Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Linux Networking > 3rd level of masquerade

Reply
Thread Tools Display Modes

3rd level of masquerade

 
 
Tomasz Olszewski
Guest
Posts: n/a

 
      03-30-2006, 10:20 AM
Hello!

I have a problem with setting up a 3rd level masquerade. According to my
knowlegde everything should be working fine already. Networks I'm
connected to, seem to look like this:

Internet <--> Net A <--> Net B <--> Net C.

"A" is beyond my administration. "B" is a small network inside my flat;
it's connected to "B" through a D-Link DI-604 router. Now I'd like to
set up a virtual network, inside my computer. This is "C". I'm using VDE
2.0 + TUN/TAP, running on my Ubuntu Breezy. To simulate another
computer, I'm running Qemu with another Breezy installation.

Everything seems to work (at least all those things that should work in
this case), as long as I keep masquerading OFF on my PC. Without
masquerading (but with ip_forward set to '1' and empty iptables rules)
the virtual PC is able to ping any machine, in any network mentioned
above (even the Internet). When sending a ping request to hosts in
network "A" or the Internet, I'm getting messages like 'Redirect
Host(New nexthop: ...)'. On the virtual installation I'm setting a
default gateway with the command:
route add default gw 192.168.3.1
(this is my own, "real" PC, which connects together networks 192.168.0
and 192.168.3).

I'm turning on masquerading using following command:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
I've also tried some other combinations, but none of them made any
difference. The result is that I can reach any machine in network "B"
(192.168.0). Packets seem to be translated correclty, everything looks
promising. Unfortunately every attempt to reach some farther host ends
without success. The lamp on the D-Link router signals a data transfer,
so I think packets are leaving my computer. Pings don't come back,
there's no other way to connect to a distant machine. I though that
maybe gateway in network "A" throws away packets with TTL less than some
value, but making TTL greater didn't help either.

I don't have any fancy configuration on my PC. There are only 3 network
interfaces: lo, eth0 and tap0.

I'm out of ideas
 
Reply With Quote
 
 
 
Reply

« IPW2200 doesn't work - make from sources problems | Network IP address won't change on Redhat 9! »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
ip masquerade diagram annalissa Linux Networking 1 02-22-2009 04:29 PM
network actual bitrate (application level, tcp packet level) nirnimesh@gmail.com Linux Networking 1 01-24-2005 11:24 PM
iptables + masquerade + nat John Linux Networking 2 08-08-2004 02:51 AM
Firewalling at the domain users level instead of network level Santos Linux Networking 1 07-18-2004 02:16 PM
Re: ip-masquerade and MS Netmeeting Rich Piotrowski Linux Networking 0 07-05-2003 10:17 PM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11