Very Computer

Am having problems routing BT ADSL Internet connection to a local network
through a linux box.
The Linuxbox connects to the ADSL router and the local net via two NIC's
I can connect to the web on the linux box but can't share the connection to
the windows clients.
I've set the linux box as the gateway on the clients and configured
masquerading but no joy.
I can ping the linux box from the clients and vice versa but i cannot ping
the BT router or the web from the clients.

Do I need to add another route to the BT router which has it's own internal
IP?

Any ideas appreciated....

Hi!,

Quote:> Am having problems routing BT ADSL Internet connection to a local network
> through a linux box.
> The Linuxbox connects to the ADSL router and the local net via two NIC's
> I can connect to the web on the linux box but can't share the connection to
> the windows clients.
> I've set the linux box as the gateway on the clients and configured
> masquerading but no joy.
> I can ping the linux box from the clients and vice versa but i cannot ping
> the BT router or the web from the clients.

> Do I need to add another route to the BT router which has it's own internal
> IP?

It doesn't like you need another route, but more a problem with the masq'ing
that is going on.  Have you enabled ip forwarding in the file /etc/sysctl.conf
(if you are a RedHat/Mandrake user) and have you executed the appropriate
command to forward traffic from your internal network to the outside network ?

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

Hi Dean,
Not sure about etc/sysctl - I'm using Linux Mandrake and IP forwarding is
enabled in etc/network
I have tried setting this up manually and also using PMFirewall.

I have a similar setup at home with an NTL cablemodem and this works OK
The only difference I can see is that the cable modem doesn't act as a
router.
The linux box internal IP 192.168.0.1 is set as the default gateway but when
I run route it shows the router's internal IP as the default 192.168.254.254

There is also an OpenVMS server on the network, acting as an NT domain
server for authentication purposes.
Could it be that this is causing a problem?

Dom

Quote:

> Hi!,

> > Am having problems routing BT ADSL Internet connection to a local
network
> > through a linux box.
> > The Linuxbox connects to the ADSL router and the local net via two NIC's
> > I can connect to the web on the linux box but can't share the connection
to
> > the windows clients.
> > I've set the linux box as the gateway on the clients and configured
> > masquerading but no joy.
> > I can ping the linux box from the clients and vice versa but i cannot
ping
> > the BT router or the web from the clients.

> > Do I need to add another route to the BT router which has it's own
internal
> > IP?

> It doesn't like you need another route, but more a problem with the
masq'ing
> that is going on.  Have you enabled ip forwarding in the file
/etc/sysctl.conf
> (if you are a RedHat/Mandrake user) and have you executed the appropriate
> command to forward traffic from your internal network to the outside
network ?

> See ya

> Dean Thompson

> --

+____________________________+____________________________________________+
+----------------------------+--------------------------------------------+

Dom,

Based on the last information you supplied it sounds to me like the route
you have setup is wrong.  The clients should be setup with their default
route to the linux internal IP (like you have setup) enable ipforwarding
(echo 1 > /proc/sys/net/ipv4/ip_forward) masq traffic (ipchains -A
forward -s 192.168.0.0/24 -j MASQ) make default route out the external
device (if external is eth0 then, route add default eth0, route del default
192.168.254.254), edit /etc/sysconfig/network-scripts/ifcfg-eth1 (assuming
thats the internal) put in gatewaydev=eth0.  Try pinging the internal and
external device IPs from the clients, if all is working you should be able
to ping the external address and then a web address...

Hope this helps,

-Dave T.

+____________________________+____________________________________________+

Quote:> > | Dean Thompson              | E-mail  -

Quote:> |
> > | Bach. Computing (Hons)     | ICQ     - 45191180
> |
> > | PhD Student                | Office  - <Off-Campus>
> |
> > | School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)
> |
> > | MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077
> |
> > | Melbourne, Australia       |
> |

+----------------------------+--------------------------------------------+

Thanks Dave,
Think it may have been the automatic configuration on Mandrake that picked
up the router's IP as the gateway.
I have it set as the linux internal IP in etc/sysconfig/network with gateway
device eth0 but this doesn't seem to be reflected in the routing table.

I will give it a try as you suggested when I am next in there.

Dom

+____________________________+____________________________________________+

+----------------------------+--------------------------------------------+

Hi Dom,

Quote:> Not sure about etc/sysctl - I'm using Linux Mandrake and IP forwarding is
> enabled in etc/network I have tried setting this up manually and also using
> PMFirewall.

Nope, the /etc/sysconfig/network file is now ignored, the IP forwarding must
be enabled in the /etc/sysctl.conf file.

Quote:

> I have a similar setup at home with an NTL cablemodem and this works OK
> The only difference I can see is that the cable modem doesn't act as a
> router. The linux box internal IP 192.168.0.1 is set as the default gateway
> but when I run route it shows the router's internal IP as the default
> 192.168.254.254

This sounds like it is a problem with your netmask values.  Check to make sure
that all your subnet masks and gateway addresses are correct, because it
sounds like there might be an error there as well.

Quote:> There is also an OpenVMS server on the network, acting as an NT domain
> server for authentication purposes. Could it be that this is causing a
> problem?

I doubt it, they are reasonably well behaved systems and would interfere with
routing arrangements.

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

Dean/Dom,

The ip_forward file is not ignored, just depends on the version linux you're
running.  Personally running rh6.2 w/2.2.19 kernel and still use the
ip_forward file...still try this file for forwarding =)

Dave T.

Quote:

> Hi Dom,

> > Not sure about etc/sysctl - I'm using Linux Mandrake and IP forwarding
is
> > enabled in etc/network I have tried setting this up manually and also
using
> > PMFirewall.

> Nope, the /etc/sysconfig/network file is now ignored, the IP forwarding
must
> be enabled in the /etc/sysctl.conf file.

> > I have a similar setup at home with an NTL cablemodem and this works OK
> > The only difference I can see is that the cable modem doesn't act as a
> > router. The linux box internal IP 192.168.0.1 is set as the default
gateway
> > but when I run route it shows the router's internal IP as the default
> > 192.168.254.254

> This sounds like it is a problem with your netmask values.  Check to make
sure
> that all your subnet masks and gateway addresses are correct, because it
> sounds like there might be an error there as well.

> > There is also an OpenVMS server on the network, acting as an NT domain
> > server for authentication purposes. Could it be that this is causing a
> > problem?

> I doubt it, they are reasonably well behaved systems and would interfere
with
> routing arrangements.

> See ya

> Dean Thompson

> --

+____________________________+____________________________________________+
+----------------------------+--------------------------------------------+

Hi Dave,

Quote:> The ip_forward file is not ignored, just depends on the version linux
> you're running.  Personally running rh6.2 w/2.2.19 kernel and still use the
> ip_forward file...still try this file for forwarding =)

Hmm, interesting, the version of Redhat 6.2 did this in my
/etc/sysconfig/network file:

cat /etc/sysconfig/network
NETWORKING=yes
# FORWARD_IPV4 removed; see /etc/sysctl.conf
HOSTNAME=xxx.xxx.xxx.xxx
DOMAINNAME=xxx.xxx.xxx.xxx
GATEWAY=xxx.xxx.xxx.xxx
GATEWAYDEV=eth0

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

Hey,

I must have miss typed something...I'm going back now to check why were' not
on the same page

            . . .

I think I see where it happened, I said that you put the gatewaydev in the
/etc/sysconfig/network-scripts/ifcfg-(internalnic) instead of
/etc/sysconfig/network.  On another note regarding ip forwarding, though, I
still have all these files in /proc/sys/net/ipv4

conf                               ip_local_port_range   tcp_max_syn_backlog
icmp_destunreach_rate              ip_masq_debug
tcp_retrans_collapse
icmp_echo_ignore_all               ip_masq_udp_dloose    tcp_retries1
icmp_echo_ignore_broadcasts        ip_no_pmtu_disc       tcp_retries2
icmp_echoreply_rate                ipfrag_high_thresh    tcp_rfc1337
icmp_ignore_bogus_error_responses  ipfrag_low_thresh     tcp_sack
icmp_paramprob_rate                ipfrag_time           tcp_stdurg
icmp_timeexceed_rate               neigh                 tcp_syn_retries
ip_always_defrag                   route                 tcp_syncookies
ip_autoconfig                      tcp_fin_timeout       tcp_timestamps
ip_default_ttl                     tcp_keepalive_probes  tcp_window_scaling
ip_dynaddr                         tcp_keepalive_time
ip_forward                         tcp_max_ka_probes

and my network file is

NETWORKING=yes
HOSTNAME="xxx.xxx.xxx"
GATEWAY=""
GATEWAYDEV=""
FORWARD_IPV4="no"

Still interresting to see that my machine routes fine while
FORWARD_IPV4="no" and the /etc/sysctl.conf file is

# Disables packet forwarding
net.ipv4.ip_forward = 0
# Enables source route verification
net.ipv4.conf.all.rp_filter = 1
# Disables automatic defragmentation (needed for masquerading, LVS)
net.ipv4.ip_always_defrag = 0
# Disables the magic-sysrq key
kernel.sysrq = 0

and finally the /proc/sys/net/ipv4/ip_forward file

1

which is the only place it says to forward packets!  I'm not doing this to
say, 'In your face Dean' lol, just giving evidence that the ip_forward file
isn't ignored on MY configuration, thats all =)

Either way, I haven't seen a post from Dom here letting us know that he got
it working and what the problem was...

-Dave T.

Quote:

> Hi Dave,

> > The ip_forward file is not ignored, just depends on the version linux
> > you're running.  Personally running rh6.2 w/2.2.19 kernel and still use
the
> > ip_forward file...still try this file for forwarding =)

> Hmm, interesting, the version of Redhat 6.2 did this in my
> /etc/sysconfig/network file:

> cat /etc/sysconfig/network
> NETWORKING=yes
> # FORWARD_IPV4 removed; see /etc/sysctl.conf
> HOSTNAME=xxx.xxx.xxx.xxx
> DOMAINNAME=xxx.xxx.xxx.xxx
> GATEWAY=xxx.xxx.xxx.xxx
> GATEWAYDEV=eth0

> See ya

> Dean Thompson

> --

+____________________________+____________________________________________+
+----------------------------+--------------------------------------------+

Alas no, I haven't got it working.

If  I set the default route as the Linux machine's local network address,
route still shows the BT router's IP as the default gateway
(192.168.254.254)
I have tried removing this manually and am told it is a non-existent
process.

etc/sysconfig/network has
GATEWAY="192.168.82.2"
GATEWAYDEV="eth0"
FORWARD_IPV4="yes"

Forwarding was disabled in etc/sysctl.conf but enabling it made no
difference.
I can ping the linux box's local net IP on eth1 and the DHCP assigned IP on
eth0 from the clients but not the BT router or the web.

Trying to think of any other info I can tell you that may help as I am going
back in tomorrow to try and sort it and am not feeling overly confident.

eth0 gets it's IP assigned dynamically by the BT router in the form
192.168.254.x
All the local network IP's are static
All local subnet masks are 255.255.255.0 (not sure about the BT router)
Most clients log on to the Alpha OpenVMS box as a named domain (i.e. log
onto NT domain is checked in windows networking)
and use DEC Pathworks to map to drives on the Alpha.
Haven't tried it on one of the non-Pathworks clients yet - could it be this
that is interfering with the routing?

Thanks for the suggestions so far.
If I can't get it running tomorrow I may have to try using a windows based
solution, though I'm none too keen on that idea.
If any of you are on this newsgroup tomorrow you will probably see
progressively more desperate messages posted from me!

Dom

+____________________________+____________________________________________+

Quote:> > | Dean Thompson              | E-mail  -

Quote:> |
> > | Bach. Computing (Hons)     | ICQ     - 45191180
> |
> > | PhD Student                | Office  - <Off-Campus>
> |
> > | School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)
> |
> > | MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077
> |
> > | Melbourne, Australia       |
> |

+----------------------------+--------------------------------------------+

This is truely odd, especially that you can ping the external interface from
an internal client, that means forwarding is working!  Though that doesn't
necessarily mean that the masqing is working.  Still make sure that the rule
for masq'ing is set, the only one that should be there for testing purposes
is
/sbin/ipchains -A forward -s 192.168.0-j MASQ
that will masq everything internal go anywhere.
Also pipe your route table to a file and paste here, and ifconfig...those
might point to something, but it seems to me at this point that masq'ing
isn't enabled =(

Quote:> If I can't get it running tomorrow I may have to try using a windows based
> solution, though I'm none too keen on that idea.
> If any of you are on this newsgroup tomorrow you will probably see
> progressively more desperate messages posted from me!

We'll get this thing runin man, don't you worry =) Unfortunately though, I
won't be on again until Monday night probably, but I'm sure Dean will think
of something

Good Luck!

-Dave T.

+____________________________+____________________________________________+

+----------------------------+--------------------------------------------+

Hi Dave,

Thanks for the info, totally wierd.  I know of some distributions especially
the Redhat 7 family where it gets really wierd and won't forward unless the
/etc/sysctl.conf file is marked as one.  Still, you have to run with a
configuration that works :)

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

Hi Domn,

Quote:> If  I set the default route as the Linux machine's local network address,
> route still shows the BT router's IP as the default gateway
> (192.168.254.254)
> I have tried removing this manually and am told it is a non-existent
> process.

> etc/sysconfig/network has
> GATEWAY="192.168.82.2"
> GATEWAYDEV="eth0"
> FORWARD_IPV4="yes"

> Forwarding was disabled in etc/sysctl.conf but enabling it made no
> difference.
> I can ping the linux box's local net IP on eth1 and the DHCP assigned IP on
> eth0 from the clients but not the BT router or the web.

Is it possible to take a look at your
/etc/sysconfig/network-scripts/ifcfg-eth0 file.  I suspect that it might be a
problem with the netmask or some other information that is located within the
file.

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

Am just setting this up again with a clean install.
Loaded Mandrake 7.2
Compiled necessary net drivers.
Set up eth0 and eth1
Added DNS entries
Tested web and local network from linux box - working fine
Went into linuxconf and set gateway and enabled routing
Ran: /sbin/ipchains -A forward -s 192.168.82 -j MASQ
Set win clients to linux gateway and same DNS
Still cant ping the net from win clients

ifcfg-eth0
DEVICE="eth0"
IPADDR=""
NETMASK=""
ONBOOT="yes"
BOOTPROTO="dhcp"
IPXNETNUM_802_2=""
IPXPRIMARY_802_2="no"
IPXACTIVE_802_2="no"
IPXNETNUM_802_3=""
IPXPRIMARY_802_3="no"
IPXACTIVE_802_3="no"
IPXNETNUM_ETHERII=""
IPXPRIMARY_ETHERII="no"
IPXACTIVE_ETHERII="no"
IPXNETNUM_SNAP=""
IPXPRIMARY_SNAP="no"
IPXACTIVE_SNAP="no"

ifcfg-eth1
DEVICE="eth1"
IPADDR="192.168.82.2"
NETMASK="255.255.255.0"
ONBOOT="yes"
BOOTPROTO="none"
IPXNETNUM_802_2=""
IPXPRIMARY_802_2="no"
IPXACTIVE_802_2="no"
IPXNETNUM_802_3=""
IPXPRIMARY_802_3="no"
IPXACTIVE_802_3="no"
IPXNETNUM_ETHERII=""
IPXPRIMARY_ETHERII="no"
IPXACTIVE_ETHERII="no"
IPXNETNUM_SNAP=""
IPXPRIMARY_SNAP="no"
IPXACTIVE_SNAP="no"

route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
192.168.82.0    *               255.255.255.0   U     0      0        0 eth1
192.168.254.0   *               255.255.255.0   U     0      0        0 eth0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         192.168.254.254 0.0.0.0         UG    0      0        0 eth0

Hope this will shed some more light on the problem.

Dom

Quote:

> Hi Domn,

> > If  I set the default route as the Linux machine's local network
address,
> > route still shows the BT router's IP as the default gateway
> > (192.168.254.254)
> > I have tried removing this manually and am told it is a non-existent
> > process.

> > etc/sysconfig/network has
> > GATEWAY="192.168.82.2"
> > GATEWAYDEV="eth0"
> > FORWARD_IPV4="yes"

> > Forwarding was disabled in etc/sysctl.conf but enabling it made no
> > difference.
> > I can ping the linux box's local net IP on eth1 and the DHCP assigned IP
on
> > eth0 from the clients but not the BT router or the web.

> Is it possible to take a look at your
> /etc/sysconfig/network-scripts/ifcfg-eth0 file.  I suspect that it might
be a
> problem with the netmask or some other information that is located within
the
> file.

> See ya

> Dean Thompson

> --

+____________________________+____________________________________________+
+----------------------------+--------------------------------------------+

Hi Dom,

Quote:> ifcfg-eth0
> DEVICE="eth0"
> IPADDR=""
> NETMASK=""
> ONBOOT="yes"
> BOOTPROTO="dhcp"

Okay, it would appear that the system isn't too happy about your eth0
interface and the way in which it is being setup.  I presume that your
DSL/ADSL router/cable modem is sitting on the 192.168.82.x network.  If it
isn't then we might have already identified one of our problems.
Additionally, I know it isn't really needed but can you change the line in
your eth0 file to say:
NETMASK="255.255.255.0".

I am interested however, in the DHCP information which is being returned to
you from your cable modem.  I get a funny feeling that its internal IP address
has been configured for the 254 subnet.

Are you able to shed any light on that ?

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+