Hi Erik, I managed to get it to work after setting DNAT/SNAT rules for each hop in my 3-node setup. Thanks a lot for all your help and support. Best, Danushka On Wed, Dec 2, 2015 at 1:04 PM, Danushka Menikkumbura <danushka.menikkumbura@xxxxxxxxx> wrote: > Hi Erik, > > Thanks a lot for the tips. I managed to configure my kernel build to > include all the required modules and now I don't see the error. > > Anyway I still cannot get my client (192.168.0.107) to talk to the > server (192.168.0.106) through the router (192.168.0.103). I used the > following commands on the router node to add DNAT and SNAT rules. > > sudo iptables -t nat -A PREROUTING -d 192.168.0.103 -j DNAT > --to-destination 192.168.0.106 > sudo iptables -t nat -A POSTROUTING -s 192.168.0.106 -j SNAT > --to-source 192.168.0.103 > > Also when I ping 192.168.0.103 (router) from 192.168.0.107 (client) I > see that the packets are actually coming from 192.168.0.106 (server). > > PING 192.168.0.103 (192.168.0.103) 56(84) bytes of data. > 64 bytes from 192.168.0.106: icmp_seq=1 ttl=64 time=0.816 ms > 64 bytes from 192.168.0.106: icmp_seq=2 ttl=64 time=0.616 ms > 64 bytes from 192.168.0.106: icmp_seq=3 ttl=64 time=0.465 ms > > It looks to me that SNAT is not working properly?. Do you see > something wrong with what I have done?. > > Thanks and Regards, > Danushka > > On Wed, Dec 2, 2015 at 3:22 AM, Erik Auerswald > <auerswal@xxxxxxxxxxxxxxxxx> wrote: >> Hello Danushka, >> >> On Tue, Dec 01, 2015 at 03:29:33PM -0500, Danushka Menikkumbura wrote: >>> Hi Erik, >>> >>> I am happy to look into the network namespace-based approach that you >>> have mentioned but before that I tried to use DNAT on my Linux box but >>> ended up having the following error. >>> >>> iptables v1.4.21: can't initialize iptables table `nat': Table does >>> not exist (do you need to insmod?) >> >> That error message hints at a missing module. On my Ubuntu system with NAT >> I have the following related modules loaded: >> >> iptable_nat >> nf_nat >> nf_conntrack_ipv4 >> nf_conntrack >> nf_defrag_ipv4 >> iptable_filter >> ip_tables >> x_tables >> >>> Perhaps iptables or your kernel needs to be upgraded. >>> >>> Please note that I used a kernel source version (3.19.8-ckt5+) to >>> compile and install iptables module using "menuconfig" (Networking >>> support > Networking options > Network packet filtering framework >>> (Netfilter) > IP: Netfilter Configuration > IP tables support >>> (required for filtering/masq/NAT)). >>> >>> Could you shed some light on this please? >> >> If you are compiling your own kernel, be sure to include all features you >> need. I'd advise to use distribution kernels unless you know how to >> configure a kernel to fit your needs. >> >> Best regards, >> Erik >> -- >> I think of math as a splendid way to learn to think straight. >> -- Bjarne Stroustrup -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
