Re: Home network router does not forward LAN traffic

To: debian-user@lists.debian.org
Subject: Re: Home network router does not forward LAN traffic
From: Paul Johnson <baloo@ursine.ca>
Date: Sat, 7 Jun 2003 01:47:38 -0700
Message-id: <[🔎] 20030607084738.GL32564@ursine.dyndns.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 000301c32c3a$40c95ed0$0201a8c0@homecompaq>
References: <[🔎] 000301c32c3a$40c95ed0$0201a8c0@homecompaq>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, Jun 06, 2003 at 04:45:18PM +0200, Kosta Porotchkin wrote:
> First Windows workstation: 192.168.1.2/16, gw 192.168.1.1
> Second Windows workstation 192.168.2.2/16, gw 192.168.2.1
> Linux server/NAT firewall/gateway running Debian Woody 3.0: 
>    eth0: 10.0.0.150/24 connected to ADSL modem/router (10.0.0.138)
>    eth1: 192.168.1.1/24 connected to the first workstation
>    eth2: 192.168.2.1/24 connected to the second workstation
> What is wrong and where? Is my routing table wrong or the problem is
> in iptables configuration?

Wow, you're making this *way* harder than it needs to be.

Subnet masks don't match on the two subnets you have a single host on,
eth1 and eth2.

Is eth0 really 10.0.0.150?  If so, your problem is on your ISP's side,
not yours.  If not, it's not worth obscuring that information as it
can make it trickier to help you out and anybody reading the headers
from your email can get that info anyway, and there's no stopping
that.

Second, I'm not quite sure you've got a firm grasp on networking.
When you set up a Linux box to act as a router, it *really is* acting
like a router, and you need to take a *lot* of effort to make it work
like a switch like it looks like you're trying to do.

Here's how I would solve this...

- ---DSL bridge----(eth0, dhcp?)Linux router
                       (eth1, 192.168.0.1/24)
                              |
                         hub or switch[1]
                           |        |
            Winbox (192.168.0.2)   Winbox (192.168.0.3)

Install the ipmasq package on the Linux box, this gets you started
right off with a working NAT setup.

Another advantage to this setup is it allows you to expand a bit in a
much simpler manner by putting up a caching DNS server, transparent
web proxy, mail server, etc to reduce bandwidth usage and dependence
on the link being fast or reliable (especially important considering
how horribly unreliable and slow compared to other technologies in the
same price range, at least in the US; I've done tech support for Qwest
and @Home and can safely say DSL is an ugly hack that shouldn't work
and frequently doesn't, and Qwest is more reliable than pretty much
any other DSL carrier in this region).

I *strongly* recommend you read up on the basics of TCP/IP and working
with Ethernet, things will start making more sense once you do.

[1] Switch would be better.

- -- 
 .''`.     Baloo Ursidae <baloo@ursine.ca>
: :'  :    proud Debian admin and user
`. `'`
  `-  Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+4aaqJ5vLSqVpK2kRAkaDAKCbNuxT0tG8jlWWIOKGo17KxuwhSACg4Jbz
FVBltKACyjm990kG/bl71zk=
=5Y7+
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: Home network router does not forward LAN traffic
  - From: Richard Hector <rhector@paradise.net.nz>
- Re: Home network router does not forward LAN traffic
  - From: "Keith G. Murphy" <keithmur@mindspring.com>

References:
- Home network router does not forward LAN traffic
  - From: "Kosta Porotchkin" <kporotchkin@gmx.net>

Prev by Date: Re: add-printer failed
Next by Date: Re: [OT] ergonomic setups
Previous by thread: Re: Home network router does not forward LAN traffic
Next by thread: Re: Home network router does not forward LAN traffic
Index(es):
- Date
- Thread