Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

browsing from nodes over ethernet connection

Posted on 1999-09-20
29
Medium Priority
?
265 Views
Last Modified: 2010-03-18
I am having a Linux box to serve as a gateway for my win98 nodes.
The box has one thernet card.
eth0  192.168.1.1 is the ip for local net
eth0:0 203.197.118.35 is the ip for external net

I am able to browse the net and use it fully from the linus box. However my win98 nodes, although being able to log on to the linux box are not able to browse the net or use internet.

The settings are as below
[root@linux suruchi]# /sbin/route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.1     0.0.0.0         255.255.255.255 UH    0      0        0 eth0
192.168.1.0     192.168.1.1     255.255.255.0   UG    0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
203.197.118.0   203.197.118.42  255.255.255.0   UG    0      0        0 eth0
203.197.118.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         203.197.118.42  0.0.0.0         UG    0      0        0 eth0
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0
[root@linux suruchi]# /sbin/ifconfig
eth0      Link encap:Ethernet  HWaddr 00:80:C8:04:83:2D
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1178 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1395 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:10 Base address:0x1020
 
eth0:0    Link encap:Ethernet  HWaddr 00:80:C8:04:83:2D
          inet addr:203.197.118.42  Bcast:203.197.118.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:10 Base address:0x1020
 
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:158 errors:0 dropped:0 overruns:0 frame:0
          TX packets:158 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
 
[root@linux suruchi]# /sbin/ipchains -L
Chain input (policy ACCEPT):
target     prot opt     source                destination           ports
ACCEPT     all  ------  192.168.1.0/24        anywhere              n/a
ACCEPT     tcp  ------  anywhere              localhost             any ->   www
ACCEPT     tcp  ------  anywhere              linux.hifundacal.com  any ->   www
REDIRECT   tcp  ------  anywhere              anywhere              any ->   www
 => 3128
Chain forward (policy ACCEPT):
target     prot opt     source                destination           ports
MASQ       all  ------  192.168.1.0/24        anywhere              n/a
Chain output (policy ACCEPT):
target     prot opt     source                destination           ports
ACCEPT     all  ------  anywhere              192.168.1.0/24        n/a
[root@linux suruchi]# cat /etc/sysconfig/network
NETWORKING=yes
FORWARD_IPV4=yes
HOSTNAME=linux.hifundacal.com
DOMAINNAME=hifundacal.com
GATEWAY=192.168.1.1
GATEWAYDEV=eth0



CAN ANY ONE POINT OUT MY MISTAKE AND SUGGEST ME A SOLOUTION
0
Comment
Question by:kathotia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 8
  • 4
  • +4
29 Comments
 
LVL 1

Author Comment

by:kathotia
ID: 2061710
Edited text of question.
0
 
LVL 4

Expert Comment

by:oubelkas
ID: 2062170
I think the best thing you can do here is use two ethernet cards instead of one:
eth0 for the internet
eth1 for the local net

J.
0
 

Expert Comment

by:Heimy
ID: 2064257
I'm with oubelkas. Having the same link for the two nets
will give you too many collisions
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 4

Expert Comment

by:oubelkas
ID: 2065419
Yup!
0
 
LVL 1

Author Comment

by:kathotia
ID: 2065475
Let me try out your suggestion
0
 

Expert Comment

by:Heimy
ID: 2065603
Oublekas, yours is the answer (you were first), please
post it (eth's plus rules)
0
 
LVL 4

Expert Comment

by:svindler
ID: 2065796
I don't think collisions should be your main worry for internet access and several ip-adresses on one interface.
The main issue is security which is a lot easier to control on separate adapters.
You can cut off the internet if you need to do special maintenance on the linux that may open up for security holes and still be able to access your local network.

For a secure solution that would also give the added benefit of caching so as not to load your internet line, look on squid (http://squid.nlanr.net/) which is a very popular proxy-server.
0
 
LVL 4

Expert Comment

by:oubelkas
ID: 2066227
eth0 for the internet
eth1 for the local net

It must work, without a doubt.....

J.
0
 
LVL 1

Author Comment

by:kathotia
ID: 2106260
i have sucessully done it with a single ethernet card. the problem was with ipchains settings.
0
 
LVL 1

Author Comment

by:kathotia
ID: 2106269
i have sucessully done it with a single ethernet card. the problem was with ipchains settings.
0
 
LVL 4

Expert Comment

by:oubelkas
ID: 2106318
well, if it works succesfully, it works succesfully...

J.
0
 
LVL 4

Expert Comment

by:oubelkas
ID: 2106331
It's just that it's recommended to do it with two ethernet cards for several reasons like svindler also mentions...

J.
0
 

Expert Comment

by:schells082999
ID: 2115178
I am not sure about this, but shouldn't your /etc/sysconfig/network file show your gateway as being the IP address of your ISP's gateway (eg: GATEWAY=203.197.118.1), not the lan IP gateway?
0
 
LVL 1

Expert Comment

by:dcavanaugh
ID: 2305726
Is there any part of this problem that remains unsolved?

I saw an entry in your routing table that looks suspicious: The 0.0.0.0 (default) route via gw 192.168.1.1  

route del -net 0.0.0.0 gw 192.168.1.1

Obviously, the Windoze boxes need 192.168.1.1 as their default route.

I use the two-card scenario, and recommend it highly. For the cost of a cheapie NIC card, I get better performance and a cleaner configuration:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
255.255.255.255 0.0.0.0         255.255.255.255 UH    0      0        0 eth1
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0       41 eth1
24.2.176.0      0.0.0.0         255.255.252.0   U     0      0        4 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        7 lo
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0      278 eth0
0
 
LVL 4

Expert Comment

by:oubelkas
ID: 2307340
>>I use the two-card scenario, and recommend it highly

Yup, like I also do....I don't know if kathotia already solved this, if not, I again recommend (like in my previous comments) to use two ethernet cards.

Joseph
0
 
LVL 1

Author Comment

by:kathotia
ID: 2307596
uot two card solution if good , but my single card is present ly working absolutely fine and i do not intend to disturb it.
Thank all of you for your commnets and suggestions.
0
 
LVL 1

Author Comment

by:kathotia
ID: 2307601
your two card solution may be good , but my single card is present ly working absolutely fine and i do not intend to disturb it.
Thank all of you for your commnets and suggestions.
0
 
LVL 4

Expert Comment

by:oubelkas
ID: 2307640
So what did you do then, because the most logical way for this, of course, to have one card for the outstream and one for in...well, if it works...it works ;)

And what's going to happen with this Q?

Joseph

PS : No thanks for the comments :)
0
 
LVL 1

Expert Comment

by:patowic
ID: 2345826
It's been 2 weeks w/o any new comments, so I'll answer this.  Just drop the points to zero, and then it'll go into the PAQ section, rather than sitting out and drawing attention from those looking to answer questions.
0
 
LVL 4

Expert Comment

by:oubelkas
ID: 2345893
Well, patowic, pretty unfair don't you think.... >:/

kathotia,

I hope you aren't as low as patowic is, so please don't grade this answer. It's up to you what to do with this question, please reject this ridiculous answer first. You could also delete it. I helped you as much as I could and put my efford in this Q and maybe you can give me some points for that, but please don't grade this. See what you do with this, ok? Thanks.

Joseph
0
 
LVL 1

Expert Comment

by:patowic
ID: 2345963
Reject my answer, then.  I'm not trying to be low, oubelkas--I'm just trying to clear up problems that aren't problems anymore.

this is why i said "drop the points to zero"

I'd be more than happy to see the points go to you, oubelkas--I'm not trying to be a point slut, believe me.

Please count to ten, relax, and try not to assume the worst from other people.
0
 
LVL 4

Expert Comment

by:oubelkas
ID: 2345987
Ok, ok, relaxxx....it's just that some always try to take the benefit out of someone else, especially here on EE, with locking questions unnecessarily with even the same as previous said in the comments...it's just bugging me...but hey, not heartfeelingzz, ok?

Joseph
0
 
LVL 1

Expert Comment

by:patowic
ID: 2346014
:)  no problem.  my link is often slow...so I hate loading questions that have essentially been resolved--but have either not had an answer accepted, or were not deleted when they should have been :(

Happy Trails...
0
 
LVL 1

Expert Comment

by:dcavanaugh
ID: 2350928
If kathotia does nothing, patovic eventually gets 500 points x 2 (C-grade) from autograde, right? Then again, it's not like the points are really worth anything, right?
0
 
LVL 1

Expert Comment

by:patowic
ID: 2351076
actually, it's a D grade, so it's a 1-for-1, I think.  I'm really not trying to be a point slut...just to clear this one up...
0
 
LVL 1

Author Comment

by:kathotia
ID: 2352002
patowic answer is no answer. I could have deleted the question long ago but how to delete it. I do not get any delet option on the page also i am not allowed to drop the points.
0
 
LVL 4

Accepted Solution

by:
oubelkas earned 1000 total points
ID: 2352173
hmmm kathotia, you can delete it by clicking on "delete", but if not just ask at community support to delete this Q. (or you can still grade me for the effort....since SEPTEMBER....haha ;) )

BTW autograde grades a C, so 2 times the amount of points will be awarded after a while.

Joseph
0
 
LVL 1

Author Comment

by:kathotia
ID: 2352567
Your insistance make me give you the points by this is what I have actually done in my rc.local file

the ethernet card had been
given local net address as eth0
and eternal net address as eth1

now in rc.local i have

ipcahins -P forward ACCEPT
ipchains -A forward -J MASQ -s 0/0 -d 0/0

This has solved all my problems.
0
 
LVL 4

Expert Comment

by:oubelkas
ID: 2352637
alrighty then....thanks! (though it's a shame I have a 'C' now in my grade list haha ;) don't matter) just happy your problem is fixed

Joseph
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

662 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question