If you are going from one subnet A over the linux box to another subnet B and then via router to the internet, you will need to do a SNAT on the linux box. You have to hide subnet A on the Linux box to it's IP address on the B subnet.
Or you have to add a static route on your router for subnet A going to the linux box subnet B IP address. This way host on subnet B can also talk to hosts on subnet A, as their traffic will go to your router (default gateway on PC's) and the router will send then the traffic for subnet A to the Linux box because of the static route.
-----Original Message----- From: Per Jessen [mailto:email@example.com] Sent: Sunday, February 26, 2012 9:33 AM To: firstname.lastname@example.org Subject: Re: [opensuse] ipv4 forwarding - any known issues?
Linda Walsh wrote:
Per Jessen wrote:
John Andersen wrote:
On 2/23/2012 6:15 AM, Per Jessen wrote:
James Knott wrote:
Per Jessen wrote:
I'm setting up a new box and started out with ip forwarding enabled. This seemed to prevent internet access, so I tried disabling forwarding with yast, but this only caused a hang. I ended up having to walk to the datacentre to access the physical console.
Just wondering before I start digging into this - are there any (more or less) known issues wrt ip forwarding and/or the enabling/disabling thereof in 12.1 ?
IP forwarding is used only if you're using the computer as a router.
Yes, this box is set up as a router.
And you configured the SuseFirewall? (or shut it down to test?)
Yes, it's disabled, I never use it. There is no other firewall active either.
But do you have iptables built into your kernel? (probably)
It's the vanilla openSUSE 12.1 kernel, so yes.
How are those rules set? Is forwarding in the iptables set to drop or forward? Since you can reach the box, I assume that the input/output chains are ok....
No iptables rules are set.
Thank for your help everyone - there's something basic missing here, I suspect operator error.
-- Per Jessen, Z rich (5.2 C)
-- To unsubscribe, e-mail: email@example.com To contact the owner, e-mail: firstname.lastname@example.org