| View previous topic :: View next topic |
| Author |
Message |
beejay
Retired Dev
Joined: 03 Oct 2002
Posts: 924
Location: Flensungen (das liegt neben Merlau)
|
 Posted: Tue Aug 12, 2003 7:18 am Post subject: Client -> Router -> Router -> WWW -- is this possib |
 |
|
I just ordered a notebook. Of course it will get a Gentoo-Installation. Now I want to do the following: My normal desktop PC is connected to the Internet via a router on eth0. It also has a second broadcom network-device onboard, that works perfectly (eth1). I want to connect my Notebook to eth1 of my desktop-pc and let this machine route the packets via its eth0 to the regular router (internet).
Is this supposed to work, and if yes, what do I need? (Never done this before)
Thanks in Advance
_________________
Dort wo schwarzer Rauch aufsteigt, sich alsbald ein Fehler zeigt.
www.paludis-sucks.org | www.gentoo.de | www.gentoo-ev.org | www.gentoo.org |
|
| Back to top |
|
 |
madchaz
l33t
Joined: 01 Jul 2003
Posts: 995
Location: Quebec, Canada
|
| Posted: Tue Aug 12, 2003 9:44 am Post subject: |
|
|
can it be done? yes 
it's a bit complex for nothing, but you can do it
just remember that your PC will have to be on for your laptop
to be able to access the internet. also, if you didn't compile it in, you will need to add iptables support into your kernel
another thing to watch for is that your 2 subnets cannot be in the same
range. so let's say the "real" router's address is 192.168.0.1 and your pc's eth0 is 192.168.0.2. you will have to use another subnet then 192.168.0.0/24 for eth1
you could use 10.0.0.0 or 192.168.1.0/24
once you have made sure you have iptables avalable in your kernel, you need to emerge iptables
you will then have to make some simple rules to forward packets from eth1 to eth0 doing NAT
it'll work, but considering you can get a 4port hub for around 30$ now a days, maybe not worth it. your call, of course
_________________
Someone asked me once if I suffered from mental illness. I told him I enjoyed every second of it. |
|
| Back to top |
|
|
Diezel
l33t
Joined: 04 Feb 2003
Posts: 600
Location: Karjaa, Finland
|
| Posted: Tue Aug 12, 2003 9:52 am Post subject: |
|
|
It's not that har at all...There are alot of good IPTable scripts out there wich you can modify for yourself. I myself run kind of the same thing. Except I have 4 computers behind my server.
So go ahead...If for nothing else you'll learn IPTabels scripting
And that can't be all to bad, right?
_________________
A bus station is where a bus stops, a train station is where a train stops. On
my desk I have a work station..
Nixadmins.net
FLUG member 473 |
|
| Back to top |
|
|
pavera
Tux's lil' helper
Joined: 27 May 2002
Posts: 84
|
| Posted: Fri Dec 19, 2003 10:08 am Post subject: |
|
|
Well, I have a good reason for doing this.
I have the following setup:
ISP------Cisco1----subnet 1---Gentoo Firewall
-------------------------------subnet 2 |
|
Cisco2---------Public IP's
|
|----------Private IPs
I have a large subnet of public IP's that Cisco2 sees through 1 interface,
he also sees a private subnet through a second interface, that he nats out his third interface this interface is connected to the gentoo firewall, which in turn is connected to Cisco1 which handles my t1 connection to my isp... now, subnet 1 and subnet 2 are subnets that I have created out of my public IP's, so eth0 and eth1 on the gentoo box are in different subnets, I do not want to do any NAT whatsoever on the gentoo box, only monitoring, and QoS, the reason I don't want any NAT, is that the public IP's behind Cisco2 need to be completely accessible from the internet and I don't want to maintain 256 static nat translations, now I can see them from the Gentoo box, I can ping through cisco 2 to get to the public IP's back there, I can ping from the public IP's and private IP's to the inside interface of the gentoo box...
I can also ping from the gentoo box out to the internet, however I cannot for the life of me get the correct IP tables rules in place to get eth0 and eth1 on the Gentoo box to forward traffic back and forth between themselves freely. (I know I should probably be using a bridge type solution here, but I tried for a week and couldn't get that working, so today I threw this much of the solution together and couldn't get any farther...) Is there any way to do this with ip tables without doing any NAT translations (IE, when a connection is made to a public IP behind Cisco 2, the client out on the internet puts in the IP of that box, not the IP of the gentoo box, and when a public IP behind Cisco 2 connects to a server on the internet, the server sees the real public IP of the client, and not the IP of the Gentoo box)? I'd imagine this has to be possible, I basically just want the gentoo box to act like a router, but its got more software on it (IDS, traffic graphing, and I'm going to put some QoS on it, once I get connectivity established)
Any help with this would be greatly appreciated. Thanks. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
