Aw: Re: [slightly OT & long] PPPoE iptables NAT

Albrecht Dreß albrecht.dress at arcor.de
Fri May 6 08:29:45 MDT 2005 

> I concur with all of this - although my network topology does include
> a computer thats routing packets between my wireless networks and my
> older computers - including my 1997 Powermac...
> 
> Setting up NAT on a computer is painful. PPPoE NAT is even harder -
> which is why the decent ISP's (all bar one) give real routers over
> here

Hmmm, can you be more specific here? As I said, I *had* nat running perfectly with the old isdn connection (and it's working with MacOS X's natd, too).

The point is: why is ppp0 (adsl) different from ippp0 (isdn) from the kernel's pov, so why did the latter work, but dsl doesn't with the sampe setup?

Cheers, Albrecht.


> > On Fri, 2005-05-06 at 11:47 +0000, Albrecht Dreß wrote:
> > > Hi,
> > >
> > > sorry for a slightly off-topic question regarding NAT with a PPPoE
> network.
> > >
> > > I have a home network looking as follows:
> > >
> > >          192.168.42.3
> > >          -----------     -------
> > >         | G4 Silver |   |       |---DSL Modem (ppp0)
> > > ISDN---|ippp0  eth0|---|Switch |---more Macs (192.168.42.x)
> > >          -----------     -------
> > >
> > > The G4 is running Yellowdog 4.01 with a self-compiled 2.6.11.4 kernel.
> > >
> > > The "old" setup was an ISDN connection (no DSL present), and the G4
> worked
> > > as router. Everything was perfect for the "local" net, except that the
> > > hardware (AVM Fritz) was not supported by MacOS, so I had no internet
> on
> > > the G4 (and connected clients) when running OS X.
> > >
> > > Therefore, I removed the ISDN card, got DSL, plugged the modem into the
> > > switch, and now everything works fine with OS X. After a little
> fiddling
> > > around with ipfw and natd, I have routing support with OS X client.
> > >
> > > Now I tried Linux, and I have internet on the G4 itself, but packets
> from
> > > the local net are apparently not routed/forwarded correctly. I did not
> > > change the NAT rules in iptables (except replacing ippp0 by ppp0, of
> > > course):
> > >
> > > <snip>
> > > [root at antares root]# iptables -t nat -L -n
> > > Chain PREROUTING (policy ACCEPT)
> > > target     prot opt source               destination
> > >
> > > Chain POSTROUTING (policy ACCEPT)
> > > target     prot opt source               destination
> > > MASQUERADE  all  --  192.168.42.0/24      0.0.0.0/0
> > >
> > > Chain OUTPUT (policy ACCEPT)
> > > target     prot opt source               destination
> > > </snip>
> > >
> > > Running tcpdump on both eth0 and ppp0, I can see that e.g. a http
> (tcp/80)
> > > request from the local net is going through eth0, and the same packet
> is
> > > then passed via ppp0. The response, though, is *not* returned to the
> > > requesting client.
> > >
> > > I am using the kernel-based pppoe modules (pppoe, pppox), not the
> roaring
> > > penguin package coming with YDL. Does anyone have an idea why
> forwarding
> > > doesn't work with this setup? Any hints how I should configure my box?
> Or
> > > is it impossible to use the dsl modem and the local net at the same
> > > Ethernet interface (but why does it work with OS X, then)? Any
> pointers?
> > >
> > > HELP! I'm really lost here...
> > >
> > > Thanks in advance for any help,
> > >
> > > Cheers, Albrecht.
> > >
> > > _______________________________________________
> > > yellowdog-general mailing list
> > > yellowdog-general at lists.terrasoftsolutions.com
> > > http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
> > > HINT: to Google archives, try  '<keywords> site:terrasoftsolutions.com'
> > --
> > joseph_sacco [at] comcast [dot] net
> > 
> > _______________________________________________
> > yellowdog-general mailing list
> > yellowdog-general at lists.terrasoftsolutions.com
> > http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
> > HINT: to Google archives, try  '<keywords> site:terrasoftsolutions.com'
> > 
> 
> 
> -- 
> -------------------------
> "We're busy running out of time"
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general at lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
> HINT: to Google archives, try  '<keywords> site:terrasoftsolutions.com'
> 

Machen Sie aus 14 Cent spielend bis zu 100 Euro!
Die neue Gaming-Area von Arcor - über 50 Onlinespiele im Angebot.
http://www.arcor.de/rd/emf-gaming-1

More information about the yellowdog-general mailing list