Anyway, I am now able to ping my dialup interface from the me machine, but cant ping anything else on the net. What?! Indeed. NAT seems to be working (or so the excellent Mandrake Howto seems to suggest) as I am pinging something outside my home subnet, which is obviously going out the right gateway and all that. So I can ping from 192.168.0.2 (ME)to 192.168.01(linux gateway) and also to 210.246.24.214 (paradise local address) but NOT to 202.0.46.81 (paradise remote address). Im really confused now!
Cheers and more later
Anton
Nick Rout wrote:
On Wed, 01 Oct 2003 22:27:40 +1200 Anton <[EMAIL PROTECTED]> wrote:
hey,
The porn is obviously far too good for Jason. Damn thehun.com for
being so good ;-0
I ran drakgw (nice spotting nick) and it seems to think everything is ok. I am "set up". Nothing works however.
when you say "nothing works" - nothing works where? mandrake ? winme?
proxy has nothing to do with this setup. mandrakebox acts as a gateway and forwards packets from winme to the net and back again.
on winmebox you must set the gateway to the ip address of mandrakebox.
natted gateways are quite clever, can I be bothered explaining at this time of night? here goes:
1. problem arises because you have one public IP address made available by your ISP. call it 123.123.123.123
2. however you have more than one machine wanting to share that address to contact the internet. you set up your lan of machines desirous of internet connections with private IP addresses, which are defined by the relevant standard to be private and will not appear on the general public internet. typically these are like 192.168.1.1 to 192.168.1.254. Those aren't the only available, but they work and are the ones for the example.
3. lets further define our lan as having one machine as the gateway. It has two network interfaces, one has a private address (define it as 192.168.1.254) The other interface connects to the internet, it may be an analog modem, an atm interface, dsl, cable modem, wireless interface, doesn't really matter. its ip address is 123.123.123.123. it is set up to run NAT, more about that in a soon.
4. the other local machines (like your winme machine) have addresses between 192.168.1.1 and 192.168.1.253. importantly they have their default gateway set to the router, 192.168.2.254.
5. consider machine on lan at address 192.168.1.1 asking for a web page at www.linux.org. lets ignore dns for just a moment and say www.linux.org has the IP address of 234.234.234.234, and that your machine is able to resolve the IP address.
6. 192.168.1.1 opens a random port, say 32000. It sends a packet to 234.234.234.234 on port 80. Because its gateway is 192.168.1.254 it sends the request there as the first port of call on the way to 234.234.234.234.
7. the gateway (192.168.1.254) is running NAT so it rewrites the header
of the request to fake the request as coming from 123.123.123.123 (its
public IP address) and a random port, say 62000. It maintains a table of
translations.
8. www.linux.org receives the request with a faked header and believes the packet comes from a publicly routable host, instead of some machine on your lan with no public IP address. It sends its reply back to that publicly routable address and port number, ie 123.123.123.123:62000.
9. the gateway at 123.123.123.123 looks up its table and says "oh yeah that originally came from 192.168.1.1:32000, I'll send the reply there." It rewrites the header again and forwards it back to the browser on the lan machine, which is really none the wiser. the lan machine sees a packet from 234.234.234.234:80
10. thats a simplification of the process, but the point is that no
proxy is needed.
11. we glossed over dns. typically the following may be the setup:
(a) the lan machine may have its dns server set to be the ISP's dns servers, and simply get an address in the same way as above, natting thru the gateway, or
(b) the gateway can run a dns server in which case the lan machine is
pointed to the gateway for dns.
so, make sure the gateway and dns are set up right on the client/lan machine!
I would have thought that I should set up a proxy server on the Mandrake machine. However, this is
one thing that Mandrake does not do so well. How on earth do I set up
a proxy server? There are just two blank lines in drakproxy (HTTP...
and FTP...). Very helpful...At varsity there is something like wwwproxy.lincoln.ac.nz on port 8080 that I put into the proxy server
for the lan in IE and Mozilla. I obviously can't use that however, and
drakproxy is no help at all. I have tried google but nothing seems to answer my question. IP Masquerading seems to be one option but I think
ip_forward is turned off in the kernel and I am way too newbie to be recompiling the kernel! I repeat, drakgw tells me everything is ok, so
I assume that I don't need ip_forward for whatever solution that is supposed to be using. (true NAT?). So I'm still at a loss...
[EMAIL PROTECTED] wrote:
I am now pinging between the nodes. This seems to be going OK, apart
from the fact that the dialup (ppp) below is actually not working...
strange but true! All is well until I bring the other machine up andthe>internet, because even though it says im connected it won't
then all of a sudden the net connection goes. I then disconnect from
communicate,>and try and reconnect. Kppp will connect me and log me
on but won't get>me anywhere. !
I have just clicked. The default route is being set to 192.168.0.1do I>set this so I don't have to go in and manually configure the
sending me to me. I changed the default to paradise and it worked. I
could both ping and access the internet. Now the question is - how
routing>table every time? There doesn't seem to be anything in the
control>centre...
