[techtalk] ip masquerading

Brian Sweeney bsweeney at imagedog.com
Mon Jan 22 10:23:02 EST 2001

I did check this out *BLUSH* but somehow missed the part in big letters that
says "YOU CAN'T DO THIS". ;)  That's what I get for trying to troubleshoot
on too many work hours and too few sleep hours.

Thanks Marisa!


-----Original Message-----
From: marisa mack [mailto:marisa at europa.com]
Sent: Friday, January 19, 2001 6:58 PM
To: Brian Sweeney
Cc: techtalk at linuxchix.org
Subject: Re: [techtalk] ip masquerading

hmmm, masquerading out an alias interface will not work, and is not
supported. have you looked at the linux ip masq howto? here's a copy:


hope this helps.


On Fri, Jan 19, 2001 at 01:27:13PM -0500, bsweeney sed:
> 'Lo all-
> I seem to be having some trouble using a virtual interface for an ip
> masquerading rule using ipchains in RHL6.2.  here's the line:
> ipchains -A forward -i <public interface> -s -j MASQ
> On the box, I've got 2 nics...eth0 and eth1.  I've also got a virtual
> interface, eth0:1, bound to an IP in the same subnet (obviously) as eth0.
> When I specify eth0 in the above line for the public interface, everything
> works fine.  But if I specify eth0:1, it simply ceases to even forward the
> packet, never mind masquerade it.  A tcpdump of a ping from an internal
> client to an external client shows the request coming in on the internal
> interface, and nothing coming out on the external.  Any ideas?  The
> interface does seem to work in every other respect; I can ping it, ssh to
> it, etc.


"Physics is not a religion. If it were,
we'd have a much easier time raising money."

More information about the Techtalk mailing list