/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
Adam <[EMAIL PROTECTED]> wrote:
>
> I have just received a second IP address from my Server which is
> routed through the Same PPP connection as the First IP address. I was
> told I could use ipchain's to pass that second IP address to my other
> linux box.
All the notions about secondary's routed through primary's aside...
Ipchains is just one part of the step here. Your PPP connection has
always sent only IP datagrams meant for one IP address, the one for your
primary server. Now it will receive datagrams for two different IP
addresses. Your ipchains setup must take this into account, and do
something intelligent with packets for the secondary IP.
Since your secondary machine is probably connected by ethernet, your
primary machine must forward the traffic from ppp0 to eth1 (?), and the
reverse must also be true. Adding ipchains rules to your FORWARD
ruleset, which ACCEPT such packets trying to go in each direction, will
allow the connection to proceed. But.. you must also set up routing,
so that when a packet arrives on ppp0, the masq box follows the route
table, and knows that the packet must be sent to eth1. Of course,
setting up the secondary machine to route all its traffic back to the
primary is easy enough, but still necessary.
This is something I've never done, and it starts to get complicated:
~~~~~~~~~~~~ IP1 +---------+ IP? IP2 +-----------+
~~ Internet ~~----[ppp0]-| Primary |-[eth1]------[eth0]-| Secondary |
~~~~~~~~~~~~ +---------+ +-----------+
| 192.168.1.1
| [eth0]
|
+==============+ (You do have masq clients, right?
| Masq Clients | This is the masq list after all.)
+==============+
In this scenario I envision, the Primary box (masq box) has three
interfaces: ppp0, eth0, and eth1. You can assign IP1 to ppp0, that's
straightforward. IP2 would need to be assigned to the Secondary box's
ethernet interface. But what IP do you assign to eth1 on the Primary?
It needs to be on the same subnet as IP2... doesn't it? When you want
to tell the Secondary where to route its packets... what IP will you
direct them to?
This is a problem I could see myself getting into someday, the way I
keep adding machines; I'll probably get to a point where I want to add a
second IP, and this is the situation I'll face.
It could get even more complicated if instead you only had one ethernet
interface on the Primary. In that case, you'll have packets going over
the ethernet, both in the 192.168.1.* range, and also in the IP1/IP2
range. Hmm...
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Just about every computer on the market
sometimes known as David DeSimone || today runs Unix, except the Mac (and
http://www.dallas.net/~fox/ || nobody cares about it). -- Bill Joy '85
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES
UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
