[Cerowrt-devel] double_nat_question

Toke Høiland-Jørgensen toke at toke.dk
Wed Aug 28 05:06:37 EDT 2013

Oliver Niesner <oliver.niesner at gmail.com> writes:

> This setup works fine, but only when i do MASQUERADE on eth0, on my firewall pc!
> I thought it must be possible, that only my dsl-router is doing the NAT and
> everything else is routed inside the private net!
> (the necessary routes are set, every machine could ping each other)
> What i'm missing?

My guess would be that you're missing routes? I.e. that either your
cerowrt box doesn't know how to find 192.168.0.x, or (more likely), your
DSL modem doesn't know how to find 192.168.1.x? You can try running
tcpdump on eth0 of your firewall pc while you do a ping, and see if you
have ICMP packets in one direction only. If so, that might be an
indication of missing routes. :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <https://lists.bufferbloat.net/pipermail/cerowrt-devel/attachments/20130828/a96bf075/attachment.sig>

More information about the Cerowrt-devel mailing list