From mboxrd@z Thu Jan  1 00:00:00 1970
From: "M.F. PSIkappa" <psi@platon.atlantis.sk>
Date: Wed, 28 Mar 2001 08:14:14 +0000
Subject: [LARTC] Problem with routing,NAT and proxy arp
Message-Id: <marc-lartc-98576730303413@msgid-missing>
List-Id: <lartc.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

Hello,
I'd like to NATed some friends boxes into our network.

[ISP Router]---(Corp. LAN)---[[MY BOX with NAT]]-----(lan with friends)
1.1.1.1/24                     1.1.1.4/24 eth0           172.18.1.0/24
			     172.18.1.254/24 eth1

My seting:
I use kernel 2.4.2, iptables version 1.2

root@pokus:~# iptables -t nat -L -n               
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
DNAT       all  --  0.0.0.0/0            1.1.1.17     to:172.18.1.4 

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
SNAT       all  --  172.18.1.4           0.0.0.0/0    to:1.1.1.17 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination 

I add arp proxy on eth0 with
ip neigh add proxy 1.1.1.17 dev eth0
With command arp -a -n I see this arp proxy but with ip neigh show I don't
see this one.

I test connection with ping, in tcpdump output I see that 172.18.1.4 is
right NATed to 1.1.1.17 and icmp request go out to the Corp. LAN.
I think that something is wrong with proxy arp because ping from some box
on Corp. LAN don't reach 1.1.1.17

What's wrong on my setup ?

PSIkappa
psi@atlantis.sk


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/