ip masq w/pppoe

[bedrock]

im trying to setup my internal network with my adsl connection. i have the pppoe working, and internet access is find on the linux box. my internal network is not working however. im running the same firewall script i ran with cable connection, but the internal machines arent getting an ip. they are set statically 192.168.10.2/16 with a gateway 192.168.10.1. everything looks good from all i can see, and im pretty baffled as to why the machines arent connected.


netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
xxx.137.65.1 0.0.0.0 255.255.255.255 UH 40 0 0 ppp0
192.168.10.0 0.0.0.0 255.255.255.0 U 40 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 lo
0.0.0.0 xxx.137.65.1 0.0.0.0 UG 40 0 0 ppp0

##################################
iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level warning

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

############################
ping 192.168.10.2
PING 192.168.10.2 (192.168.10.2) from 192.168.10.1 : 56(84) bytes of data.
From 192.168.10.1 icmp_seq=1 Destination Host Unreachable
From 192.168.10.1 icmp_seq=2 Destination Host Unreachable
From 192.168.10.1 icmp_seq=3 Destination Host Unreachable

--- 192.168.10.2 ping statistics ---
5 packets transmitted, 0 received, +3 errors, 100% loss, time 4001ms
, pipe 3

###################################

pings from the winX machines behind the linux machine to the gateway timeout. switch lights are on and blink when i ping the computers, so im really getting pissed with this one. could someone please help me find what im missing?

what we see depends mainly on what we're looking for.
--John Lubbock

 

[Morsing]

Things that confuse me a bit:

You windows netmask is incorrect. Don't know how much that matters.

You're pinging 192.168.0.2 and not 1?? What's the ifconfig output on both computers??

Cheers

Henrik Morsing
Certified AIX 4.3 Systems Administration
& p690 Technical Support

 

[KermitJunior]

bedrock,

I've been trying for a week to get an outside connection to come in over my PPPoE. I had a local guru say that he didn't think it could really be done without some serious hoop-jumping.
It seems that on PPPoE, you're machine is a dedicated network unto itself. You are, in essence, 255.255.255.255, which leaves no room for any other network connection, or somehting close to that.
I've ordered cable modem. I had Apache and several other services running and no matter what I did, I couldn't access them from outside my network with incoming. Internally, it was great, but we VNC'd an outside box and couldn't connect.

Post if you do solve the program, and good luck!
KJ

 

[bedrock]

thanks for your replies.

morsing:
which netmask are you referring to? i thought 255.255.255.0 was correct for 192.168.10.1. i would guess that matters a great deal if it is not correct. also, all the output i posted was from the machine doing the masquerading (rh). this is why the ping is to 192.168.10.2, because it is going server->client. but client->server also fails, i just didnt post the output because i wasnt on that machine. i will post ifconfig output shortly, i am away from home right now.

kermitjunior:
im not really trying to get any connections incoming on the local subnet, i really just want the outgoing connections masqueraded, which i had working a week ago. the power went out briefly, and reset my modem, which is why im having problems now. i had to undo/redo some settings on the linux machine to get the modem setup correctly and pppoe working, and now the firewalling is broken.
in response to your post though, why wouldnt normal port-forwarding work? i was under the impression that once you had the incoming connection up, you could use iptables to forward that connection on regardless.

what we see depends mainly on what we're looking for.
--John Lubbock

 

[bedrock]

output of ifconfig -a:
eth0 Link encap:Ethernet HWaddr 00:02:2A5:CA:29
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:22378 errors:0 dropped:0 overruns:0 frame:0
TX packets:10404 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:5637520 (5.3 Mb) TX bytes:2382349 (2.2 Mb)
Interrupt:9 Base address:0x5b00

eth1 Link encap:Ethernet HWaddr 00:50:BF:1E:ED:A8
inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:62 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:2604 (2.5 Kb)
Interrupt:10 Base address:0x8c00

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:95 errors:0 dropped:0 overruns:0 frame:0
TX packets:95 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:7968 (7.7 Kb) TX bytes:7968 (7.7 Kb)

ppp0 Link encapoint-to-Point Protocol
inet addr:216.137.65.44 P-t-P:216.137.65.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:5600 errors:0 dropped:0 overruns:0 frame:0
TX packets:6458 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:3556742 (3.3 Mb) TX bytes:2003137 (1.9 Mb)

what we see depends mainly on what we're looking for.
--John Lubbock

 

[bedrock]

ok, i think ive located the problem. pppoe sets itself as the gateway device, but when i had masquerading working before i had to set eth1 as a gateway device for the internal machines to use. so with ppp0 set as the gateway, the internal network has no gateway to send requests to, and with eth1 set as the gateway, all external requests have no where to go. how can i get around this?

what we see depends mainly on what we're looking for.
--John Lubbock