On Sat, Dec 30, 2006 at 10:01:46AM -0500, Matt Price wrote: > On 12/29/06, Andrew Sackville-West <andrew@farwestbilliards.com> wrote: > >On Fri, Dec 29, 2006 at 04:42:49PM -0500, Matt Price wrote: > >> From: Matt Price <matt.price@utoronto.ca> > >> To: TLUG <tlug@ss.org> > >> Subject: bridge eth1 to eth0? > >> Date: Fri, 29 Dec 2006 15:51:31 -0500 > >> > >> > >> hi, > >> > >> for stupid reasons I need to install via netboot on a compaq tablet > >> (hoping this will work, it's my last shot!). I have an ubuntu desktop > >> with two ethernet cards, eth0 & eth1, and have set up dhcp & tftp on > >> eth1 as documented in various places on the web, e.g. here: > >> > >> http://www.debian-administration.org/articles/478 > >> > >> > >> this works fine to a point. I have the ubuntu edgy netboot images > >> in /var/lib/tftpboot, my tablet starts up with pxe, finding the images, > >> and is ready to install but cannot find the broader internet 0-- it > >> doesn't seem to see past the eth1 subnet. So, probably a simple > >> question: how do I enable the eth1 traffic to bridge across to eth0 > >> and thus access the whole internet? I guess it has something to do with > >> ip forwarding or ip masquarading or one of those very scary and arcane > >> pieces of dark magic. > > > > > >yes its ip_forward. not scary or arcane. since you're behind a > >firewall, you may not have to do anything more than turn it on. not > >sure if it'll pass through back to you -- that may require ip > >masquerade. simple easy test: > > > >as root > > > >echo 1 > /proc/sys/net/ipv4/ip_forward > > > >and see what happens. that should immediately turn on ip forwarding. > > Thanks Andrew. I tried this to no effect (even rebooting to make sure > I wasn't missing a step somewhere). in a small network like this: [... snipping pretty ascii art...] just so you know, that hack doesn't survive a reboot. Marty's advice probably looks a little daunting, but its not that bad. basically you may need some routing tables. probably the easiest way to get what you want, without doing tons of research, is to install a firewall package like shorewall and tweak its very straightforwad config to allow all traffic. since you're behind a firewall/router already, that shouldn't be any problem. A > > > >From the Desktop I can ping 192.168.2.1, www.google.com, or the > tablet's dhcp-assigned IP address. From the laptop I can ping > 192.168.2.1, www.google.com, but not 192.168.0.1 (I suppose that's not > really surprising). From the tablet I can ping 192.168.0.1 but > nothing else. It's the third part I care about obviously -- do I > really not need any more complex set up than turning on ip_forward? > If not, then I guessthere's something messed up in the set up for the > desktop's networking. Howm ight I diagnose that? > Anyway thanks again, > > Matt > > > > > >because you're already behind a router (firewall too?) you don't need > >any other bits so that may be enough. > > > >you should google on this subject a bit. > > > >A > > > > > >-----BEGIN PGP SIGNATURE----- > >Version: GnuPG v1.4.6 (GNU/Linux) > > > >iD8DBQFFlZA0aIeIEqwil4YRAg5OAKDgkq/8t5lSaT6rxp553kLzdxoW3gCfUJAo > >0bf4D8qBnglaZ8Bj+4M2Yq8= > >=un0z > >-----END PGP SIGNATURE----- > > > > > > > > > -- > To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmaster@lists.debian.org > >
Attachment:
signature.asc
Description: Digital signature