IP masquerading, Qwest

Dan Brown plug-discuss@lists.PLUG.phoenix.az.us
Mon, 24 Sep 2001 17:23:52 -0700 

--TakKZr9L6Hm6aLOc
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Not sure I totally understand your question but perhaps if I explain
my set up it'll help.  My first guess is that the gateway is set incorrectl=
y.
I don't think the modprobe message is related.

Note, I do not have DHCP running on my net.  The only DHCP going on is
between Qwest and the Cisco 675.

I have mine set up like I think you're trying to do.   I'm not too good
at drawing but this might give you an idea of how my network is set up.

There are two RaQ 3 machines.  One is my firewall with ipchains.

=46rom the wall to the cisco:

   Wall ---phone line --- Cisco 675 (207.225.166.113)

=46rom the cisco to eth0 (10.0.0.4) of the firewall RaQ 3

   Cisco 675 (10.0.0.1) ---- Cobalt RaQ3 (10.0.0.4)

Then eth1 of the firewall RaQ is connected to the hub along with all my oth=
er
machines.

   Cobalt RaQ3 (192.168.1.1)  ---
                                 |
   Win 95 (192.168.1.4) --------
                                 |
   Linux  (192.168.1.3) -------------- HUB=20
                                 |
   WinNT  (192.168.1.2) ---------
                                 |
   Cobalt RaQ3 (192.168.1.5)  ---

If you open a serial connection to the cisco box and do

   >show nat

you'll get the information about the external IP of the cisco.  Something
like

   cbos#show nat

   NAT is currently enabled
  =20
   Port      Network        Global
   eth0      Inside
   wan0-0    Outside      207.225.166.113
   vip0      Outside
   vip1      Outside
   vip2      Outside

    Local IP : Port      Global IP : Port      Timer Flags    Proto Interfa=
ce
      ....


The gateway for all my boxen is set to the internal IP of the firewall RaQ
(i.e., 192.168.1.1).  Check /etc/network/interfaces (or perhaps grep -r
gateway /etc).  Check the 'interfaces' man page for more info.

I did a quick search for "char-major-6" on google.  I believe that is lpr.
If you want a quick fix - just to get the message to start -- add

    alias char-major-6 off

in /etc/conf.modules (or /etc/modules.conf depending on your distribution).

I hope this at least gets you pointed in the right direction.

Dan
 =20


Vaughn Treude (tv6@qwest.net) wrote:
> Date: Mon, 24 Sep 2001 15:55:24 -0700=0D
> From: "Vaughn Treude" <tv6@qwest.net>=0D
> Sender: plug-discuss-admin@lists.PLUG.phoenix.az.us=0D
> To: plug-discuss@lists.PLUG.phoenix.az.us=0D
> Organization: Nakota Software, Inc.=0D
> X-Mailer: Mozilla 4.7 [en] (X11; I; Linux 2.2.16 i586)=0D
> Subject: IP masquerading, Qwest=0D
> Reply-To: plug-discuss@lists.PLUG.phoenix.az.us=0D
> Lines: 1
>=20
>=20
> Hello:
>     I'm trying to set up IP masquerading through my Mandrake 7 box to mak=
e my DSL connection available to the rest of the boxes on my
> network.  I think I've followed the instructions in the IP masquerading H=
OW-TO, but it doesn't work yet.  My internal network has addresses
> in the ubiquitous 192.168.x.x field.  The Cisco modem that Qwest reports =
that its address as 10.0.0.1.   DHCP seems to be running fine for
> me, and I can access the Web, email,  and news on the Mandrake box.  But =
the other machines can't see the Cisco modem.
>     The masquerading how-to suggests that I try to ping the dynamic IP ad=
dress from one of the internal machines.  In this case, I know
> nothing to try but 10.0.0.1.   It doesn't surprise me that the other mach=
ines can't reach the modem at this address.  Is this an inherent
> problem with it being assigned one of those "local" IP addresses, or is i=
t more likely that my IP masquerading setup isn't correct?
> Should there be some process running to indicate that masquerading is wor=
king (such as "dhclient" for DHCP?)
>     I looked at the messages file in /var/log, and I only see two suspici=
ous messages:
>=20
> modprobe:  can't locate module char-major-6 (appears twice consecutively)
> last message repeated 2 times (appears six times)
>=20
>     Could these be indicative of the problem?  If so, what do they mean? =
 I'm using the "sample" rc.firewall script from the
> IP masquerading "howto"; not too secure, I know, but I've got to start so=
mewhere.
>     Thanks very much in advance for any help you can give me.
>=20
> Vaughn Treude
> Nakota Software, Inc.
>=20
>=20
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't p=
ost to the list quickly and you use Netscape to write mail.
>=20
> PLUG-discuss mailing list  -  PLUG-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>=20

--TakKZr9L6Hm6aLOc
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7r86YPIfIXJRddQ0RAsN7AKDonG1Adpg8jgKYGrihiJJIEYo5GgCgzG6V
cBg4xXVDuJTMFuiryp6PbMA=
=Y0GG
-----END PGP SIGNATURE-----

--TakKZr9L6Hm6aLOc--