From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.tohojo.dk (mail.tohojo.dk [188.40.53.186]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by huchra.bufferbloat.net (Postfix) with ESMTPS id 03EEA21F107 for ; Wed, 28 Aug 2013 02:06:43 -0700 (PDT) Received: from alrua-x1.borgediget.toke.dk (unknown [10.42.3.75]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.tohojo.dk (Postfix) with ESMTPSA id 0CB211EC0717; Wed, 28 Aug 2013 11:06:40 +0200 (CEST) Received: by alrua-x1.borgediget.toke.dk (Postfix, from userid 1000) id 6C58B4050; Wed, 28 Aug 2013 11:06:39 +0200 (CEST) From: =?utf-8?Q?Toke_H=C3=B8iland-J=C3=B8rgensen?= To: Oliver Niesner References: <521DB883.20106@gmail.com> Date: Wed, 28 Aug 2013 11:06:37 +0200 In-Reply-To: <521DB883.20106@gmail.com> (Oliver Niesner's message of "Wed, 28 Aug 2013 10:44:51 +0200") Message-ID: <87a9k2i3qa.fsf@toke.dk> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Cc: cerowrt-devel@lists.bufferbloat.net Subject: Re: [Cerowrt-devel] double_nat_question X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Aug 2013 09:06:44 -0000 --=-=-= Content-Type: text/plain Oliver Niesner writes: > This setup works fine, but only when i do MASQUERADE on eth0, on my firewall pc! > I thought it must be possible, that only my dsl-router is doing the NAT and > everything else is routed inside the private net! > (the necessary routes are set, every machine could ping each other) > What i'm missing? My guess would be that you're missing routes? I.e. that either your cerowrt box doesn't know how to find 192.168.0.x, or (more likely), your DSL modem doesn't know how to find 192.168.1.x? You can try running tcpdump on eth0 of your firewall pc while you do a ping, and see if you have ICMP packets in one direction only. If so, that might be an indication of missing routes. :) -Toke --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.21 (GNU/Linux) iQEcBAEBCAAGBQJSHb2dAAoJEENeEGz1+utPPgcH/jONmMu0EYJexN4tnPr/XrEz IiFPIVSIHeNjWLPlV9DR0Ioxpr4tbC2yt2qP63bCG1PiWFlH1xmKzyfJKCTi1RHm OlYItoAuYJQ+iiNlZw+zV4fsvHYVOUigw2ZYRhpeoY/Bq6DJlgKEm+/97zSD5WHC JTnWBse+NSCdVQthxjul8DAnhpehOoGHYeo+v8HxQzOTLZPKc5bpowTGeEi6lWTT P5FVaGSWOLYsgeOYSby/1wZkkUWun/YSrOIssdv5vqpjyllg48cEGtwXHNfefj7f Bm7uOKOyBMQVbb5s+hIG04AYguBjvqpV7s8Pfx8gbxaUwF4ap1dpbtPGazJQabk= =CQNp -----END PGP SIGNATURE----- --=-=-=--