routing to machine with real IP address from NAT [Solved]

[psih128]

I've been configuring my gentoo box as web/file server for a while. Today I finally got a real IP address from my ISP and I changed /etc/conf.d/net with provided data (IP address is static e.g. gateway, netmask and ip address in /etc/conf.d/net)

my work box is behind NAT (I guess its correct to say so) has a static internal IP address and different gateway and netmask. after restarting eth interface everything works fine, except when I connect linux box from my work computer - connection goes thru internet with a serious lag (I got low bandwidth) instead of flowing thru lan.

How can I configure linux (or maybe windows) to make connection from work machine to my linux box go thru lan.
Both computers are connected to the same switch.

Thanks
Anton

[cyrillic]

I think there is a problem with your network topology if you have 2 machines on the same switch, and one is behind a NAT router, and the other is not.

Could you draw a diagram of what your setup looks like ?

[psih128]

My ISP gave me a cable which is connected to my switch. What is on the other end of the cable - I don't know.
On my end I have 2 computers and a set of settings: for each of them:
* ip address
* gateway
* net mask
[*] dns server

all the settings for both comps are different, including net mask. That's why I guess the traffic does not go thru LAN
do you still need a diagram or something else?

[cyrillic]

[psih128]

obviously it is not a must, since I have 2 computers with different gws and netmasks connected to the same switch, but they dont share stuff =( intuitively I understand what's happening - my NATed machine can not resolve the IP address locally and looks for it thru its gateway on the internet.
But Im shure there is a way to configure it properly.

[neocui]

So I assume your switch is also connected to a router/nat box which is connected to the internet through a different path?

[psih128]

Yes. I have 3 cords in my switch: 1 from my ISP (I don't know how it is configured on their end) and 2 from my computers with different gateways and netmasks, so the traffic flows thru routers of my ISP, which is no good

[dspahn]

Do you have custom port settings on the switch? At my office, we have a setup where many machines are on one switch, but because of the switch configuration, all traffic is routed through the uplink pot that leads to the web filter. That much sounds OK. My guess is that you have a route setup on one of the two boxes that forces information out to the Internet, or that your switch configuration puts everything out to the web before it's allowed in.

Why don't you check your iptables (or whatever firewall rules, as well as your routing table... Let us know if this helps!

[psih128]

err...
Actually I even haven't had iptables emerged until now, also I did not care much about firewalling (perhaps it's a bad idea isn't it?)

I'm no good at networking as well as linux networking (I'm no good at linux at all ) ) so could you tell me which steps should I take to configure firewall correctly, which firewall should I choose etc.. Anything to begin with.

Also it would be real nice to have a hint what kind of configuration should be performed in order to solve my initial problem

Thanks

[neocui]

Ahh I see.

I wonder if it is possible to create virtual eth devices on both of your machines and give them private IP addresses with the same netmask, so they can talk to each other through the switch. I know VMware can do that for VM's.

[psih128]

Still I've got no solution
anybody?

[psih128]

Solved by adding another IP address with different netmask using ifconfig.
Thanks for your participation!

[psih128]

ok last thing.. how to save god damn ifconfig changes??