Re: DSL & Dual NICs

Glen Lee Edwards Thu, 17 Aug 2000 23:42:54 -0700
Stephen,

I need to modify what I said to you.  For netmask, if you use 10.0.0.2 for
the ethernet connection pointing to the DSL router set your netmask to
255.0.0.0

For the LAN netmask, if you stick with the 192.168.X.X set it to
255.255.255.0

Whatever configuration you use, you can't use the same network addressing
scheme if you have 2 different cards in your box (unless you subnet, which
we won't get into).  Explanation to follow:

For example, on a class C network (192.168.X.X), your computer sees
192.168.1.X and 192.168.2.X as different "streets."  A computer on street
192.168.1.X can only speak directly with other computers on that street
(with the same network IP address of 192.168.1.X).  It can't speak
directly to a computer on 192.168.2.X, even if they're directly connected.

To communicate with a computer on a different network it has to
communicate through a router (network address translator and packet
forwarder).  For your setup to work you have to have the link to the
computers on the LAN set to one street, and the direct link from your
Linux box to the router has to be on a different street:
 _________                                  *
|         | eth0            LAN St.         *             WAN Ave.
|  PC 1   | 192.168.1.1     192.168.1       *             10.
|         | -------------)                  *
|_________|              |           Acts as a router                   
 _________               |               __________
|         | eth0         |        eth1  |          | eth0 -->    <-- eth0
|  PC 2   | 192.168.1.2  |     192.168.1.4 Linux  10.0.0.2--> <--10.0.0.1
|         | -------------0------------- | firewall | -------------<router>
|_________|              |              |__________|         static IP -->
 _________               |            packet forwarding       internet -->
|         | eth0         |            <-->   yes   <-->        wan0-0 -->
|  PC 3   | 192.168.1.3  |
|         | -------------)
|_________| 

On my Cisco 675 router the eth0 (LAN) side by default has its IP address
set to 10.0.0.1 (see above).  Consequently for my PC to be able to
communicate with it my eth0 card must be set to an address on that
"block."  10.0.0.2 works fine.  If I set it to 192.168.1.X or to my static
IP address then the two cards won't be able to communicate with each other
even though they're directly connected, because their addressing tells
the kernel that they're on different networks.

In the above example PCs 1,2,3 and the Linux computer can all communicate
because they're all on the 192.168.1.X block.  For PC 1 to communicate
with the Internet it must have the Linux box set as its gateway,
192.168.1.4.  Within the Linux box you must enable packet forwarding so
that packets sent from any PC on the LAN through the LAN default gateway
192.168.1.4 are then forwarded on to the WAN default gateway 10.0.0.1
through the other card in the Linux box 10.0.0.2.  And you must set up
routes to other networks, and the default gateway in the Linux box must be
set to the router's eth0 IP address, 10.0.0.1, not the wan0-0 IP address.  

Clear?

Glen



On Wed, 16 Aug 2000, Stephen E. Hargrove wrote:

>My server has two NICs, eth0 (192.168.1.1) and eth1 (192.168.1.10).
>eth0 connects to my private network and eth1 connects to the external
>DSL modem (Cayman 3220 DSL router).  The router acts as a firewall
>(which I hate but really can't do anything about).  The router is
>defined as 192.168.1.254, and has 4 ethernet connections on the front.
>If I plug directly into the router, I can access http://192.168.1.254
>from my browser and configure it.  However, I can't access it from any
>station on my network (i.e., from 192.168.1.1 or 192.168.1.6, etc.).
>When I attempt, it responds with the following error:
>
>A network error occurred:
>unable to connect to server (TCP Error: No route to host)
>The server may be down or unreachable
>
>I can't ping it or telnet to it, either.  So, I must have something
>wrong in my routing tables, right?  Here's my netstat -rn:
>
>Kernel IP routing table
>Destination     Gateway         Genmask         Flags   MSS Window  irtt
>Iface
>192.168.1.1     0.0.0.0         255.255.255.255 UH        0 0          0
>eth0
>192.168.1.10    0.0.0.0         255.255.255.255 UH        0 0          0
>eth1
>192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0
>eth0
>192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0
>eth1
>127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0
>lo
>0.0.0.0         192.168.1.254   0.0.0.0         UG        0 0          0
>eth1
>0.0.0.0         192.168.1.254   0.0.0.0         UG        0 0          0
>eth0
>
>I'm using IPMasquerade, and as far as that goes, everything seems to be
>working correctly (all PCs can access the 'net, etc.).
>
>Does anyone have any ideas on how I can go about accessing
>192.168.1.254?  I'm stumped.
>--
>Steve
>
>
>
>
>_______________________________________________
>Redhat-list mailing list
>[EMAIL PROTECTED]
>https://listman.redhat.com/mailman/listinfo/redhat-list
>



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
Re: DSL & Dual NICs

Reply via email to
