On Fri, 26 Aug 2005, bernhard.d.rohrer at accenture.com wrote:
>> Which device is doing address translation ?
>> What are they configured to do address translation for ?
>> 192.168.0.0/16 IIRC
>>> If the router is doing NAT for 192.168.2.0/24 only those
>> machines in that network will route correctly.
>> this has worked before with that same router and I didn't change
> the config. All i changed was the linux box in between.
Is the Linux box doing NAT?
What is output of following commands on the Ubuntu box:
iptables -t nat -L
> I did a few dumps from the winbox:
>> this is what it looks like when it fails:
>> 23:40:06.999157 IP (tos 0x0, ttl 128, id 11368, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.1.90 > 188.8.131.52: IC
> MP echo request, id 1024, seq 26880, length 40
> 23:40:06.999700 IP (tos 0x0, ttl 63, id 14206, offset 0, flags [none], proto: ICMP (1), length: 56) 192.168.2.1 > 192.168.1.90: ICM
> P redirect 184.108.40.206 to host 220.127.116.11, length 36
What is 18.104.22.168? And why does your Ubuntu box think that
192.168.1.90 is able to reach it?
Let me guess, the ubuntu box has only one interface, right? That
won't work unless the windows machines also have an interface (or
alias interface) onto the same logical subnet as your DSL router (ie
Linux will not forward packets out the same interface the packet was
> and this is what it looks like when it works:
This is taken from where?
> 23:43:56.737755 arp who-has 192.168.2.100 tell 192.168.2.90
192.168.2.90? What's that? Your windows machine again, but with it's
> 23:43:56.737954 IP (tos 0x0, ttl 128, id 11505, offset 0, flags [none], proto: UDP (17), length: 60) 192.168.2.90.1245 > 192.168.2.1
Your windows machine is talking directly to your DSL router here for
> 23:43:56.880054 arp who-has 192.168.2.1 tell 192.168.2.90
> 23:43:56.880355 arp reply 192.168.2.1 is-at 00:04:e2:e0:c8:7d
ARP for your DSL router by 192.168.2.90. Which presumably is your
windows machine, but reconfigured from the settings you gave in your
previous mail - which you neglected to mention you had to do to get
it to work.
> 23:43:56.880363 IP (tos 0x0, ttl 128, id 11506, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.2.90 > 22.214.171.124: IC
192.168.2.90 sends and receives, presumably using 192.168.2.1 as its
gateway. Your ubuntu box is not involved.
> there is definitely something going wrong, but I dunno enough
> networkig to figure that one :(
Try anyone of the following:
- if your Ubuntu box has only one interface, then trying to setup a
'DMZ' is pointless. just put everything on 192.168.2/24 (which is
is the subnet your DSL router has an interface on)
- If ubuntu box has only one interface, buy a second NIC.
Connect the DSL router to it via a cross-over cable or a dedicated
- When you provide information, try not to neglect informing the
audience you changed a bunch of settings from those given
previously in collecting that information. This is not the psychics
> This message is for the designated recipient only and may contain
> privileged, proprietary, or otherwise private information. If you
> have received it in error, please notify the sender immediately and
> delete the original. Any other use of the email by you is
Please do not include such a stupid disclaimer in your emails.
I will be very tempted to interpret this literally in further emails
from you now that I've noticed it. Unless you make it very clear, at
the *top* of your email:
a) With specificity, who the designated recipient is *exactly*, if to
ILUG, please explicitly state the scope of this term.
b) A statement clarifying which, if any, information in the mail is
proprietary, privileged and/or otherwise private.
c) A statement clarifying the last clause does not apply.
Paul Jakma paul at clubi.iepaul at jakma.org Key ID: 64A2FF6A
The major sin is the sin of being born.
-- Samuel Beckett
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!