[techtalk] ip masquerading
Brian Sweeney
bsweeney at imagedog.com
Mon Jan 22 10:23:02 EST 2001
I did check this out *BLUSH* but somehow missed the part in big letters that
says "YOU CAN'T DO THIS". ;) That's what I get for trying to troubleshoot
on too many work hours and too few sleep hours.
Thanks Marisa!
-Brian
-----Original Message-----
From: marisa mack [mailto:marisa at europa.com]
Sent: Friday, January 19, 2001 6:58 PM
To: Brian Sweeney
Cc: techtalk at linuxchix.org
Subject: Re: [techtalk] ip masquerading
hmmm, masquerading out an alias interface will not work, and is not
supported. have you looked at the linux ip masq howto? here's a copy:
http://www.linux.org/docs/ldp/howto/IP-Masquerade-HOWTO-7.html
hope this helps.
marisa
On Fri, Jan 19, 2001 at 01:27:13PM -0500, bsweeney sed:
> 'Lo all-
>
> I seem to be having some trouble using a virtual interface for an ip
> masquerading rule using ipchains in RHL6.2. here's the line:
>
> ipchains -A forward -i <public interface> -s 10.10.0.0/16 -j MASQ
>
> On the box, I've got 2 nics...eth0 and eth1. I've also got a virtual
> interface, eth0:1, bound to an IP in the same subnet (obviously) as eth0.
> When I specify eth0 in the above line for the public interface, everything
> works fine. But if I specify eth0:1, it simply ceases to even forward the
> packet, never mind masquerade it. A tcpdump of a ping from an internal
> client to an external client shows the request coming in on the internal
> interface, and nothing coming out on the external. Any ideas? The
virtual
> interface does seem to work in every other respect; I can ping it, ssh to
> it, etc.
--
"Physics is not a religion. If it were,
we'd have a much easier time raising money."
More information about the Techtalk
mailing list