nat bypass

nat bypass

[ratheesh k]

Hi,

  A -------> R ------->S

I have a linux machine A is connected to Linux machine R . Machine R
is having two network interfaces and acting as a router .
It has a dhcp server running  . It will assign ip in 192.168.1.0/24
subnet to all machine connected on lan side ( A is connected also in
lan side ) . Wan side of R is connected to HTTP server S . There is
also a DHCP server running on S to assign ip in 10.232.18.0/24 subnet
.  Is there any way , in which NAT should be bypassed to get ip from
DHCP server running  on S . My question is : How can A will get  an ip
from 10.232.18.0/24 pool ip .?
ebtables is an option ? How can we make it ?
Is there any other optimal way ?


Thanks,
Ratheesh

Re: nat bypass

[Grant Taylor]

On 06/28/10 05:13, ratheesh k wrote:
> DHCP server running  on S . My question is : How can A will get  an 
> ip from 10.232.18.0/24 pool ip .?

Bridging the (selected) traffic from your LAN to the network that the 
server is on is probably your best bet.

What you are talking about is known as a bridging router, or "brouter" 
for short.

> ebtables is an option ? How can we make it ?

You set up a brouter and bridge the traffic for the system(s) on the LAN 
that is suppose to be part of the network that the server is on and 
route the rest of the traffic.

> Is there any other optimal way ?

Short of adding a second network card to A and connecting it directly to 
the network that S is on, bridging is probably your best bet.

You will have to set up a EBTables rules to control what traffic is 
bridged verses routed.



Grant. . . .

Re: nat bypass

[Anatoly Muliarski]

2010/6/28 ratheesh k <ratheesh.ksz@gmail.com>:
> Hi,
>
>  A -------> R ------->S
>
> I have a linux machine A is connected to Linux machine R . Machine R
> is having two network interfaces and acting as a router .
> It has a dhcp server running  . It will assign ip in 192.168.1.0/24
> subnet to all machine connected on lan side ( A is connected also in
> lan side ) . Wan side of R is connected to HTTP server S . There is
> also a DHCP server running on S to assign ip in 10.232.18.0/24 subnet
> .  Is there any way , in which NAT should be bypassed to get ip from
> DHCP server running  on S . My question is : How can A will get  an ip
> from 10.232.18.0/24 pool ip .?
> ebtables is an option ? How can we make it ?
> Is there any other optimal way ?
>

Suppose you achieve your goal and A got an IP from S pool.
But there appear another problem - what about routing?
Presumably you should track leased IP and dynamically bridge packets
to/from it - and it looks rather complicated.

-- 
Best regards
Anatoly Muliarski

Re: nat bypass

[Simon Horman]

On Mon, Jun 28, 2010 at 03:43:46PM +0530, ratheesh k wrote:
> Hi,
> 
>   A -------> R ------->S
> 
> I have a linux machine A is connected to Linux machine R . Machine R
> is having two network interfaces and acting as a router .
> It has a dhcp server running  . It will assign ip in 192.168.1.0/24
> subnet to all machine connected on lan side ( A is connected also in
> lan side ) . Wan side of R is connected to HTTP server S . There is
> also a DHCP server running on S to assign ip in 10.232.18.0/24 subnet
> .  Is there any way , in which NAT should be bypassed to get ip from
> DHCP server running  on S . My question is : How can A will get  an ip
> from 10.232.18.0/24 pool ip .?
> ebtables is an option ? How can we make it ?
> Is there any other optimal way ?

Let me try and understand this.

R is routing between 192.168.1.0/24 and 10.232.18.0/24.
As A is on the 192.168.1.0/24 side of R.
But to give A an 10.232.18.0/24 address (dynamically)?

Why?

Re: nat bypass

[ratheesh k]

> Let me try and understand this.
>
> R is routing between 192.168.1.0/24 and 10.232.18.0/24.
> As A is on the 192.168.1.0/24 side of R.
> But to give A an 10.232.18.0/24 address (dynamically)?
>
> Why?
>

For some clients , R should act as a mere bridge , Not a router .


On Wed, Jun 30, 2010 at 8:07 AM, Simon Horman <horms@verge.net.au> wrote:
> On Mon, Jun 28, 2010 at 03:43:46PM +0530, ratheesh k wrote:
>> Hi,
>>
>>   A -------> R ------->S
>>
>> I have a linux machine A is connected to Linux machine R . Machine R
>> is having two network interfaces and acting as a router .
>> It has a dhcp server running  . It will assign ip in 192.168.1.0/24
>> subnet to all machine connected on lan side ( A is connected also in
>> lan side ) . Wan side of R is connected to HTTP server S . There is
>> also a DHCP server running on S to assign ip in 10.232.18.0/24 subnet
>> .  Is there any way , in which NAT should be bypassed to get ip from
>> DHCP server running  on S . My question is : How can A will get  an ip
>> from 10.232.18.0/24 pool ip .?
>> ebtables is an option ? How can we make it ?
>> Is there any other optimal way ?
>
> Let me try and understand this.
>
> R is routing between 192.168.1.0/24 and 10.232.18.0/24.
> As A is on the 192.168.1.0/24 side of R.
> But to give A an 10.232.18.0/24 address (dynamically)?
>
> Why?
>
>

Re: nat bypass

[Mart Frauenlob]

On 28.06.2010 12:13, ratheesh k wrote:
> Hi,
>
>    A ------->  R ------->S
>
> I have a linux machine A is connected to Linux machine R . Machine R
> is having two network interfaces and acting as a router .
> It has a dhcp server running  . It will assign ip in 192.168.1.0/24
> subnet to all machine connected on lan side ( A is connected also in
> lan side ) . Wan side of R is connected to HTTP server S . There is
> also a DHCP server running on S to assign ip in 10.232.18.0/24 subnet
> .  Is there any way , in which NAT should be bypassed to get ip from
> DHCP server running  on S . My question is : How can A will get  an ip
> from 10.232.18.0/24 pool ip .?
> ebtables is an option ? How can we make it ?
> Is there any other optimal way ?

How about a VPN?
i.e. OpenVPN on S.
Clients from A become members for both networks using DHCP locally (R) 
and via VPN (S).

regards


Mart

Re: nat bypass

[Stephen Clark]

On 06/30/2010 05:24 AM, ratheesh k wrote:
>> Let me try and understand this.
>>
>> R is routing between 192.168.1.0/24 and 10.232.18.0/24.
>> As A is on the 192.168.1.0/24 side of R.
>> But to give A an 10.232.18.0/24 address (dynamically)?
>>
>> Why?
>>
>
> For some clients , R should act as a mere bridge , Not a router .
>
>
> On Wed, Jun 30, 2010 at 8:07 AM, Simon Horman<horms@verge.net.au>  wrote:
>> On Mon, Jun 28, 2010 at 03:43:46PM +0530, ratheesh k wrote:
>>> Hi,
>>>
>>>    A ------->  R ------->S
>>>
>>> I have a linux machine A is connected to Linux machine R . Machine R
>>> is having two network interfaces and acting as a router .
>>> It has a dhcp server running  . It will assign ip in 192.168.1.0/24
>>> subnet to all machine connected on lan side ( A is connected also in
>>> lan side ) . Wan side of R is connected to HTTP server S . There is
>>> also a DHCP server running on S to assign ip in 10.232.18.0/24 subnet
>>> .  Is there any way , in which NAT should be bypassed to get ip from
>>> DHCP server running  on S . My question is : How can A will get  an ip
>>> from 10.232.18.0/24 pool ip .?
>>> ebtables is an option ? How can we make it ?
>>> Is there any other optimal way ?
>>
>> Let me try and understand this.
>>
>> R is routing between 192.168.1.0/24 and 10.232.18.0/24.
>> As A is on the 192.168.1.0/24 side of R.
>> But to give A an 10.232.18.0/24 address (dynamically)?
>>
>> Why?
>>
>>
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>
Will dhcprelay work for you?

-- 

"They that give up essential liberty to obtain temporary safety,
deserve neither liberty nor safety."  (Ben Franklin)

"The course of history shows that as a government grows, liberty
decreases."  (Thomas Jefferson)