dear All,
I'm facing this routing problem, the setup is actualy part of ltsp, but
I think this problem is Centos-specific.
The server is a Dell Poweredge R210. The install is standard 6.4, updated.
I have one nic facing the public internet:
vi /etc/sysconfig/network-scripts/ifcfg-em1
DEVICE=em1
BOOTPROTO=none
HWADDR=d4:ae:52:c1:28:2b
NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
UUID="cdfe1d58-c56c-47fc-8a93-5df2e168d176"
IPV6INIT=no
USERCTL=no
DNS2=195.238.2.22
DNS1=192.168.66.1
IPADDR=192.168.66.5
NETMASK=255.255.255.128
GATEWAY=192.168.66.1
and one nic serving the lan and dhpcd.
vi /etc/sysconfig/network-scripts/ifcfg-em2
DEVICE=em2
BOOTPROTO=none
HWADDR=d4:ae:52:c1:28:2c
NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
UUID="e72a17b6-fb5f-43f0-9136-fa4d92b542ae"
IPADDR=192.168.70.129
NETMASK=255.255.255.128
IPV6INIT=no
USERCTL=no
in iptables, prerouting and masquerading are configured :
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*nat
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth+ -j MASQUERADE
-A POSTROUTING -o em2 -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth+ -j ACCEPT
-A INPUT -i em2 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -p icmp -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -i eth+ -j ACCEPT
-A FORWARD -i em2 -j ACCEPT
-A FORWARD -o eth+ -j ACCEPT
-A FORWARD -o em2 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
and in /etc/sysctl.conf
ipforwarding is set to 1
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
clients get ip adresses from dhcp server, and there's no other dhcp
server on the lan.
But clients cannot ping the public internet, e.g. 8.8.8.8
the only EM I'm seeing is when executing command :
[root@centoshofkwartier ~]# sysctl -p /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
error: "net.bridge.bridge-nf-call-iptables" is an unknown key
error: "net.bridge.bridge-nf-call-arptables" is an unknown key
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
I switched the cables and switches, and changed the connection with the
public internet.
Can anybody offer some advise on this?
Greetings, J.
--
Johan Vermeulen
IT-medewerker
Caw De Kempen
Opensource Software is the future.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
