RE: [BAWUG] How to ? Will this work

Thu, 27 Jun 2002 10:37:48 -0700 

On Wed, 2002-06-26 at 10:46, Enrique LaRoche wrote:
> 
> like you said
> 
> Your diagram isn't clear to me. Do you mean:
>  PubIP  DHCPSERV PrivIP
> DSL --- router --- switch
>                   /  \ \ \
>                  /    \ \ \
>   (DHCPCLIENT)  /      \ \ \
>  (DHCPSERV)  router      LAN
>                 |
>               WAP11

Yes, that's what I mean.

> I am not able to ping the first router or any machine on the wired side.

You should be able to, by NATing through the second router. The only
reasons I can think of that you couldn't is because:

   a) You have locked down the second router to only allow traffic to
      destination IPs not in RFC1918 space. This would be a fairly
      secure config.

   b) You have blocked ICMP echo request or ICMP echo reply.

   c) Broken NAT implementation

   d) Misconfiguration

> 
> I understandthe principle of the NAT type router is the 192.xx.xx.xx address
> are NON routable.

First off, it's 192.168.x.x ('192.168.0.0/16'), not 192.x.x.x
('192.0.0.0/8'). Please beware of that, as there are perfectly valid
hosts in the much larger 192/8 block. Example: 192.52.71.4

Second, the only special thing about 192.168/16 is that it is not routed
across the internet (at least its not supposed to be. It has been on
many occaisions). Your pair of routers will happily route it to each
other.

> If I am on a different non routable IP on the wireless side, how can I get
> to the non routable addresses on the lan side?

Basicly, it'll look something like this. First, a diagram (hope you can
understand this one....)

          router1 (external: internet; internal: 192.168.0.1)
            |
          switch ---- pc (192.168.0.3)
            |
          router2 (external: 192.168.0.2; internal: 192.168.1.1)
            |
          WAP11 
            |
     wireless client 192.168.1.2

Wireless client sends ping to 192.168.0.3.
  Checks routing table: Send through gateway 192.168.1.1
    Checks ARP table; finds no translation
      Sends ARP for 192.168.1.1
  Sends ICMP packet with IP destination of 192.168.0.3; ethernet
  destination of router2

Router2 receives packet.
  Checks routing table: Send to directly attached external machine
    Performs NAT; sets source IP address to 192.168.0.2 [router2 ext.]
    Checks ARP table
      Sends ARP for 192.168.0.3
  Send out the packet

PC received the packet
  Generate ICMP response
    Sends response
      Checks routing table for 192.168.0.2
      Checks ARP table; does any needed ARPing

Router2 received the response packet
  Checks NAT table
    Find entry; sets destination to 192.168.1.2
      Checks routing table
        Checks ARP tabe; performs ARP if needed
  Sends packet

wireless client receives packet.

Thus concludes a long explanation of how things work.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to