[K12OSN] Blocked net access

Petre Scheie petre at maltzen.net
Fri Jan 12 14:35:29 UTC 2007 


Les Mikesell wrote:
> John Lucas wrote:
>> On Friday 12 January 2007 04:32, Nakashima wrote:
>>> Hi all,
>>> New install of K12LTSP 6 taking all defaults.
>>> Both Windows and Mac OS boxes connected to Eth0 switch can't get to the
>>> net.
>>> Clients connected to Eth0 switch have no problem getting to the net.
>>> Any ideas?
>>> Thanks  :-)
>>> --Peter
>>>
>>
>> Yes. Unless changes are made, your LTSP server is not set up as a 
>> router and won't pass packets from the "inside" network to the 
>> "outside" network. The terminals run processes on the server, which 
>> has access to both networks, but non-terminals attached to the 
>> "inside" do not have access to the outside.
>> To keep the PCs on the inside and allow them out, you need to make 
>> several changes:
>>
>>     - turn on packet forwarding on the server (make it a router)
>>     - give the server's inside address as a router in the DHCP stanza 
>> for the PCs
>>     - make sure you don't have an IPTables rule preventing forwarding
>>     - make sure your perimeter router knows the route back to the 
>> inside network
>>     - make sure your perimeter firewall allows the inside network to 
>> forward
>>
>> This is all basic TCP/IP networking 101 and is not specific to LTSP.
> 
> K12LTSP should come with a script to do all of this, though.  Try
>  service nat on
> to start it and
>  chkconfig nat on
> to make it start automatically at boot up.  Your other routers shouldn't
> need to know about the eth0 address range because outgoing packets
> nat to the eth1 address.  I thought this was normally set up during
> a default install.
> 
I've noticed that NAT gets itself turned off if eth0 isn't connected to a switch at boot 
time, or if I unplug eth0 for an extended amount of time.  Usually, 'ifdown eth0; ifup 
eth0; service NAT restart' fixes it.  And yes, the K12LTSP server is setup to 
automatically act as a router, and handle all the networking correctly automatically.  I 
just have a tendency to unplug things and mess things up temporarily.

Petre

More information about the K12OSN mailing list