Re: Getting DHCP, IP aliasing and IP forwarding to work together...

[Robert L Cochran <cochranb@xxxxxxxxxxxxx>]

Here is how I interpret your routing table:

1. "If a packet is not for the 192.168.1.0 network, send it to the DHCP 
server on 64.166.134.117."

Oops, that looks like a mistake? I think we found part of the issue here?

2. "Any packets not for 64.166.134.117, 192.168.10.1, 64.166.134.112, 
169.254.0.0, or 127.0.0.0, should be sent to 64.166.134.118 which is the 
internet."

Comments, anyone?

Now let's change the subject to the iptables rules. Can you post the 
forwarding and NAT rules you added to your iptables?

Bob


> which gives this routing table:
>
>    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
>    64.166.134.117  0.0.0.0         255.255.255.255 UH    0      0        0 eth0
>    192.168.10.1    0.0.0.0         255.255.255.255 UH    0      0        0 eth0
>    64.166.134.112  0.0.0.0         255.255.255.248 U     0      0        0 eth0
>    192.168.10.0    64.166.134.117  255.255.255.0   UG    0      0        0 eth0
>    169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
>    127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
>    0.0.0.0         64.166.134.118  0.0.0.0         UG    0      0        0 eth0




> The DHCP server's Ethernet network interface:
>
>    eth0      Link encap:Ethernet  HWaddr 00:E0:18:05:A9:68  
>              inet addr:64.166.134.117 Bcast:64.166.134.119  Mask:255.255.255.248
>              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>              RX packets:440089 errors:0 dropped:0 overruns:0 frame:0
>              TX packets:409012 errors:0 dropped:0 overruns:1 carrier:0
>              collisions:0 txqueuelen:100 
>              RX bytes:272871106 (260.2 Mb)  TX bytes:94124015 (89.7 Mb)
>              Interrupt:10 Base address:0xa800 Memory:ee800000-ee800038 
>
>    eth0:1    Link encap:Ethernet  HWaddr 00:E0:18:05:A9:68  
>              inet addr:192.168.10.1  Bcast:192.168.10.255  Mask:255.255.255.0
>              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>              RX packets:440089 errors:0 dropped:0 overruns:0 frame:0
>              TX packets:409012 errors:0 dropped:0 overruns:1 carrier:0
>              collisions:0 txqueuelen:100 
>              RX bytes:272871106 (260.2 Mb)  TX bytes:94124015 (89.7 Mb)
>              Interrupt:10 Base address:0xa800 Memory:ee800000-ee800038 
>
> and IP forwarding is turned on:
>
>    # sysctl net.ipv4.ip_forward
>    net.ipv4.ip_forward = 1
>
> DHCP is setup thusly (/etc/dhcpd.conf):
>
>    default-lease-time 600;
>    max-lease-time 7200;
>    option subnet-mask 255.255.255.0;
>    option broadcast-address 192.168.10.255;
>    option routers 192.168.10.1;
>    option domain-name-servers 64.166.134.117, 206.13.12.28, 206.13.31.12;
>    option domain-name "leonora.org";
>    ddns-update-style ad-hoc;
>
>    subnet 192.168.10.0 netmask 255.255.255.0 {
>       range 192.168.10.2 192.168.10.254;
>       host laptop1 {
>         hardware ethernet 00:0b:db:1b:ca:5a;
>         fixed-address 192.168.10.109;
>       }
>       host laptop2 {
>         hardware ethernet 00:10:a4:03:dc:45;
>         fixed-address 192.168.10.127;
>       }
>    }
>
> I've entered the necessary mumbo-jumbo for iptables to work with my new
> eth0:1 interface, but I get the same behavior (no access from laptops
> to the Internet) even if I turn iptables off.
>
> Concentrating on laptop1, the Linux laptop, for the moment... The last
> entry in laptop1's dhcp lease looks like this:
>
>    lease {
>      interface "eth0";
>      fixed-address 192.168.10.109;
>      option subnet-mask 255.255.255.0;
>      option routers 192.168.10.1;
>      option dhcp-lease-time 600;
>      option dhcp-message-type 5;
>      option domain-name-servers 64.166.134.117,206.13.12.28,206.13.31.12;
>      option dhcp-server-identifier 64.166.134.117;
>      option broadcast-address 192.168.10.255;
>      option domain-name "leonora.org";
>      renew 0 2003/11/9 19:22:16;
>      rebind 0 2003/11/9 19:26:27;
>      expire 0 2003/11/9 19:27:42;
>    }
>
> Its Ethernet interface is:
>
>    eth0      Link encap:Ethernet  HWaddr 00:0B:DB:1B:CA:5A  
>              inet addr:192.168.10.109  Bcast:192.168.10.255  Mask:255.255.255.0
>              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>              RX packets:128741 errors:0 dropped:0 overruns:0 frame:0
>              TX packets:228979 errors:0 dropped:0 overruns:0 carrier:2
>              collisions:0 txqueuelen:100 
>              RX bytes:10101993 (9.6 Mb)  TX bytes:287682017 (274.3 Mb)
>              Interrupt:10 Memory:e0100000-e0101080 
>
> and its routing table is:
>
>    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
>    192.168.10.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
>    169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
>    127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
>    0.0.0.0         192.168.10.1    0.0.0.0         UG    0      0        0 eth0
>
> Hmmm. no host entry, but adding one with
>
>    route add -host 192.168.10.109 eth0
>
> didn't change any behavior I could detect.
>
> So, everything looks OK to me and I've exhausted my knowledge. Any suggestions?
>
> --- Vladimir
>
> ------------------------------------------------------------------------
> Vladimir G. Ivanovic                        http://leonora.org/~vladimir
> 2770 Cowper St.                                         vladimir@xxxxxxx
> Palo Alto, CA 94306-2447                                 +1 650 678 8014

--
Bob Cochran
Greenbelt, Maryland, USA
http://greenbeltcomputer.biz/



--
Shrike-list mailing list
Shrike-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/shrike-list