Simulated NAT Traversal on Virtual Box | Two Virtual Interface - eth-0/eth1

Discussion in 'Linux Networking' started by Sumit, Jun 24, 2011.

  1. Sumit

    Sumit Guest

    I have installed virtual box ( with Two virtual Adapters(NAT-type)) -
    Host (Ubuntu -10.10) - Guest-Opensuse-11.4 .

    Objective : Trying to simulate all four types of NAT as defined here :

    https://wiki.asterisk.org/wiki/display/TOP/NAT+Traversal+Testing

    Simulating the various kinds of NATs can be done using Linux iptables.
    In these examples, eth0 is the private network and eth1 is the public
    network.

    Full-cone

    iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source <public ip
    goes here>
    iptables -t nat -A PREROUTING -i eth0 -j DNAT --to-destination
    <private ip goes here>

    Restricted cone

    iptables -t nat POSTROUTING -o eth1 -p tcp -j SNAT --to-source <public
    ip goes here>
    iptables -t nat POSTROUTING -o eth1 -p udp -j SNAT --to-source
    <public ip goes here>
    iptables -t nat PREROUTING -i eth1 -p tcp -j DNAT --to-destination
    <private ip goes here>
    iptables -t nat PREROUTING -i eth1 -p udp -j DNAT --to-destination
    <private ip goes here>
    iptables -A INPUT -i eth1 -p tcp -m state --state ESTABLISHED,RELATED -
    j ACCEPT
    iptables -A INPUT -i eth1 -p udp -m state --state ESTABLISHED,RELATED -
    j ACCEPT
    iptables -A INPUT -i eth1 -p tcp -m state --state NEW -j DROP
    iptables -A INPUT -i eth1 -p udp -m state --state NEW -j DROP

    Port-restricted cone

    iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source <public ip
    goes here>

    Symmentric

    echo "1" > /proc/sys/net/ipv4/ip_forward
    iptables --flush
    iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE --random
    iptables -A FORWARD -i eth1 -o eth0 -m state --state
    RELATED,ESTABLISHED -j ACCEPT
    iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT

    What I did : OpenSuse guest with Two Virtual adapters - eth0 and eth1

    -- eth1 with address 10.0.3.15 /eth1:1 as 10.0.3.16 -- eth0 with
    address 10.0.2.15

    now running stund(http://sourceforge.net/projects/stun/) client/
    server :
    Server

    [email protected]:~/sw/stun/stund> ./server -v -h 10.0.3.15 -a
    10.0.3.16
    Client

    [email protected]:~/sw/stun/stund> ./client -v 10.0.3.15 -i 10.0.2.15

    On all Four Cases It is giving same results :

    test I = 1 test II = 1 test III = 1 test I(2) = 1 is nat = 0 mapped IP
    same = 1 hairpin = 1 preserver port = 1 Primary: Open Return value is
    0x000001

    Q-1 :please let me know If any has ever done, It should behave like
    NAT as per description but nowhere it working as a NAT.

    Q-2: How NAT Implemented in Home routers (Usually Port Restricted),
    but those also pre-configured iptables rules and tuned Linux


    Q-3 : What is the Use of IP_Forwarding ? Is it required only when
    network have two interfaces ?

    Q-4: Is there any reasoning behind Virtual Interfaces ? that Ip -
    Tables doesn't recognize Virtual Interface ?
     
    Sumit, Jun 24, 2011
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.