l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2003 Jan 14 00:50

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] bridging subnets
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] bridging subnets

You could have all of the computers with 192.* addresses
and have the Linux box using ipchains or iptables 
translate any packet on the external address to an 
internal address... i.e. <-> <-> <-> <-> <-> NAT
NAT <->
NAT <->
NAT <->

You can try out this script... It may even work :-).  The 
masquerading should be correct, but the ip mappings may not
be and I don't really have a good setup to try them.  There
is probably someone better with iptables to give you a better
answer.  They final script is probably more complicated, but
this might give you something to start with.

You would configure everyone with a netmask with
the Linux box with and for addresses.


# iptables.

modprobe iptable_nat
echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -F POSTROUTING
iptables -t nat -A POSTROUTING -o eth0 -s -j MASQUERADE

iptables -t nat -A PREROUTING -i eth0 -s -j DNAT -to
iptables -t nat -A PREROUTING -i eth0 -s -j DNAT -to
iptables -t nat -A PREROUTING -i eth0 -s -j DNAT -to
iptables -t nat -A PREROUTING -i eth0 -s -j DNAT -to

On Mon, Jan 13, 2003 at 03:31:59PM -0800, Ken Bloom wrote:
> I'm inventing some random numbers (they're not even valid IP 
> addresses) to explain the problem better
> The following computers are connected via hub to the DSL modem:
> 201.123.321.12
> 201.123.321.13
> 201.123.321.14
> 201.123.321.15
> 201.123.321.16 (eth0) / (eth1)
> What can be done so that the 201.123.321.* computers can see the
> 192.168.0.* computers? Bear in mind that these computers are not 
> necessarily all Linux computers, but that we know 
> 201.123.321.16/ is a Linux computer.
> > From: Rod Roark <rod@sunsetsystems.com>
> > Organization: Sunset Systems
> > To: vox-tech@lists.lugod.org
> > Subject: Re: [vox-tech] bridging subnets
> > Date: Mon, 13 Jan 2003 06:53:57 -0800
> > Reply-To: vox-tech@lists.lugod.org
> > 
> > I'm surely being dense, but I don't understand what you
> > mean.  What are the subnets in question?
> > 
> > Here's a thought that may or may not apply.  Perhaps you
> > can put all the machines on a single LAN behind the Linux
> > firewall.  Note that you can assign all 5 external IP's to
> > this Linux box and then port-forward (with iptables) to
> > other machines depending on the destination IP address
> > (and/or port number) of incoming packets.
> > 
> _______________________________________________
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.