all lookup main > 32767: from all lookup 253 > > for the routes I have: > 100.0.0.202 dev eth2 proto kernel scope link src 100.0.0.3 > 100.0.0.1 dev eth1 proto kernel scope link src 100.0.0.2 > 127.0.0.1 dev lo scope link > default via 100.0.0.1 dev eth1 > > All I''m trying to do is to get the Windows machine to be able to > use the Internet. I''ve read everything I could find, but I can''t > seem to get it to work. I''ve tried ''echo 1 > /proc/sys/net/ipv4/ip_forward'', > flushing the cache, reading the adv routing howto over and over, > but I can''t seem to get this to work. Any sugestions? > > Thanks, > Fei Lungdoes your win box have your linux box set as it''s default gw? can you get any packets through? What does `ipchains -L forward` say? does it default to "accept"? Please give more info, and details on what tests have been tried and failed. Mike
I am using kernel 2.4.1. Iptables shows accept for input, forward, output. The Windows machine has the Linux machine as the gateway. From the windows machine, I can ping the IPs on the linux machine, but I cannot ping the T1 gateway. From the linux machine, I can go out the T1. Thanks, Fei Lung At Friday, 02 March 2001, Mike Fedyk <mfedyk@matchmail.com> wrote:>Fei Lung wrote: >> >> This must be the easiest question ever, but I''ve been stumped for >> days. I can''t seem to get my Linux box to route traffic through >> to my Win box. What I have is: >> >> T1 Gateway : 100.0.0.1 >> eth1 (Connected to gateway) : 100.0.0.2 >> eth2 (Connected to Win) : 100.0.0.3 >> Win box : 100.0.0.202 >> (eth0 is connected to DSL, but that doesn''t matter for now) >> >> for the rules, I have: >> 0: from all lookup local >> 32766: from all lookup main >> 32767: from all lookup 253 >> >> for the routes I have: >> 100.0.0.202 dev eth2 proto kernel scope link src 100.0.0.3 >> 100.0.0.1 dev eth1 proto kernel scope link src 100.0.0.2 >> 127.0.0.1 dev lo scope link >> default via 100.0.0.1 dev eth1 >> >> All I''m trying to do is to get the Windows machine to be able to >> use the Internet. I''ve read everything I could find, but I can''t >> seem to get it to work. I''ve tried ''echo 1 > /proc/sys/net/ipv4/ip_forward'',>> flushing the cache, reading the adv routing howto over and over, >> but I can''t seem to get this to work. Any sugestions? >> >> Thanks, >> Fei Lung >does your win box have your linux box set as it''s default gw? canyou get any>packets through? > >What does `ipchains -L forward` say? does it default to "accept"? > >Please give more info, and details on what tests have been triedand failed.> >Mike > >_______________________________________________ >LARTC mailing list / LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/>=======================================================================Easy and free access to your email anywhere! http://www.starten.net/mail ========================================================================
Fei Lung wrote:> > I am using kernel 2.4.1. Iptables shows accept for input, forward, > output. The Windows machine has the Linux machine as the gateway. > >From the windows machine, I can ping the IPs on the linux machine, > but I cannot ping the T1 gateway. >Whenever I get something like this, I either run ipchains or netfilter with the check command, or add accounting rules and see where the packets stop. The latter is only useful if you can make a rule specific enough to distinguish between other traffic that may go through your firewall. Please try the accounting rules, and see if you can find where the packets stop. Mike
On Fri, Mar 02, 2001 at 05:40:04PM -0500, Fei Lung wrote:> My Windows box does have a publicly routable IP address. Actually, > I have a /24 subnet and I aws just using the windows box to test > with before I take the network down to install the machine as a router. > In the future, after I get this working, I will add a DSL line > to it, but first, I need to get the forwarding working.Run tcpdump on all your interfaces and see where your packets are or aren''t going. regards, bert -- http://www.PowerDNS.com Versatile DNS Services Trilab The Technology People ''SYN! .. SYN|ACK! .. ACK!'' - the mating call of the internet