Why not just correct the route so that all incoming traffic goes to the
Linux box and all 'internal' traffic does also? The gateway for entry
in the route table of the workstations using the Linux box, along with
the gateway entry of the incoming traffic should take care of this.
Thomas Hutton
> -----Original Message-----
> From: Fuzzy Fox [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, December 02, 1998 7:01 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [masq] A little problem with masquerading
>
> Brian M Dial <[EMAIL PROTECTED]> wrote:
> >
> > This may sound odd and impracticle, but it's at a remote site that I
> > won't get to to change for a while so please don't respond with "hay
> > dummie, that's a lame setup"
>
> Odd and impractical only begin to describe it. It's downright
> bizarre.
> No wonder your Linux box is confused.
>
> > So basically it's masquerading for machines that have real IPs.
>
> There's no reason to do masquerading from that subnet, because the
> machines can reach the net without the masq box's help at all. In
> fact,
> I am rather certain that they are indeed doing so. I don't think your
> masquerade is working at all, in fact. The reason that you are able
> to
> connect to the net is because the machines can reach the net without
> the
> masq box's help.
>
> > However, whenever one of the NT machines goes to a website for the
> > *first* time they get an error in their browser that the remote
> server
> > reset the connection. Then, if they reload the page it reloads
> fine.
> > anytime they go back to that site it loads fine too. But as soon as
> > they go to a page that they've never been to before, it resets the
> > connection for the first visit to the page.
>
> I believe that what's happening is that the NT box attempts to connect
> through the masq box, and the masq box, detecting that the forwarding
> attempt is bogus (forwarding from the net back to the same net it came
> from), it sends an ICMP Redirect back to the NT box, and the NT box
> adds
> an entry to its route table, pointing to the proper gateway. Then,
> the
> next time you attempt the connection, the new route will point the NT
> box to the real gateway, bypassing the masq box entirely. Check your
> route table on the NT box, after a few connection attempts, and see if
> this is the case. I think you will see static routes added for every
> site you try to visit.
>
> > I'm almost positive this has something to do with the wierd
> > masquerading situation that I can only attest to not being the one
> > that set it up.
>
> It sounds to me like you can turn off the masq box and point the NT
> boxes to the real default gateway, and everything will work just fine.
>
> --
> [EMAIL PROTECTED] (Fuzzy Fox) || "Nothing takes the taste out of
> peanut
> sometimes known as David DeSimone || butter quite like unrequited
> love."
> http://www.dallas.net/~fox/ || -- Charlie
> Brown
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> For daily digest info, email [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
