Re: ip masquerading/subnets

bruce wrote:

if you look at the diagram again.. box2 has ath0 which is on the 192.168.1
sub (it's 1.5). box2/eth0 is on a different sub, because as i understand it,
you can't have multiple nics on the same box, on the same subnet....

Sure you can! Mikkel's advice is perfect here. Create a bridge, remove the IPs from ath0 and eth0, add the former IP of ath0 to the bridge, then add the two devices to the bridge.

Everything is now on the same subnet, including box3.

the issue is what has to be setup on box2 regarding iptables/route cmds to
allow this to all work.


On Mon, 2007-11-26 at 15:43 -0800, bruce wrote:

Hi mike..

here's my system:


   dsl box
    dlink router (
      switch  ->>>>>>>>>>>>>>+
        ^                    V
        ^                    V
        ^                    V
       box1           wireless access point (
         (eth0)               |
                                           box3 (future) (

router - (gateway)
wireless access point -
box1 (eth0)

   ath0 -
   eth0 -

   eth0 -

box1 connects to the switch, which is connected to the access point via


lan (eth) connection.

so, everything is on the 192.168.1 subnet, except the eth0 nic of box2,


the box3 that'll be added to interface with box2/eth0...

box2 has ip_forwarding set.

so my basic questions:
-what do i need to do on box2 to allow a user to
 be able to do a "ping"
-what do i need to do on box2 to allow a user on
 box1 to be able to "ping" and have a
 successful reply.

bear with me !!

box 2 and 3 should be on same subnet as box 1 ( ) because
wireless access point is not the same thing as a router.


