Two IP#s and masquerading on one NIC
Alexander Holst
yellowdog-general@lists.terrasoftsolutions.com
Mon Apr 22 10:55:01 2002
Hi everybody,
to test some setups, I would like to configure the builtin ethernet
interface with a real and a private IP# [did do that with an alias,
eth0:0] and use masquerading to simulate a router situation. I need to
check some IP setups on a MacOS X Server, before moving it to a client
site. Unfortunately, i do not have a machine with two interfaces here at
the moment.
I tried setting up everything: I can ping both "networks", but can't get
out from the internal to the external:
ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:05:02:C4:47:8D
inet addr:141.47.102.36 Bcast:141.47.102.63
Mask:255.255.255.192
EtherTalk Phase 2 addr:10000/50
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:287302 errors:0 dropped:0 overruns:0 frame:0
TX packets:226140 errors:0 dropped:0 overruns:0 carrier:0
collisions:0
RX bytes:123041098 (117.3 Mb) TX bytes:116519745 (111.1 Mb)
eth0:0 Link encap:Ethernet HWaddr 00:05:02:C4:47:8D
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
EtherTalk Phase 2 addr:0/0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0
RX bytes:1696 (1.6 Kb) TX bytes:1696 (1.6 Kb)
netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt
Iface
141.47.102.0 0.0.0.0 255.255.255.192 U 40 0 0
eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0
eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0
lo
0.0.0.0 141.47.102.1 0.0.0.0 UG 40 0 0
eth0
ipchains -L
Chain input (policy ACCEPT):
target prot opt source destination ports
icmp icmp ------ anywhere anywhere
any -> any
ACCEPT tcp ------ 192.168.1.0/24 anywhere
any -> any
ACCEPT udp ------ 192.168.1.0/24 anywhere
any -> any
Chain forward (policy ACCEPT):
target prot opt source destination ports
MASQ tcp ------ 192.168.1.0/24 anywhere
any -> any
MASQ udp ------ 192.168.1.0/24 anywhere
any -> any
Chain output (policy ACCEPT):
Chain icmp (1 references):
target prot opt source destination ports
ACCEPT all ------ anywhere anywhere n/a
Is it simply not possible to get masquerading working on one interface,
or did I make a mistake?
Thanks for any ideas.
Alexander Holst
Pforzheim University of Applied Sciences
<holst@fh-pforzheim.de>
ph: +49 [0]7231 28-6837
fx: +49 [0]7231 28-6040