[WBEL-users] how to use two networks
Kirby C. Bohling
kbohling at birddog.com
Sat Jul 2 11:03:35 CDT 2005
On Sat, Jul 02, 2005 at 02:08:55PM +0200, Bikerepairman - wrote:
> Hi all,
>
> I'm fairly new to linux to start with. I encounter a small
> problem. My computer has two networkcards.(1 on board and one
> PCI) I reside on a privete wifi network wich provide internet for
> me. Call that net A They granted me six fixed IP aresses
> 192.168.200.140-145 subnet 255.255.255.0 I have four adreses in
> use at the moment and everything functions fine. gateway
> 192.168.200.2, dns 192.168.200.1 and .2
>
> However, I want to put my two servers on the other network card
> (let's say net B) net B is in the IP range 192.168.210.x on subnet
> 255.255.255.0 still no problem here.
>
> Now I want my servers to access the internet for updates. I can't
> get them to connect to the internet. the computer/workstation who
> is bridge, has the IP of 192.168.200.140+192.168.210.1 Who is
> able/willing to help me with this and if possible with a step by
> step how to do. thanks in advance.
You mention having two servers. You do realize that unless your ISP
has done something special they won't be via the public internet.
(e.g. you can't host a website off them). I'm just checking to see
if they are local network server, or if they are servers you expect
to be accessable via the Internet. A lot of ISP's use that
192.168.0.0 or the 10.0.0.0 networks on their private networks and
then translate those to a public IP range just before they go onto
the public Internet.
Did you just randomly pick "192.168.210.X", or did the ISP assign
those addresses to you? If you just picked them randomly, the
concept you want to look into is Masquarading or NAT. If they
didn't assign those addresses to you, packets that leave your
network w/ 192.168.210.X will never be answered, as your ISP isn't
configured to send repsonse packets down the wire back to you.
If that is what is going on, please go read up here:
http://www.netfilter.org/documentation/HOWTO/NAT-HOWTO.html
If you want those machines to be publically accessible (assuming the
ISP did their part), you'll want to use SNAT and DNAT. Otherwise,
MASQ is probably good enough.
My guess is that the line you really need is one of these two
commands to be run on the router:
iptables -t nat -A POSTROUTING -src 192.168.210/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -src 192.168.210.0/24 -o eth0 --to-source 192.168.200.140 -j SNAT
Then run this command:
echo 1 > /proc/sys/net/ipv4/ip_forward
In order to save those commands so they'll get done every time at
boot up, is to use "service iptables save", and edit
/etc/sysctl.conf and add a line like this:
net.ipv4.ip_forward=1
Thanks,
Kirby
More information about the Whitebox-users
mailing list