Simulated NAT Traversal on Virtual Box | Two Virtual Interface - eth-0/eth1

Discussion in 'Linux Networking' started by Sumit, Jun 24, 2011.

  1. Sumit

    Sumit Guest

    I have installed virtual box ( with Two virtual Adapters(NAT-type)) -
    Host (Ubuntu -10.10) - Guest-Opensuse-11.4 .

    Objective : Trying to simulate all four types of NAT as defined here :

    https://wiki.asterisk.org/wiki/display/TOP/NAT+Traversal+Testing

    Simulating the various kinds of NATs can be done using Linux iptables.
    In these examples, eth0 is the private network and eth1 is the public
    network.

    Full-cone

    iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source <public ip
    goes here>
    iptables -t nat -A PREROUTING -i eth0 -j DNAT --to-destination
    <private ip goes here>

    Restricted cone

    iptables -t nat POSTROUTING -o eth1 -p tcp -j SNAT --to-source <public
    ip goes here>
    iptables -t nat POSTROUTING -o eth1 -p udp -j SNAT --to-source
    <public ip goes here>
    iptables -t nat PREROUTING -i eth1 -p tcp -j DNAT --to-destination
    <private ip goes here>
    iptables -t nat PREROUTING -i eth1 -p udp -j DNAT --to-destination
    <private ip goes here>
    iptables -A INPUT -i eth1 -p tcp -m state --state ESTABLISHED,RELATED -
    j ACCEPT
    iptables -A INPUT -i eth1 -p udp -m state --state ESTABLISHED,RELATED -
    j ACCEPT
    iptables -A INPUT -i eth1 -p tcp -m state --state NEW -j DROP
    iptables -A INPUT -i eth1 -p udp -m state --state NEW -j DROP

    Port-restricted cone

    iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source <public ip
    goes here>

    Symmentric

    echo "1" > /proc/sys/net/ipv4/ip_forward
    iptables --flush
    iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE --random
    iptables -A FORWARD -i eth1 -o eth0 -m state --state
    RELATED,ESTABLISHED -j ACCEPT
    iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT

    What I did : OpenSuse guest with Two Virtual adapters - eth0 and eth1

    -- eth1 with address 10.0.3.15 /eth1:1 as 10.0.3.16 -- eth0 with
    address 10.0.2.15

    now running stund(http://sourceforge.net/projects/stun/) client/
    server :
    Server

    [email protected]:~/sw/stun/stund> ./server -v -h 10.0.3.15 -a
    10.0.3.16
    Client

    [email protected]:~/sw/stun/stund> ./client -v 10.0.3.15 -i 10.0.2.15

    On all Four Cases It is giving same results :

    test I = 1 test II = 1 test III = 1 test I(2) = 1 is nat = 0 mapped IP
    same = 1 hairpin = 1 preserver port = 1 Primary: Open Return value is
    0x000001

    Q-1 :please let me know If any has ever done, It should behave like
    NAT as per description but nowhere it working as a NAT.

    Q-2: How NAT Implemented in Home routers (Usually Port Restricted),
    but those also pre-configured iptables rules and tuned Linux


    Q-3 : What is the Use of IP_Forwarding ? Is it required only when
    network have two interfaces ?

    Q-4: Is there any reasoning behind Virtual Interfaces ? that Ip -
    Tables doesn't recognize Virtual Interface ?
     
    Sumit, Jun 24, 2011
    #1

    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads

  1. MNF Ipsec Nat Traversal

  2. Nature Windows XP, Freeswan and NAT-Traversal

  3. NAT traversal

  4. two dsl connections, two routers, dual nics on linux box , want to run two websites

  5. route based on incoming eth out ppp - two eth / two ppp

  6. interface naming (eth[x], wlan[x], etc)

  7. One Linux box, two WAN interface...

  8. Getting/setting eth frame interface for raw socket

Loading...