[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: routing setup question



Benedikt Eric Heinen wrote:
> 
> Hi there,
> 
>   I've got a problem setting up routing for two linux boxes connected to
> the Internet.
> 
> The setup used to be like this:
> 
>         ISP             My systems
> 
>         lisa.thenet.ch  icemark.thenet.ch       firefranc
> ppp0    193.135.252.75  193.135.252.47
> eth0                    192.168.101.1           192.168.101.2
> 
>   My systems are connected to each other using a fast ethernet link (3com
>   3c905TX cards), one of the two systems (icemark) is connected to the
>   Internet via a ppp link. In that setup, firefranc can't access the
>   Internet itself, but only by using proxy services on icemark.
> 
> The new setup should look like:
> 
>         ISP             My systems
> 
>         lisa.thenet.ch  icemark.thenet.ch       firefranc.thenet.ch
>                  <--- ppp0 --->          <--- eth0 --->
>         193.135.252.75  193.135.252.47          193.135.252.179
> 
>   The firefranc should get a full link onto the Internet, but how do I
>   have to set up the routing to make this work?
> 
>   I tried binding both ppp0 & eth0 on icemark to the same IP address and
>   setting icemark's default route to lisa and setting a host route to
>   firefranc. firefranc got a default route to icemark.
> 
>   The result is, that firefranc can access icemark and vice versa, and
>   icemark can access the Internet and vice versa. But I can't get
>   firefranc to get through to the Internet (also giving icemark as the
>   gateway for firefranc's default route didn't help).
> 
> I am not too knowledgable in IP routing, so I guess the mistake a made is
> probably pretty stupid - nevertheless, I'd like to know what's wrong and
> how to fix it...
> 

Well, from the looks of thenet.ch's DNS zone info, you don't
"own" a subnet, but rather just a single IP address. The reason
you can't get anything from the internet back to firefranc is
that thenet.ch's router isn't routing anything to you but packets
destined for 193.135.252.47. If you wan't to have more than one
host on your end "on" the net without using a proxy or IP 
masquerading, you'll have to negotiate with your ISP to get a 
subnet. I suggest you check out the IP masquerading HOWTO or take
a look at SOCKS.

-- 
Jens B. Jorgensen
jjorgens@bdsinc.com


Reply to: