Hi, a question about my network setup. This is what I have:
Cable modem | | Router (192.168.2.1) | | | | XP Box Linux Box (192.168.2.100) (192.168.2.101) | (via 2nd nic) | XP Laptop (192.168.2.100)
The router gets a dynamic IP from my ISP, the rest I've set up as static. Here's the relevant part of my rc.conf
lo="lo 127.0.0.1" eth0="eth0 192.168.2.101 netmask 255.255.255.0 broadcast 192.168.2.255" eth1="eth1 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255" INTERFACES=(lo eth0 eth1) gateway="default gw 192.168.2.1" loopback="-host 127.0.0.1 lo" ROUTES=(loopback gateway)
I'm also using Arno's Iptables firewall on the linux box and set that up to use NAT like so:
# LAN & NAT (masquerading) settings # ##################################### INT_IF="eth1" # Internal network interface or interfaces (multiple(!) interfaces should be # space seperated). Remark this if you don't have any internal network interfaces. INTERNAL_NET="192.168.1.0/24" # Your internal subnet which is connected to the internal interface (INT_IF. For # multiple interfaces(!) you can either specify multiple subnets here or specify one # big subnet for all internal interfaces. Note that packets from these subnets are always # accepted! NAT=1 # Enable this if you want to perform NAT for your internal network (LAN) # (eg. share your internet connection with your internal net(s) connected to INT_IF)
This is what ifconfig says:
eth0 Link encap:Ethernet HWaddr 00:02:44:67:B4:52 inet addr:192.168.2.101 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::202:44ff:fe67:b452/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:32482 errors:0 dropped:0 overruns:0 frame:0 TX packets:35442 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:13694057 (13.0 Mb) TX bytes:28225690 (26.9 Mb) Interrupt:3 Base address:0x4c00 eth1 Link encap:Ethernet HWaddr 00:10:4B:BB:8A:67 inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::210:4bff:febb:8a67/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:237 errors:0 dropped:0 overruns:0 frame:0 TX packets:10 errors:0 dropped:0 overruns:0 carrier:5 collisions:0 txqueuelen:1000 RX bytes:24667 (24.0 Kb) TX bytes:756 (756.0 b) Interrupt:10 Base address:0xdc00 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:14 errors:0 dropped:0 overruns:0 frame:0 TX packets:14 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1030 (1.0 Kb) TX bytes:1030 (1.0 Kb)
Now the problem is the connection to my laptop won't work. Is the problem in the firewall or is it in rc.conf?
(Sorry for all the config snippets...)
Sharp! But that's a typo sorry. The laptop should be 192.168.1.10
When connecting two network devices without a hub, you need a cross-over cable. Do you have a cross-over cable?
- Blaise Pascal
Yes I do.
When I ping the laptops ip it works (but I'm just pinging the nic right?) but from the laptops side there is nothing.
hcman, I think you're missing something.
Since your Linux box has 2 nics, it has to have 2 IPs (one for each interface)..
According to your ifconfig output, your NIC2 IP on the Linux Box is 192.168.1.100. Hmm.. now that I'm looking, I see that the typo consisted of 2 mistakes, a changed 2 into 1 and a remove of 1 zero. I'd like a second check to see if the Laptop's IP is not the same with the NIC2 IP of the Linux box. Could you please confirm that the Laptop's IP is 192.168.1.100?
If it IS 192.168.1.100, please change into something matching your Linux box NIC2 IP & MASK (that would be anything in 192.168.1.x, where x is different than 100)
Considering your last post, I have a vague feeling you were pinging NIC2 from your Linux box, not the laptop.
:: / my web presence
I think IceRAM is right. You can alternatively change your netmasks to 255.255.0.0 (but remember to change it on your other boxes too).
IceRam and lanrat, that is exactly what I did wrong (and I feel really dumb because of it).
It all works now so thank you very much!