[techtalk] ip masquerading

marisa mack marisa at europa.com
Fri Jan 19 16:57:53 EST 2001

hmmm, masquerading out an alias interface will not work, and is not
supported. have you looked at the linux ip masq howto? here's a copy:


hope this helps.


On Fri, Jan 19, 2001 at 01:27:13PM -0500, bsweeney sed:
> 'Lo all-
> I seem to be having some trouble using a virtual interface for an ip
> masquerading rule using ipchains in RHL6.2.  here's the line:
> ipchains -A forward -i <public interface> -s -j MASQ
> On the box, I've got 2 nics...eth0 and eth1.  I've also got a virtual
> interface, eth0:1, bound to an IP in the same subnet (obviously) as eth0.
> When I specify eth0 in the above line for the public interface, everything
> works fine.  But if I specify eth0:1, it simply ceases to even forward the
> packet, never mind masquerade it.  A tcpdump of a ping from an internal
> client to an external client shows the request coming in on the internal
> interface, and nothing coming out on the external.  Any ideas?  The virtual
> interface does seem to work in every other respect; I can ping it, ssh to
> it, etc.


"Physics is not a religion. If it were,
we'd have a much easier time raising money."

More information about the Techtalk mailing list