[SOLVED] Re: Ubuntu Server with 2 NICs, help with routing
Roland Hill
roland.lists at hillnet.co.nz
Mon Mar 24 06:46:30 UTC 2014
On Sun, 23 Mar 2014 or thereabouts, Karl Auer came forth with:
> If you can get out from the server, but not from a host on the inside
> interface of the server, there are really only three possibilities:
>
> - the host is not actually connected to the same network as the inside
> interface of the server :-)
>
> - there is a routing problem
>
> - there is a packet filtering problem.
>
> The second is by far the likeliest. At this point I would suggest that
> you check the default router on the host. It needs to have a default
> route pointing at the server. The default router can be statically
> configured on each host, distributed as an option via DHCP, or
> distributed via a routing protocol. For dnsmasq, add something like this
> to your command line:
>
> --dhcp-option=option:router,192.168.0.1
Firstly, I made a minor error in describing my network addresses. The p3p1
interface IP is 192.168.0.10. That said I understand what you need me to
try.....
> Putting it all together:
>
> - the host needs a default route to get to the server:
>
> 0.0.0.0 -> 192.168.0.1
Correct. This is assigned by dnsmasq. I did use the option you noted
below, but had been commenting it out as the default route defaults to the
server in this configuration.
> - the server needs a default route to get to the router
>
> 0.0.0.0 -> 10.0.0.1
Correct. I defined the gateway on eth0 as 10.0.0.1 in
/etc/network/interfaces. Route command confirms this too.
> - the router needs a default route to get to the Internet
>
> 0.0.0.0 -> ISP
This is set in the ADSL route. Proof point I guess is that the server can
ping the outside world etc.
> If that doesn't work, report back :-)
It doesn't work :-(
BUT
If I add the following iptable rules it does:
# iptables --table nat --append POSTROUTING --out-interface eth0 -j
MASQUERADE
# iptables --append FORWARD --in-interface p3p3 -j ACCEPT
[first line is one line of course, being wrapped by my editor]
SUCESS AT LAST (sorry for shouting, but this had me beat).
Karl - what to do you think. Does this make sense to you?
Anyway, thanks for stepping me through this.
--
Regards,
Roland
PGP Key 0xDA39319B = BCF0 1214 BAE9 5A3D 46FC 21A6 360D 9398 DA39 319B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20140324/cfda0dd3/attachment.sig>
More information about the ubuntu-users
mailing list