Multihomed Problem

Multihomed Problem

[Jack Lauman]

I have a multihomed linux box set up as follows:

eth0: 192.168.100.1
eth1: 192.168.1.1

I need to be able to print from a workstation at 192.168.100.2 to a 
Xerox workstation at 192.168.1.30

How can I make this work?

Thanks

Jack

Re: Multihomed Problem

[Grant Taylor]

On 12/11/07 15:24, Jack Lauman wrote:
> I have a multihomed linux box set up as follows:
> 
> eth0: 192.168.100.1
> eth1: 192.168.1.1
> 
> I need to be able to print from a workstation at 192.168.100.2 to a 
> Xerox workstation at 192.168.1.30

Ok...

> How can I make this work?

Seeing as how (I'm betting) you can not set up routing on the Xerox, you 
will probably need to NAT the traffic from the 192.168.100.x network to 
appear as if it is from 192.168.1.1.  This way when any system on the 
192.168.100.x network tries to talk to the Xerox, it will think that 
192.168.1.1 is talking to it and thus be able to reply back.



Grant. . . .

Re: Multihomed Problem

[Matt Zagrabelny]

[-- Attachment #1: Type: text/plain, Size: 1359 bytes --]


On Tue, 2007-12-11 at 16:04 -0600, Grant Taylor wrote:
> On 12/11/07 15:24, Jack Lauman wrote:
> > I have a multihomed linux box set up as follows:
> > 
> > eth0: 192.168.100.1
> > eth1: 192.168.1.1
> > 
> > I need to be able to print from a workstation at 192.168.100.2 to a 
> > Xerox workstation at 192.168.1.30
> 
> Ok...
> 
> > How can I make this work?
> 
> Seeing as how (I'm betting) you can not set up routing on the Xerox, you 
> will probably need to NAT the traffic from the 192.168.100.x network to 
> appear as if it is from 192.168.1.1.  This way when any system on the 
> 192.168.100.x network tries to talk to the Xerox, it will think that 
> 192.168.1.1 is talking to it and thus be able to reply back.

You wouldn't need to set up NAT if both IPs on the gnu/linux box are the
gateways for the respective networks. Just enable forwarding:

echo 1 > /proc/sys/net/ipv4/ip_forward

No NAT required, the linux box is aware of the subnets and will pass
traffic happily between them.

-- 
Matt Zagrabelny - mzagrabe@d.umn.edu - (218) 726 8844
University of Minnesota Duluth
Information Technology Systems & Services
PGP key 1024D/84E22DA2 2005-11-07
Fingerprint: 78F9 18B3 EF58 56F5 FC85  C5CA 53E7 887F 84E2 2DA2

He is not a fool who gives up what he cannot keep to gain what he cannot
lose.
-Jim Elliot

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: Multihomed Problem

[Grant Taylor]

On 12/11/07 16:30, Matt Zagrabelny wrote:
> You wouldn't need to set up NAT if both IPs on the gnu/linux box are 
> the gateways for the respective networks. Just enable forwarding:

Agreed.  I answered the question as if the multihomed system was not the 
router.

If the multihomed system is the router or if the router knows about all 
subnets, direct routing (not NATing) would probably be the better approach.

> No NAT required, the linux box is aware of the subnets and will pass 
> traffic happily between them.

So long as firewalling is not in the say, yes.




Grant. . . .

Re: Multihomed Problem

[Jack Lauman]

Hi,

IP forwarding is turned on.  I've tried several different routing 
statements but none seemed to work.

What's the correct procedure to do this?

Thanks,

Jack

Grant Taylor wrote:
> On 12/11/07 16:30, Matt Zagrabelny wrote:
>> You wouldn't need to set up NAT if both IPs on the gnu/linux box are 
>> the gateways for the respective networks. Just enable forwarding:
> 
> Agreed.  I answered the question as if the multihomed system was not the 
> router.
> 
> If the multihomed system is the router or if the router knows about all 
> subnets, direct routing (not NATing) would probably be the better approach.
> 
>> No NAT required, the linux box is aware of the subnets and will pass 
>> traffic happily between them.
> 
> So long as firewalling is not in the say, yes.
> 
> 
> 
> 
> Grant. . . .
> -
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 

Re: Multihomed Problem

[Matt Zagrabelny]

[-- Attachment #1: Type: text/plain, Size: 1193 bytes --]


On Wed, 2007-12-12 at 11:09 -0800, Jack Lauman wrote:
> Hi,
> 
> IP forwarding is turned on.  I've tried several different routing 
> statements but none seemed to work.
> 
> What's the correct procedure to do this?

What is the correct procedure to do what? You just said that IP
forwarding is turned on. Is it?

cat /proc/sys/net/ipv4/ip_forward

You aren't giving the list much to work with. Maybe give us the output
of 'route -n' for each host that is involved plus a diagram of your
network.

Also,

You said that you want to print. Have you checked to make sure the
network is working, ie. ping, nmap, and that there isn't just a problem
with your application?

Maybe do some tcpdump'ing on the linux box. Also, you could do some
logging within iptables.

Lastly, you should be posting inline and not top-posting.

Cheers,

-- 
Matt Zagrabelny - mzagrabe@d.umn.edu - (218) 726 8844
University of Minnesota Duluth
Information Technology Systems & Services
PGP key 1024D/84E22DA2 2005-11-07
Fingerprint: 78F9 18B3 EF58 56F5 FC85  C5CA 53E7 887F 84E2 2DA2

He is not a fool who gives up what he cannot keep to gain what he cannot
lose.
-Jim Elliot

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: Multihomed Problem

[Grant Taylor]

On 12/12/2007 1:09 PM, Jack Lauman wrote:
> IP forwarding is turned on.  I've tried several different routing 
> statements but none seemed to work.

Ok, we are going to need some more information.

> What's the correct procedure to do this?

Will you please clarify what your network setup is?  I'm presuming the 
following:

(Middle) Linux is the common default gateway:

+------------+   +-----------------+   +-------------+
| Xerox 1.30 +---+ 1.1 Linux 100.1 +---+ 100.2 Linux |
+------------+   +-----------------+   +-------------+

Is the middle Linux system the default gateway / router for both the 
Xerox and other Linux systems?  Or do the Xerox and (other) Linux system 
use a different default gateway / router other than the middle Linux 
system?  I.e. either of the below images?


(Middle) Linux is not the common default gateway:

                      +-----------------+
                  +---+ Default Gateway +---+
                  |   +-----------------+   |
                  |                         |
+------------+   |   +-----------------+   |   +-------------+
| Xerox 1.30 +---+---+ 1.1 Linux 100.1 +---+---+ 100.2 Linux |
+------------+       +-----------------+       +-------------+

Different default gateways:

                      +-----------------+
                  +---+ Default Gateway |
                  |   +-----------------+
                  |
+------------+   |   +-----------------+       +-------------+
| Xerox 1.30 +---+---+ 1.1 Linux 100.1 +---+---+ 100.2 Linux |
+------------+       +-----------------+   |   +-------------+
                                            |
                      +-----------------+   |
                      | Default Gateway +---+
                      +-----------------+

What networking scenario are we looking at:
  - (Middle) Linux is the common default gateway
  - (Middle) Linux is not the common default gateway
  - Different default gateways
  - Or a third scenario where the (Middle) Linux is the default gateway 
for one network but not the other?

We need to know what type of network topology we are working with so 
that we can better help you.

Also, are you running any type of firewalling?  If so, where is it and 
can we get a configuration so that we know what we are working with?



Grant. . . .