Networking problem, possible solution?

[MLS100]

Ok, heres what I want done:

I have 4 computers in my house, I have 5 IPs available from my ISP, I do NOT want to NAT a single IP for all 4 computers. I have cablemodem>Linux>Switch>3 other computers. I want my external interface on Linux, lets call it eth0, to grab 4 IPs via DHCP, eth0 grabs one IP, that one will only go to Linux itself, eth0:0 grabs another and 1:1 NATs to computer 1, ie 192.168.0.2, then eth0:1 grabs another and 1:1 NATs to computer 2, etc. This way I have 4 unique IPs, so I can connect to outside the lan game servers with no NAT issues (because the comps are actually different WAN ips). I should also be able to have a server running on comp 1 and comp 2 on the same port with no issues. This is my theoretical setup. Is this possible and will it work? and if so... Does anyone know how to set this up via iptables? Do I need to hire a professional?

/MLS

[NeddySeagoon]

MLS100,

Since you want all ports open (no firewall) the easiest way to do this is to buy a switch and plug all the PCs and your upstream link into the switch.

If you really want to do this in software, you need to look into aliasing, but I'm not aware of a way to get multiple addresses allocated using DHCP.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.

[grimshaw]

I agree with Neddy that the simplest solution is get a crossover cable and plumb the switch into the cable modem.

It is possible to do this through the linux box using iptable forward statements and prerouting.

IN_IFACE="eth1"
OUT_IFACE="eth0"
LOCALNET="192.168.0.0/24"
REALIP1="x.10.10.10"
INSIDEPC1="192.168.0.10"

iptables -I FORWARD -i $IN_IFACE -s $LOCALNET -j ACCEPT
iptables -I FORWARD -i $OUT_IFACE -d $LOCALNET -j ACCEPT
iptables -t nat -D PREROUTING -i $OUT_IFACE -d $REALIP1 -j DNAT --to $INSIDEPC1

Just add lines for the remaining IP addresses.

However, if gaming is your goal though and you have some games using UPNP (Rainbow six3: raven shield and dungeon siege both use UPNP), it starts to get complicated.

Cheers.

- John
_________________
All that is necessary for the triumph of evil is that good men do nothing.
-- Edmund Burke (1729-1797)

[grimshaw]

Oh and you will need to make virtual interfaces on the external NIC with the other real IPs so the router upstream can find you.

- John
_________________
All that is necessary for the triumph of evil is that good men do nothing.
-- Edmund Burke (1729-1797)

[MLS100]

That is what I have currently setup (cable modem>switch>4 computers), however I have problems using windows file sharing if all the machines don't have the same gateway, and I'd rather not share through the comcast router anyways. This way I can keep LAN traffic internal, no?

/MLS

[NeddySeagoon]

MLS100,

If you are using a switch (not a hub) packets only go where they are needed, so its not a problem
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.

[MLS100]

Well it must be a crappy switch then, because if the computer running samba is not on the same gateway as one of my windows ones, the windows one can't reach the samba server. Are you saying I need a better switch? I figured this was normal. For reference its a Linksys EZXS55W. http://www.linksys.com/products/product.asp?prid=149&scid=31

/MLS

[NeddySeagoon]

MLS100,

That switch should be fine.

It sounds like a routing problem.
Explain the network setup that doesn't work and post the routing table
and ifconfig (or windows equivelent) from the two PCs that should communicate but don't.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.

[MLS100]

Current network setup is as follows:

Linux: 24.100.0.5 Gateway: 24.100.0.1
Computer2: 24.200.0.5 Gateway: 24.200.0.1
Computer3: 24.100.0.70 Gateway: 24.100.0.1
Computer4: 24.50.0.5 Gateway: 24.50.0.1

All IPs grabbed via DHCP. Now Computer 3 can connect to and use windows file sharing just fine on Linux, however computer 2 and 4 cannot. If I release my ip on either 2 or 4 (or both) and get an IP on the same gateway as Linux, then it works fine. Physical setup is:

Cablemodem>Switch>4 Computers like Neddy suggested.

What would totally solve this problem is if Samba had IPX support, but oh well when its free you can't complain (too much).

/MLS

[NeddySeagoon]

MLS100,

Computers 1 (linux) and 3 are on the same subnet, therefore have no problems passing packets backwards and forwards

Computers 2 and 4 are on unique (to you) subnets.

You need to tell computers 2 and 4 how to reach computer 1 and computer 1 how to reach 2 and 4, so that you can pass packets in both directions. Both ends have to be right for ping to work

You need to add a route on computer 2, that in linux would be

[MLS100]

[kashani]

Nah it's much easier to assign all machines a secondary static IP from non routable IP space.

[MLS100]

Whoa, that works?! I will try that tomorrow. Thanks! Does it require any setup beyond assigning the IPs? Can you be more specific please

/MLS

[NeddySeagoon]

MLS100,

The routes I posted should work and keep the traffic local. Your current set up should work too but the data goes up and down your DSL link.

The secondary IP addresses will work too. If you don't have DHCP running to allocate the secondary addresses, you can either use the IP addresses to navigate the network or populate the /etc/hosts file on each PC to allow you to use names.

Follow the format of the existing entry in /etc/hosts. That entry is key to normal operation, so don't mess with it.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.

[kashani]