[SOLVED] Re: Ubuntu Server with 2 NICs, help with routing

Roland Hill roland.lists at hillnet.co.nz
Mon Mar 24 06:46:30 UTC 2014 

On Sun, 23 Mar 2014 or thereabouts, Karl Auer came forth with:

> If you can get out from the server, but not from a host on the inside
> interface of the server, there are really only three possibilities:
> 
> - the host is not actually connected to the same network as the inside
> interface of the server :-)
> 
> - there is a routing problem
> 
> - there is a packet filtering problem.
> 
> The second is by far the likeliest. At this point I would suggest that
> you check the default router on the host. It needs to have a default
> route pointing at the server. The default router can be statically
> configured on each host, distributed as an option via DHCP, or
> distributed via a routing protocol. For dnsmasq, add something like this
> to your command line:
> 
>    --dhcp-option=option:router,192.168.0.1

Firstly, I made a minor error in describing my network addresses. The p3p1
interface IP is 192.168.0.10. That said I understand what you need me to
try.....

> Putting it all together:
> 
> - the host needs a default route to get to the server:
> 
>     0.0.0.0 -> 192.168.0.1

Correct. This is assigned by dnsmasq. I did use the option you noted
below, but had been commenting it out as the default route defaults to the
server in this configuration.

> - the server needs a default route to get to the router
> 
>     0.0.0.0 -> 10.0.0.1

Correct. I defined the gateway on eth0 as 10.0.0.1 in
/etc/network/interfaces. Route command confirms this too.

> - the router needs a default route to get to the Internet
> 
>    0.0.0.0 -> ISP

This is set in the ADSL route. Proof point I guess is that the server can
ping the outside world etc.

> If that doesn't work, report back :-)

It doesn't work :-(

BUT

If I add the following iptable rules it does:

# iptables --table nat --append POSTROUTING --out-interface eth0 -j
MASQUERADE
# iptables --append FORWARD --in-interface p3p3 -j ACCEPT

[first line is one line of course, being wrapped by my editor]

SUCESS AT LAST (sorry for shouting, but this had me beat).

Karl - what to do you think. Does this make sense to you?

Anyway, thanks for stepping me through this.

-- 
Regards,

Roland

PGP Key 0xDA39319B = BCF0 1214 BAE9 5A3D 46FC 21A6 360D 9398 DA39 319B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20140324/cfda0dd3/attachment.sig>

More information about the ubuntu-users mailing list