Routing from private to bridge

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Tom Gaudasinski <cetus@internode.on.net>
To: netfilter@lists.netfilter.org
Subject: Routing from private to bridge
Date: Sat, 22 Oct 2005 00:14:57 +0000	[thread overview]
Message-ID: <43598481.8040306@internode.on.net> (raw)

Greetings,
    I have a problem in regards to the routing i've set up. I have a 
public subnet bridged from my ISP(DSL), it's a full bridge. So in order 
to use this subnet i have created a bridge out of two eth interfaces so 
that i may also firewall what will be behind the router. In addition to 
this I have a private subnet (192.168.1.x) that I NAT to the public IP 
of the router. My setup looks like this:

          DSL Modem (in bridge mode)
                        |
                  / eth0 \
                  <br0> 120.40.60.194/29
                  \ eth1 /
                 /           \__ Publically addresses machines
             eth2       
       192.168.1.1___Privately NATted machines

So eth0 and eth1 are part of the bridge (which has 1 ip address), and 
eth2 has a private address. eth0 plugs directly into the dsl modem, eth1 
into a switch that contains publically addressed computers and eth2 
logically so as well. I've set the rules up so that the users behind 
eth2 get natted and the public users also get internet. This works, what 
doesn't work however is that the 192.168.1.x users cannot communicate 
with the publically addressed users through the router. Even when the 
firewall has been cleared out (of natting rules) they still cannot ping 
or communicate. It seems there's a different procedure for routing to a 
bridge. my route -n output is:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use 
Iface
120.40.60.192  0.0.0.0         255.255.255.248 U     0      0        0 br0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2
0.0.0.0         120.40.60.193  0.0.0.0         UG    0      0        0 br0

How can i get the private LAN users to route to the publically bridged 
subnet?

Thankyou.

next             reply	other threads:[~2005-10-22  0:14 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-10-22  0:14 Tom Gaudasinski [this message]
2005-10-22  2:21 ` Routing from private to bridge Rod
2005-10-22  9:07 ` George Alexandru Dragoi
2005-10-22 10:38 ` George Alexandru Dragoi
2005-10-24  8:09 ` Philip Craig

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=43598481.8040306@internode.on.net \
    --to=cetus@internode.on.net \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.