Re: Some questions about IP Masquerading

To: Mark Phillips <mark@ist.flinders.edu.au>
Cc: debian-user@lists.debian.org
Subject: Re: Some questions about IP Masquerading
From: "Stephen A. Witt" <sawitt@electra.fu.hac.com>
Date: Thu, 25 Mar 1999 11:37:35 -0800 (PST)
Message-id: <[🔎] Pine.LNX.4.10.9903251049401.26606-100000@electra.fu.hac.com>
In-reply-to: <[🔎] E10Q4oj-0000k8-00@localhost>

I've been using IP Masquerade at home for at least a year now and it has
been working great. I'll try to answer some of these.

On Thu, 25 Mar 1999, Mark Phillips wrote:

> I am currently trying to install IP masquerading at home.  I've been
> reading the Mini IP Masquerading HOWTO, and I have some questions
> which I am hoping someone can answer.
> 
> 
> 1. The HOWTO says to add the following lines to /etc/rc.d/rc.local:
> 
>   /sbin/depmod -a
>   /sbin/modprobe ip_masq_ftp
>   /sbin/modprobe ip_masq_raudio
>   ...etc
> 
> I presume that under debian I actually just add these modules to
> /etc/modules??
> 

If I recall correctly (I'm not at home), I compiled the IP Masquerade
modules into the kernel, not to be loaded as modules, so I'm not sure
about this.

> 
> 2. In my /lib/modules/2.0.36/ipv4 directory I have the following modules:
> 
> ip_masq_cuseeme.o  ip_masq_irc.o      ip_masq_raudio.o
> ip_masq_ftp.o      ip_masq_quake.o    ip_masq_vdolive.o
> 
> >From this I am guessing that by installing these modules, I will be able
> to run ftp, irc, quake and real audio applications.  I am guessing vdolive
> is short for "video live"??  And I have no idea about "cuseeme"??

cuseeme is a fairly widely used video teleconferencing application
developed at Cornell University (hence the cu). It allows one to
participate in low rate video and voice conferences over the Internet.

> 
> Why isn't "http" here --- doesn't it need a module?  What about
> "rlogin", "telnet", "ping" and "pop3" (email)??

I think these applications are handled by the basic IP masquerade module.

> 
> 
> 3.  What does "ipv4" stand for?  Is it specifically masquerading stuff?

IPv4 is Internet Protocol Version 4. It is the current version of the IP
protocol suite used in nearly all IP devices today. The next version of
the IP protocol suite, Internet Protocol Version 6 (IPv6) is under
design/development/test, etc. and will supercede IPv4 sometime in the
future. 

> 
> 
> 4.  The HOWTO says:
> 
>   IMPORTANT: IP forwarding is disabled by default since 2.0.34
>   kernels, please make sure you enable it by running
>          echo "1" > /proc/sys/net/ipv4/ip_forward 
> 
> This seems a very strange way to enable something.  Does it need to be
> done at boot time, or when?  Why is it done like this?
> 

IP forwarding is performed within the IP protocol software, which runs as
part of the Linux kernel. For most Linux devices (and in fact Unix boxes),
IP forwarding should not be enabled as they are not acting as routers.  
For this reason the default setting for IP forwarding in the kernel is not
to forward datagrams. The method of controlling forwarding given above is
actually a very cool way to enable kernel functions such as this because
it means you don't need to recompile the kernel just to activate a simple
flag variable like this.

Reply to:

References:
- Some questions about IP Masquerading
  - From: Mark Phillips <mark@ist.flinders.edu.au>

Prev by Date: re rsync
Next by Date: Re: Linus Torvalds: Linux-2.2.4..
Previous by thread: Some questions about IP Masquerading
Next by thread: Re: Some questions about IP Masquerading
Index(es):
- Date
- Thread