Setting up a FC3 gateway

Thiago Guzella thiago.guzella at gmail.com
Thu Mar 31 20:54:16 UTC 2005 

> ping isn't that reliable swiss knife tool as many treat it for. Even the
> Windows(r) "personal firewall" (!sic) can be interfering when running in
> what some people call (attention: buzzword) "stealth mode". Often dead
> minded and a shoot in the own feet to silently drop all ICMP packets.

good to know...

> I could imagine you are missing the correct default route. What does
> "route -n" tell you? 

route -n returns (eth0-> connected to a LAN client; eth1-> connected
to the adsl modem (ppp0)):
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
200.217.50.131  0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth1
0.0.0.0         200.217.50.131  0.0.0.0         UG    0      0        0 ppp0

> You shouldn't have set a GATEWAY neither in
> /etc/sysconfig/network-scripts/ifcfg-eth[0,1] nor in
> /etc/sysconfig/network. But /etc/sysconfig/network-scripts/ifcfg-ppp0
> should contain a "DEFROUTE=yes" entry.

/etc/sysconfig/network-scripts/ifcfg-ppp0 has a defined route; 
/etc/sysconfig/network-scripts/ifcfg-eth[0,1] and
/etc/sysconfig/network don't.

> Before testing the gateway functionality make sure the Fedora gateway
> itself can reach outside hosts, i.e. using "telnet www.google.com 80".
> If not possible, then you might have a DNS misconfiguration, using the
> wrong DNS servers. Check then /etc/resolv.conf.

The internet connection from the gateway itself works perfectly; in
fact, that's where I am answer your message...

> On the LAN clients make sure the DNS are set too correctly, either
> pointing to your ISP's DNS servers or your own if running a caching
> nameserver. Another problem can be the size of MTU and MSS, but this is
> more a problem with specific net targets and the size information should
> be given by your ISP if they differ much from usual (MTU 1492 for ppp
> device and MSS of 1452/1436).

the LAN client is set to use the gateway's IP as primary DNS server,
and another external, reliable server as secondary...

-- 
Thiago dos Santos Guzella
Electrical Enginnering Student - UFMG (www.ufmg.br), Brazil 
Linux User #354160
UIN: 13465286. Jabber: tguzella @ jabber.org

"Faith: not wanting to know what is true." 
Friedrich Nietzsche

More information about the fedora-list mailing list