On Mon, 2003-02-17 at 18:21, Ric Tibbetts wrote: > > There is so many things wrong with this I don't know where to begin, but I'll try. See below. If I have misunderstood the setup I apologize.
> Yeah, I'm doing it at home too. That's why this one is bugging me so > bad. I thought at first maybe Redhat was blocking something by default > that I needed to turn on. > > In this case, there's no firewall (don't need one). So iptables is not > running. So that's out. > The nics both work, although only one has an address. > > So, what's different: > (pardon me while I think) > > #------ > At home: > > DSL into card one of the server. > Card two of server to switch > Firewall between the cards. > > All other clients plug into the switch. > > Both cards have an IP. The outer one has an official IP, the inner one > is of the 192.168.0.0 variety. > Both cards IPs are listed on the DNS server. > > All the clients are name served by the server. > All clients list the outer card as their gateway. > # --------- > k.. simple enough > > #--- > At the office > > e-net line from wall to card 1 > crossover cable from card 2 to machine two. (no hub, or switch). > > Card 1, and machine 2 both have registered IPs, served by company dns > service. Here is the first problem. machine 2 needs an ipaddress on the same subnet as the internal nic on machine 1 (192.168.0.0 variety :) The reason is that if you send a packet to the subnet of the nic the kernel will not send it to the router but simply dump it on the wire with the ipaddress of the final destination machine as the destination. For the sake of discussion I will assume the following setup: eth0 : 132.228.132.38 -------- outside network | machine1 | eth1:192.168.0.1 -----------eth0:132.228.132.200-machine 2 default gateway 132.228.132.38 Lets take the case of pinging machine 1's internal interface (192.168.0.1) from machine 2 (132.228.132.200) packet gets sent to the default gateway of machine 1 since that subnet is not known to machine 1. never makes it since the nic on that side is only accepting packets for the 192.168.0.0 network and the packet is sent to . 132.228.132.38. Times out on machine 1 pinging machine 1's external iface (132.228.132.38) from machine 2 packet gets sent straight on the wire since machine 2 thinks it is on the 132.228.132.38 subnet. Again the packet never gets accepted by machine 1 since the nic on that side is only accepting packets for the 192.168.0.0 network and the packet is sent to . 132.228.132.38. Times out on machine 1. pinging machine 2 from machine 1 packet destined for 132.228.132.38 is sent out the wire on eth0 wince that is the iface on that subnet. obviously never gets to machine 1 pinging www.yahoo.com (216.109.125.65) from machine 1 packet gets sent to default gateway 132.228.132.38. never makes it since the internal nic is listening on 192.* See the pattern? Two things need to occur for this to work. The nics that are attached to each other need to be on the same subnet. set eth0 on machine2 to 192.whatever. you will need to masquerade the internal net on machine 1 and yes you can use iptables for this. HtH Bret -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
