[opensuse] anyone with practical experience in setting up a router with proxy arp?
I am trying to get the following setup to work - I have in fact had it working for quite a while, but after a recent reboot, I have not been able to get it properly set up again: provider | | V ADSL router | n.n.220.65 | cross-over cable V n.n.220.66 router/firewall | n.n.220.66 | V n.n.220.64/27 misc. systems Explaining everything I've tried would take up too much space here, so if anyone feels they can help me get this to work, I'd appreciate an off-line contact. /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Dave Howorth wrote:
Per Jessen wrote:
| cross-over cable V n.n.220.66 router/firewall | n.n.220.66
Same IP address on both interfaces of the router?
Yep, that's exactly what proxy arp is there for. /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
I am trying to get the following setup to work - I have in fact had it working for quite a while, but after a recent reboot, I have not been able to get it properly set up again:
provider | | V ADSL router | n.n.220.65 | cross-over cable V n.n.220.66 router/firewall | n.n.220.66 | V n.n.220.64/27 misc. systems
Explaining everything I've tried would take up too much space here, so if anyone feels they can help me get this to work, I'd appreciate an off-line contact.
/Per Jessen, Zürich
Per, If I understand what you need, you want to look at IP masquerade on 'router/firewall' so misc. systems that connect to router/firewall can masquerade as n.n.220.66 with all responses from the ADSL router side NAT'ed back to misc. systems on n.n.220.64. I had to do something similar with: provider | V Cable/DSL router | n.n.6.13 | V router/firewall | n.n.6.17 | (connection via 'gulp' dial-up) V n.n.5.15 router/firewall | | V n.n.5.x/24 misc systems The key to making everything work was to set up IP masquerade with IP tables on router/firewall (n.n.5.15) Sorry I can't provide the exact config, but the n.n.5.15 box is off right now and 20 miles away at the lake :-( Hope this helps. -- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David C. Rankin wrote:
Per,
If I understand what you need, you want to look at IP masquerade on 'router/firewall' so misc. systems that connect to router/firewall can masquerade as n.n.220.66 with all responses from the ADSL router side NAT'ed back to misc. systems on n.n.220.64. I had to do something similar with:
Hi David well, no, I don't want to do that - using proxy arp makes is far more transparent - once it works. My proxy arp setup had already been working for 3-4 weeks, and I even had a yellow stickie reminding to check the boot-up of the router just in case. I've been trying all sorts and going through the setup step by step, but I just can't get it to work again. So I was hoping for a 2nd pair of eyes to help me double-check. /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
My proxy arp setup had already been working for 3-4 weeks, and I even had a yellow stickie reminding to check the boot-up of the router just in case. I've been trying all sorts and going through the setup step by step, but I just can't get it to work again. So I was hoping for a 2nd pair of eyes to help me double-check.
Many thanks to Jeff who volunteered a 2nd pair of eyes as well as one or two interesting suggestions. I've just managed to get my setup to work again, exactly as it is described e.g. here: http://www.sjdjweis.com/linux/proxyarp/ AFAICT, my problems were due to a faulty network card. Exactly how I don't know, but after I began suspecting hardware, I swapped two network cards - the first one was probably not necessary, but swapping the second one made everything work again. Now I just need to fiddle with a script or two to get the firewall/router to get the routing right on boot-up. I'm getting an unwanted but automatical route, so I need to figure whether to just hardcode a 'route del -net', or if I can disable the automatic route. /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Dave Howorth
-
David C. Rankin
-
Per Jessen