Setting up a FC3 gateway
Alexander Dalloz
ad+lists at uni-x.org
Thu Mar 31 00:36:58 UTC 2005
Am Do, den 31.03.2005 schrieb Thiago Guzella um 1:19:
> I am running FC3 x86_64 on a DSL-connected pc, which works great by
> itself; I have another machine running windoze XP, and would like to
> use the first pc as a gateway, so that windoze can have access to the
> network.
>
> In the linux machine, with 2 ethernet devices, eth0-> connected to
> windoze, eth1-> connected to the ADSL modem (under ppp0), eth0 is set
> with ip address 192.168.1.1, netmask 255.255.255.0, and eth1 is set by
> adsl-setup... The windoze pc has an ip address 192.168.1.2, netmask
> 255.255.255.0, gateway 192.168.1.1 ( = the FC3 ip address).
Given that you didn't accidentally mistyped there anywhere with the
network mask i.e.
> Using this setup, windoze can ping linux, but linux can't ping windoze
> (no response). I even tried running ping with -I eth0 with no luck :(
ping isn't that reliable swiss knife tool as many treat it for. Even the
Windows® "personal firewall" (!sic) can be interfering when running in
what some people call (attention: buzzword) "stealth mode". Often dead
minded and a shoot in the own feet to silently drop all ICMP packets.
> Well, i started doing the usual stuff in order to set the gateway under fedora:
> 1) enabling ip_forwarding on /etc/sysctl.conf
> 2) modprobing iptables_nat
> 3) adding iptables masquerading rules to table nat (iptables -t nat -A
> POSTROUTING -o ppp0 -j MASQUERADE)
>
> needless to say that windoze remains unconnected... what am I missing????
I could imagine you are missing the correct default route. What does
"route -n" tell you? You shouldn't have set a GATEWAY neither in
/etc/sysconfig/network-scripts/ifcfg-eth[0,1] nor in
/etc/sysconfig/network. But /etc/sysconfig/network-scripts/ifcfg-ppp0
should contain a "DEFROUTE=yes" entry.
Before testing the gateway functionality make sure the Fedora gateway
itself can reach outside hosts, i.e. using "telnet www.google.com 80".
If not possible, then you might have a DNS misconfiguration, using the
wrong DNS servers. Check then /etc/resolv.conf.
On the LAN clients make sure the DNS are set too correctly, either
pointing to your ISP's DNS servers or your own if running a caching
nameserver. Another problem can be the size of MTU and MSS, but this is
more a problem with specific net targets and the size information should
be given by your ISP if they differ much from usual (MTU 1492 for ppp
device and MSS of 1452/1436).
> Thiago dos Santos Guzella
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.10-1.771_FC2smp
Serendipity 02:23:52 up 23:50, 18 users, 0.70, 0.53, 0.47
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050331/0a50bf23/attachment-0001.sig>
More information about the fedora-list
mailing list