[rhn-users] ip_forward problem

Raymundo M. Vega rmvega at san.rr.com
Thu Sep 9 19:09:35 UTC 2004 

This is a routing problem, routers know nothing about
private/public addresses, they route based on destination
address and best match (if any) in its routing table, it
is true that today a typical router configuration suppress
advertising addresses in the RFC1918, the one missing bellow
is 172.16.0.0/12

i think that what you are seeing, is that once you enable
routing, NAT is disabled because routing happens before
NAT and the Internet gateway you use do not have route
back to your 192.168.0.0/24 network.

Because of this routing issue, it makes little sense to use
the 192.168 address outside you local network, this address will
not be NAT'd and there is no route back to the host using it.

raymundo

Corné Beerse wrote:
> diego soares wrote:
> 
>> Hello to all.  I am with a well strange problem and I do not know
>> more what to make. 
>> I have an ADSL sharing the Internet for the internal
>> net.  The modem is in eth0 with IP 10.0.0.140 the net
>> is in eth1 with IP 192.168.0.1
>> Has squid making proxy/cache, everything functioning
>> perfectly.  But at the active moment that I
>> ip_forward(echo 1 >/proc/sys/net/ipv4/ip_forward)
>> constraint everything!  ping for out is not, traceroute done of the 
>> proper
>> server and of you scheme them of the net stop in the
>> IP of modem(10.0.0.138)
>> If I to disactivate (echo 0 >/proc/sys/net/ipv4/ip_forward) return 
>> everything to function Have only this rule in
>> iptables iptables -t nat -A POSTROUTING -s 0.0.0.0 -o eth0 -j
>> SNAT --to 10.0.0.140
>>
>> somebody can help me?
> 
> 
> I think this is in the used IP range... Both the 10.x.y.z addresses and 
> the 192.168.a.b are so-called private ranges (there is an other one in 
> the B-class, don't know it by head). By default, most routers are 
> configured not to route these addresses, except when direct connected.
> 
> To solve this, you might need to configure hard-routes. Most easy: use 
> the gateway on the remote network as gatway on the local network and 
> define a static route to that remote gateway. There are many other ways 
> to address this.
> 
> Best to check your provider for how to configure a router at your side. 
> Good change that you get an other IP address on your internet-side. If 
> you are not allowed to, then your provider is realy cheap on IP 
> addresses, get an other provider.
> 
> 
> CBee
> 
> 
> _______________________________________________
> rhn-users mailing list
> rhn-users at redhat.com
> https://www.redhat.com/mailman/listinfo/rhn-users
>

More information about the rhn-users mailing list