Re: nat and dhcp

To: debian-user@lists.debian.org
Subject: Re: nat and dhcp
From: Andy Ruddock <andy.ruddock@minnesund.net>
Date: Sun, 21 Mar 2004 10:55:50 +0100
Message-id: <[🔎] 405D66A6.5030300@minnesund.net>
In-reply-to: <[🔎] 405D0873.5010201@audioverse.com>
References: <[🔎] 405D0873.5010201@audioverse.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

uzoma nwosu wrote:
| I'm trying to turn my debian box into nat server.  So far, I've got the
| kernel configured with all the netfilter stuff that the IP
| Masquerade-howto on tldp.org said (I'm running 2.4.24, with sarge/sid).
| I've installed dhcpd and it seems to run fine.
| So here's my problem:  my laptop (which has a dhcp client thats works on
| campus) can ping my deskstop but that's all.  It can't reach the net.
| I have done the echo 1 >/proc/sys/net/ipv4/ip_forward thing to turn it
| on and still nothing.  So here is my dhcp.conf  and my
| /etc/network/interface file snippets.  ANY help would be greatly
| appreciated.
|
| king:/proc/sys/net/ipv4# more /etc/dhcpd.conf
| #
| # Sample configuration file for ISC dhcpd for Debian
| #
| # $Id: dhcpd.conf,v 1.4.2.2 2002/07/10 03:50:33 peloy Exp $
| #
|
| # option definitions common to all supported networks...
| option domain-name "mytalon.com";
| #option domain-name-servers king.mytalon.com;
|
| option subnet-mask 255.255.255.0;
| default-lease-time 600;
| max-lease-time 7200;
|
| #my declared subnet for eth1
| subnet 192.168.0.0 netmask 255.255.255.0 {
| range 192.168.0.1 192.168.0.10;
| option broadcast-address 192.168.0.255;
| #  option routers prelude.fugue.com;
| }
|
| king:/proc/sys/net/ipv4#  more /etc/network/interfaces
| # /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
|
| # The loopback interface
| auto lo
| iface lo inet loopback
|
| # The first network card - this entry was created during the Debian
| installation
| auto eth0
| iface eth0 inet dhcp
|
| #Second network card - 3Com vortex
| auto eth1
| iface eth1 inet static
|       address 192.168.0.1
|       netmask 255.255.255.0
|       network 192.168.0.0
|       broadcast 192.168.0.255
|
|
| Something else that I don't completely understand (this is my first time
| ever creating a network) is that my laptop picks up 192.168.2.1 from
| DHCPACK when ifup eth0.  Shouldn't it receive on 192.168.0.1?
|
| thanks,
|
| Uzoma
|
|

I have a debian box I use as a dhcp/dns server and router for my small
network.

I use dnsmasq for dhcp/dns setup - because it's really easy to install
and configure. I tried dynamic dns updates for bind, but it was way too
complicated.

Here's the script I use. Luckily it sits behind another router/firewall
so I don't have to worry much about firewalling.
INT_IF defines the interface connected to the internal network
EXT_IF defines the interface connected to the external network

Note: there may be some line-wrapping.

- -------- /etc/init.d/route : start ----------
#!/bin/sh
#
# Startup script for route
#
# description: Starts iptables routing
# chkconfig: 2345 85 15

IPTABLES=/sbin/iptables
INT_IF=eth0
EXT_IF=eth1

# See how we were called.
case "$1" in
~  start)
~        echo -n "Starting router: "
~        # Delete and flush. Default table is "filter". Others like "nat"
must be explicitly stated.
~        # Flush all the rules in filter and nat tables
~        $IPTABLES --flush
~        $IPTABLES --table nat --flush
~        # Delete all chains that are not in default filter and nat table
~        $IPTABLES --delete-chain
~        $IPTABLES --table nat --delete-chain
~        # Set up IP FORWARDing and Masquerading
~        $IPTABLES --table nat --append POSTROUTING -o $EXT_IF -j MASQUERADE
~        $IPTABLES --append FORWARD -i $INT_IF -j ACCEPT
~        # Enables packet forwarding by kernel
~        echo 1 > /proc/sys/net/ipv4/ip_forward
~        echo "Done"
~        ;;
~  stop)
~        echo -n "Stopping router: "
~        # Delete and flush. Default table is "filter". Others like "nat"
must be explicitly stated.
~        # Flush all the rules in filter and nat tables
~        $IPTABLES --flush
~        $IPTABLES --table nat --flush
~        # Delete all chains that are not in default filter and nat table
~        $IPTABLES --delete-chain
~        $IPTABLES --table nat --delete-chain
~        echo "Done"
~        ;;
~  status)
~        echo "Router info: "
~        echo "Not implemented."
~        ;;
~  restart)
~        $0 stop
~        $0 start
~        ;;
~  reload)
~        echo -n "Re-"
~        $0 start
~        echo
~        ;;
~  *)
~        echo "Usage: %s {start|stop|restart|reload|status}\n" "$0"
~        exit 1
esac

exit 0
- -------- /etc/init.d/route : end ----------

- --
Andy Ruddock
- ------------
Senior Software Developer (andy.ruddock@minnesund.net)
GPG Key IDs : DSA/EIGamal=0x4E509520 RSA=0x5C38FD43 DSA=0x8B428591
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFAXWalRVHR7k5QlSARApZ4AJ9E11d2ZtIZvDTtizxwtSaCSQWKLQCfQFb3
XweCwWDdUiaU29zRFojWMtU=
=qVID
-----END PGP SIGNATURE-----

Reply to:

References:
- nat and dhcp
  - From: uzoma nwosu <uzoma@audioverse.com>

Prev by Date: Re: usage of "ifup ppp0" as opposed to "pon"
Next by Date: procps broken? dpkg can't process it.
Previous by thread: Re: nat and dhcp
Next by thread: Re: nat and dhcp
Index(es):
- Date
- Thread