Two IP#s and masquerading on one NIC

Alexander Holst yellowdog-general@lists.terrasoftsolutions.com
Mon Apr 22 10:55:01 2002 

Hi everybody,

to test some setups, I would like to configure the builtin ethernet 
interface with a real and a private IP# [did do that with an alias, 
eth0:0] and use masquerading to simulate a router situation. I need to 
check some IP setups on a MacOS X Server, before moving it to a client 
site. Unfortunately, i do not have a machine with two interfaces here at 
the moment.

I tried setting up everything: I can ping both "networks", but can't get 
out from the internal to the external:
ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:05:02:C4:47:8D
           inet addr:141.47.102.36  Bcast:141.47.102.63  
Mask:255.255.255.192
           EtherTalk Phase 2 addr:10000/50
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:287302 errors:0 dropped:0 overruns:0 frame:0
           TX packets:226140 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0
           RX bytes:123041098 (117.3 Mb)  TX bytes:116519745 (111.1 Mb)

eth0:0    Link encap:Ethernet  HWaddr 00:05:02:C4:47:8D
           inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

lo        Link encap:Local Loopback
           inet addr:127.0.0.1  Mask:255.0.0.0
           EtherTalk Phase 2 addr:0/0
           UP LOOPBACK RUNNING  MTU:16436  Metric:1
           RX packets:20 errors:0 dropped:0 overruns:0 frame:0
           TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0
           RX bytes:1696 (1.6 Kb)  TX bytes:1696 (1.6 Kb)

netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt 
Iface
141.47.102.0    0.0.0.0         255.255.255.192 U        40 0          0 
eth0
192.168.1.0     0.0.0.0         255.255.255.0   U        40 0          0 
eth0
127.0.0.0       0.0.0.0         255.0.0.0       U        40 0          0 
lo
0.0.0.0         141.47.102.1    0.0.0.0         UG       40 0          0 
eth0

ipchains -L
Chain input (policy ACCEPT):
target     prot opt     source                destination           ports
icmp       icmp ------  anywhere             anywhere              
any ->   any
ACCEPT     tcp  ------  192.168.1.0/24       anywhere              
any ->   any
ACCEPT     udp  ------  192.168.1.0/24       anywhere              
any ->   any
Chain forward (policy ACCEPT):
target     prot opt     source                destination           ports
MASQ       tcp  ------  192.168.1.0/24       anywhere              
any ->   any
MASQ       udp  ------  192.168.1.0/24       anywhere              
any ->   any
Chain output (policy ACCEPT):
Chain icmp (1 references):
target     prot opt     source                destination           ports
ACCEPT     all  ------  anywhere             anywhere              n/a

Is it simply not possible to get masquerading working on one interface, 
or did I make a mistake?

Thanks for any ideas.

Alexander Holst
Pforzheim University of Applied Sciences
<holst@fh-pforzheim.de>
ph: +49 [0]7231 28-6837
fx: +49 [0]7231 28-6040