Re: nat and dhcp
On Sunday 21 March 2004 03:13, uzoma nwosu wrote:
> I'm trying to turn my debian box into nat server. So far, I've got the
> kernel configured with all the netfilter stuff that the IP
> Masquerade-howto on tldp.org said (I'm running 2.4.24, with sarge/sid).
> I've installed dhcpd and it seems to run fine.
> So here's my problem: my laptop (which has a dhcp client thats works on
> campus) can ping my deskstop but that's all. It can't reach the net.
> I have done the echo 1 >/proc/sys/net/ipv4/ip_forward thing to turn it
> on and still nothing. So here is my dhcp.conf and my
> /etc/network/interface file snippets. ANY help would be greatly
> appreciated.
I am not sure I understood all your snippets, but some things that didn't see
correct.
Your dhcpd.conf is not telling your laptop what the default route is. Here is
mine, and I have NOT commented out the router statement. NOTE also, I am
providing nameserver addresses (see discussion below)
shared-network home-net {
option domain-name "home";
option domain-name-servers 192.168.0.20, 192.168.0.10;
option subnet-mask 255.255.255.0;
default-lease-time 21600;
max-lease-time 86400;
authoritative;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.40 192.168.0.59;
option routers 192.168.0.10;
}
...
The second problem is that you seem to be allocated 192.168.0.1 when it is the
static address of your dhcpd server. See how I allocate 40-59 as server
addresses generically - and I also add specific addresses - my configuration
goes on ...
# The following are hosts which require a fixed ip-address (for instance
# so that NAT can direct things to them)
#
host roo {
hardware ethernet 00:50:da:ec:83:9a;
fixed-address roo.home;
}
host rabbit {
hardware ethernet 00:06:5b:b7:9c:35;
fixed-address rabbit.home;
}
... etc for more
Essentially in my case , 192.168.0,10 is the NAT gateway (its actually a
netgear box) and also is a nameserver cache for the internet (it actually
gets nameserver addresses from my isp when -it- boots up and does its own
dhcp request.
I have a separate debian server on 192.168.0.20. This contains the dhcpd
server you see the config file, but also the nameserver (bind) for the
internal (*.home) addresses. The dhcpd server gets the actually ip addresses
to allocate out for these hosts from the nameserver when it recognises the
hardware ethernet addresses.
>
> king:/proc/sys/net/ipv4# more /etc/dhcpd.conf
> #
> # Sample configuration file for ISC dhcpd for Debian
> #
> # $Id: dhcpd.conf,v 1.4.2.2 2002/07/10 03:50:33 peloy Exp $
> #
>
> # option definitions common to all supported networks...
> option domain-name "mytalon.com";
> #option domain-name-servers king.mytalon.com;
>
> option subnet-mask 255.255.255.0;
> default-lease-time 600;
> max-lease-time 7200;
>
> #my declared subnet for eth1
> subnet 192.168.0.0 netmask 255.255.255.0 {
> range 192.168.0.1 192.168.0.10;
> option broadcast-address 192.168.0.255;
> # option routers prelude.fugue.com;
> }
Here is parts of my /etc/network/interfaces. Please note I have two ethernet
cards in this box - because it used to act as the NAT gateway as well. Eth0
is no longer performing that role and is not brought up at the moment but the
iface stanza does show how to start the firewall as you bring up the
interface (/etc/firewall is an iptables scripts I made). It also shows
(commented out) how to put two interfaces on one card (because I wanted to
migrate my 10.0.10.x network to 192.168.0.x network).
#auto eth0
auto eth1
#auto eth1:1
# This is the network card for connecting from the outside (MAC address
registered)
iface eth0 inet dhcp
pre-up /etc/firewall $IFACE
pre-up echo 1 > /proc/sys/net/ipv4/ip_forward
iface eth1 inet static
address 192.168.0.20
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.10
#iface eth1:1 inet static
# address 10.0.10.100
# netmask 255.255.255.0
>
> king:/proc/sys/net/ipv4# more /etc/network/interfaces
> # /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
>
> # The loopback interface
> auto lo
> iface lo inet loopback
>
> # The first network card - this entry was created during the Debian
> installation
> auto eth0
> iface eth0 inet dhcp
>
> #Second network card - 3Com vortex
> auto eth1
> iface eth1 inet static
> address 192.168.0.1
> netmask 255.255.255.0
> network 192.168.0.0
> broadcast 192.168.0.255
>
>
> Something else that I don't completely understand (this is my first time
> ever creating a network) is that my laptop picks up 192.168.2.1 from
> DHCPACK when ifup eth0. Shouldn't it receive on 192.168.0.1?
Are you filtering out the dhcp requests and responses coming through your
gateway. It may be coming from whatever your gateway is connected to.
>
> thanks,
>
> Uzoma
--
Alan Chandler
alan@chandlerfamily.org.uk
First they ignore you, then they laugh at you,
then they fight you, then you win. --Gandhi
Reply to: