| View previous topic :: View next topic |
| Author |
Message |
zieloo
Veteran
Joined: 28 Mar 2004
Posts: 1337
|
 Posted: Tue Dec 07, 2004 7:11 am Post subject: Two network interfaces |
 |
|
This is what I want to have;
One of my computers have access to local network (I'll call this comp. 'one'), where's dhcp server which I use to connect to the net. This workes perfectly -
and voila!
There's also computer 'two'. It's connected with 'one' with normal cable to interface eth0, and it's not a member of that local network I mentioned before.
What I want to see is to have net connect. in 'two'.
By now I've done this:
comp. 'one'
| Code: |
/etc/conf.d/net
iface_eth0="dhcp"
iface_eth1="192.168.0.1 broadcast 192.168.0.255 netmask 255.255.255.0" |
| Code: | /etc/hosts
127.0.0.1 one.homenetwork one
192.168.0.1 one
192.168.0.2 two |
Comp. 'two':
| Code: |
/etc/conf.d/net
iface_eth1="192.168.0.2 broadcast 192.168.0.255 netmask 255.255.255.0"
gateway="eth0/192.168.0.1" |
| Code: | /etc/hosts:
127.0.0.1 two.homenetwork two
192.168.0.1 one
192.168.0.2 two |
I'm able to use net on 'one' via dhcp server, and I can ping 'one' from machine 'two' (ping times in range ~0.3ms). But it's not possible to ping other that 'one' host. 'Two' does not know about it...
Now I think it's something about redirecting incoming packets from eth0 to eth1, but have no idea who to do this... Could anyone help me with this?... |
|
| Back to top |
|
 |
tumbak
Apprentice
Joined: 10 Jan 2004
Posts: 230
Location: supposedly Palestine
|
| Posted: Tue Dec 07, 2004 9:00 am Post subject: Re: Two network interfaces |
|
|
| zieloo wrote: |
Comp. 'two':
| Code: |
/etc/conf.d/net
iface_eth1="192.168.0.2 broadcast 192.168.0.255 netmask 255.255.255.0"
gateway="eth0/192.168.0.1" |
|
does computer two has 2 NIC's? if it has 1 interface I think you should change the first line to
| Code: | | iface_eth0="192.168.0.2 broadcast 192.168.0.255 netmask 255.255.255.0" |
and for computer two to see the net you will have to have NAT enabled on computer one.
and read this
_________________
less QQ more pewpew! |
|
| Back to top |
|
|
zieloo
Veteran
Joined: 28 Mar 2004
Posts: 1337
|
| Posted: Tue Dec 07, 2004 3:12 pm Post subject: |
|
|
| Quote: | does computer two has 2 NIC's? if it has 1 interface I think you should change the first line to
iface_eth0="192.168.0.2 broadcast 192.168.0.255 netmask 255.255.255.0" |
Meaning - just remove the gateway line? (comp. 'two' has only eth0 iface.)
I'll read about NAT thing...(iptables will redirect the packages through the NAT server [comp. 'one'] to the WAN, am I right?)
One more thing - don't you think the 'two' should be in an other class than the rest of the network? Should I assign it ex. IP: 192.168.1.2?
Thx for help... |
|
| Back to top |
|
|
tumbak
Apprentice
Joined: 10 Jan 2004
Posts: 230
Location: supposedly Palestine
|
| Posted: Wed Dec 08, 2004 9:04 am Post subject: |
|
|
| zieloo wrote: | | Quote: | does computer two has 2 NIC's? if it has 1 interface I think you should change the first line to
iface_eth0="192.168.0.2 broadcast 192.168.0.255 netmask 255.255.255.0" |
Meaning - just remove the gateway line? (comp. 'two' has only eth0 iface.) |
| Code: | | iface_eth1="192.168.0.2 broadcast 192.168.0.255 netmask 255.255.255.0 |
why do you set the IP for the second interface on computer 'two' when you have only one interface! note the eth1 and eth0
| Code: | | iface_eth0="192.168.0.2 broadcast 192.168.0.255 netmask 255.255.255.0 |
| Quote: | I'll read about NAT thing...(iptables will redirect the packages through the NAT server [comp. 'one'] to the WAN, am I right?)
|
right.
| Quote: | One more thing - don't you think the 'two' should be in an other class than the rest of the network? Should I assign it ex. IP: 192.168.1.2?
Thx for help... |
it will be much more easier if they have different subnets, since eth0 on computer 'one' takes its IP from dhcp I assumed you have that sorted out.
_________________
less QQ more pewpew! |
|
| Back to top |
|
|
zieloo
Veteran
Joined: 28 Mar 2004
Posts: 1337
|
| Posted: Thu Dec 09, 2004 7:05 am Post subject: |
|
|
I changed the IPs of those two comps to sth like this:
'One''s local IP: 192.168.1.100 (why not? )
'Two''s local IP: 192.168.1.200
/etc/conf.d/net on comp. 'two' is correct - surely it' got only eth0 iface.
I emerged iptables and read tons of guides and so... Now I'm, let's say, a little bit confused, cuz I don't really know what should I do with all those masquerades and source NATs...
I tried a few commands, but all this failed - probably I'm to stupid for it;)
This is what I managed to do:
| Code: | | iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE |
as eth0 is the 'out' interface, and I want to change the 'two''s IP (hopefully). Didn't work - packets reaches eth1 & they need to be send to eth0, right?
So I did:
| Code: | | iptables -A FORWARD -i eth0 -o eth0 |
Nothing again...
Then added chain with prerouting, before those above:
| Code: | | iptables - t nat -A PREROUTING -i eth1 |
Failure.
I know it's definetely not the best way to do it but all those guides were so strangely written (for me) that I can't think of any reasonable solution of this problem, now. That's why I dare ask you for some more help: could you possibly write down whether I should play with masquerading or source nat, or whatever else. Of course I'd be great if you gave me the right commands to put in which chain... Then I'll do the iptable stuff anyway (a firewall maybe?). |
|
| Back to top |
|
|
zieloo
Veteran
Joined: 28 Mar 2004
Posts: 1337
|
| Posted: Fri Dec 10, 2004 6:59 am Post subject: [Solved] Two network interfaces |
|
|
Well, maybe I was too sleepy while parforming the last operations (that in the post above), because to do all this I needed 2 simple things:
1) Running masquerade for traffic going through eth0:
| Code: | | iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE |
2) Enabled ip_forward (this is what I forgor about;P):
| Code: | | echo 1 > /proc/sys/net/ipv4/ip_forward |
After doing this things - took mi 1,5 minutes to write this & check if everyth. is ok on both computers- It Just Works [tm]. I was (and I'm still...) lets say surprised;). Gonna like iptables!
Thanks for info & help, tumbak! |
|
| Back to top |
|
|
|
Networking & Security
