I have just resolved that checksum issue; but I have another one now... A very complicated and usual type of NAT has to be established between two networks, here are the details; These are the interfaces and information about them eth0 - This interface has the IP address of 10.10.4.5 with gateway 10.10.4.1 eth1 - This interface has the address of 2.2.2.1 and is a NAT gateway itself which is connected to a single machine with IP 2.2.2.5 eth2 - This interface has the address of 10.0.0.2 and connects to a private LAN I wish to do the following operation with these three interfaces; - [any] request from outside to eth0's local IP number 10.10.4.5 must first be redirected to 2.2.2.5 [that machine connected to eth1] - The machine [2.2.2.5] that gets redirected packets from 10.10.4.5 must send them back 10.10.4.5** !! But this 10.10.4.5 is a different host, not the local IP number assigned eth0. This causes all the problem in this scheme now... To simplify the issue I could explain the following; Consider that there is machine with two ethernet ports: - 1st Ethernet port has an address assigned as 10.10.4.5 - 2nd Ethernet port has an address assigned as 10.0.0.2 These two networks are not in the same subnet physically, they are separate networks: In the subnet to which the 2nd ethernet port is connected, there is a host whose address is the same as 10.10.4.5, and this address of this host must not be changed. So there are two networks, and two different hosts on both with the same address. What can I do to resolve the issue without changing the IP addresses. (Indeed if I change the addresses it would be very easy, but it will not be convenient for our current network. We are just trying to connect one network to the other through two hosts that have the same IP address. Any urgent help would be greatly appreciated... -----Original Message----- From: asterr [mailto:asterr@pobox.com] Sent: Monday, August 23, 2004 2:33 AM To: Josan Kadett Cc: linux-admin@vger.kernel.org Subject: Re: Turning off TCP and UDP checksum in kernel level Rather than modify the TCP stack, you might want to look at setting up a NAT translation on the linux box. See iptables for details. I haven't thought this all the way through, but you problaby want some rules like: src: 192.168.1.1, dst: $LINUX_IP_ADDRESS, port: any, state: any translates to: src: 192.168.77.1, dst: $LINUX_IP_ADDRESS, port: orig, state: orig -Aaron - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
