[問題] 雙網卡NAT實做
Internet--[Master router]+[DNS]-----------[ R2 ] (Public IP)
(Net_1 IP+Pubic IP) (Net_1 IP) | (Net2 IP)192.168.1.1
192.192.125.11/24 |
----------[PC1(Win 7)]
(Net_2 IP)
//目前狀況:// 192.168.1.100
(1)R2可以正常Internet, PC1不能
(2)兩台互相ping的到,
R2可ping到yahoo也可正常上網,但PC01 ping不出去
(3)檢測/etc/sysctl.conf 為0,
iptable.rule中已經有寫 "1"> ip_forward,sysctl.conf中還須設為1嗎?
(4)/etc/sysconfig/network 舊文章中有的有寫上 ipforward=yes
請問需要寫嗎?
(5)iptable.rule
http://cid-7898f3a38d05d8ab.office.live.com/self.aspx/.Public/iptables2.rule
(6)純NAT的 iptables nat prerouting rule要設定嗎0.0
==================
#<1>
#Statement
#R2
-[eth0]-140.118.1.3 (Pubic IP)
-[eth1]-192.168.1.1/24 (Net_2 IP)
#PC01
-[eth0]-192.168.1.100/24 (Net_1 IP)
#<2>
#Set
#2.1.0
#cat /etc/sysconfig/network-script/if*1 #EXTIF
DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
HWADDR=99:34:56:78:90:13
IPADDR=140.118.1.3
NETMASK=255.255.255.0
NETWORK=140.118.1.0
BROADCAST=140.118.1.255
IPV6INIT=yes
IPV6_AUTOCONF=yes
#2.1.1
#cat /etc/sysconfig/network-script/if*0 #INIF
DEVICE=eth1
BOOTPROTO=static
ONBOOT=yes
HWADDR=12:34:56:78:90:12
IPADDR=192.168.1.1
NETMASK=255.255.255.0
NETWORK=192.168.1.0
BROADCAST=192.168.1.255
#<3>
#cat /etc/sysconfig/network
NETWORKING=yes
NETWOTKING_IPV6=yes
HOSTNAME=kingofsdtw
GATWAY=192.192.125.254 #Net_1 IP
#<4>
#cat /etc/resolv.conf
nameserver 192.192.125.11 #Net_1 IP(DNS)
nameserver 192.192.125.10 #Net_1 IP(DNS2)
#<5>
#cat /etc/rc.d/rc.local
touch /var/lock/subsys/local
/usr/local/virus/iptables/iptables.rule
#<6>
#PC01_Set_win7
IP=192.168.1.100
BROADCASTS=255.255.255.0
GATWAT=192.168.1.1
DNS=""
#<7>
#嘗試除錯
#7.1
#/etc/sysctl.conf ip_forward= 0
-PC01_Set_win7 加入DNS 192.168.1.1
-ping -t 192.168.1.1 ->Yes
-ping -t 192.192.1.11 ->Yes #(Net_2)
-ping -t www.yahoo.com.tw ->Can't
-[R2] ping 192.168.1.100 ->Yes
#7.2
#/etc/sysctl.conf ip_forward= 0
-PC01_Set_win7 去除DNS
-ping -t 192.168.1.1 ->Yes
-ping -t 192.192.1.11 ->Yes #(Net_2)
-ping -t www.yahoo.com.tw ->Can't
-[R2] ping 192.168.1.100 ->Yes
可以上了0.0
#7.3
#/etc/sysctl.conf ip_forward= 0
-PC01_Set_win7 更改DNS 192.192.125.11
-ping -t 192.168.1.1 ->Yes
-ping -t 192.192.1.11 ->Yes #(Net_2)
-ping -t www.yahoo.com.tw ->Yes
-[R2] ping 192.168.1.100 ->Yes
#7.4
#/etc/sysctl.conf ip_forward= 1
-ping -t www.yahoo.com.tw ->Yes
-ping -t 192.168.1.1 ->Yes
-ping -t 192.192.1.11 ->Yes #(Net_2)
-[R2] ping 192.168.1.100 ->Yes
--
※ 發信站: 批踢踢實業坊(ptt.cc)
◆ From: 203.72.144.93
※ 編輯: kingofsdtw 來自: 203.72.144.93 (12/18 16:24)
推
12/18 16:34, , 1F
12/18 16:34, 1F
→
12/18 16:34, , 2F
12/18 16:34, 2F
→
12/18 16:36, , 3F
12/18 16:36, 3F
→
12/18 16:38, , 4F
12/18 16:38, 4F
是 .1 .2是誤打修正中
※ 編輯: kingofsdtw 來自: 203.72.144.93 (12/18 16:46)
※ 編輯: kingofsdtw 來自: 203.72.144.93 (12/18 17:07)
推
12/18 17:09, , 5F
12/18 17:09, 5F
推
12/18 17:12, , 6F
12/18 17:12, 6F
→
12/18 17:12, , 7F
12/18 17:12, 7F
→
12/18 17:12, , 8F
12/18 17:12, 8F
※ 編輯: kingofsdtw 來自: 203.72.144.90 (12/18 17:28)
Linux 近期熱門文章
PTT數位生活區 即時熱門文章
