Menu
▾
▴
colinux-devel
|
From: Richard G. <ric...@ri...> - 2004-02-05 16:00:03
|
Ok, So on my work machine, where I'd most dearly love to run cL, I am unable to Bridge or enable ICS because we are members of a domain. So, I need to I guess use the IP forwarding of XP or figure out some other solution. Here's the setup: Local Area Connection 2: "corporate" network, gets DHCP and DNS addresses from network. For arguments sake, let's say it's IP is 199.199.199.199, and the gateway is 199.199.199.1, and subnet mask is 255.255.255.252 (which it actually is) TAP: You know what this is ;-) Currently set to 192.168.0.1, and the gateway set to the IP of the LAC#2 (don't know if that's right or not) eth0 in cL: currently set to 192.168.0.40, and gateway set to TAP IP. I did the IPEnableRouter = 1 in the registry and rebooted, and I can ping TAP and LAC#2 from cL, but can't ping past LAC#2. Am I missing something obvious? Thanks! |
|
From: Ian C. B. <ia...@bl...> - 2004-02-05 16:29:58
|
On Thu, Feb 05, 2004 at 10:00:04AM -0600, Richard Goodwin wrote: > Ok, > > So on my work machine, where I'd most dearly love to run cL, I am unable to > Bridge or enable ICS because we are members of a domain. So, I need to I > guess use the IP forwarding of XP or figure out some other solution. Why does bridging or ICS affect your authentication? I'm confused. > Here's the setup: > > Local Area Connection 2: "corporate" network, gets DHCP and DNS addresses > from network. For arguments sake, let's say it's IP is 199.199.199.199, and > the gateway is 199.199.199.1, and subnet mask is 255.255.255.252 (which it > actually is) That's impossible. If your IP is 199.199.199.199 with a 255.255.255.252 mask, your IP is the broadcast (all ones) address on the 199.199.199.196 network. In that case, I would think it far more likely that your IP would be 199.199.199.198, with a default route through your router at 199.199.199.197. The 199.199.199.1 IP would be on a completely different netblock, unreachable directly. You have a host on a /30 segment? Bridging probably is right out for you then.. but why does ICS block your SMB connectivity? If you meant a 255.255.252.0 netblock, then bridging would make sense. I'll bet this is what you have, as a /22 block with 1024 hosts is far more common on Enterprise networks. > TAP: You know what this is ;-) Currently set to 192.168.0.1, and the gateway > set to the IP of the LAC#2 (don't know if that's right or not) You don't want a gateway on that interface. You only want one "default gateway" on a box (where packets not destined for any local static routes are sent). On your Linux image, you would set your default gateway 192.168.0.1. Think of gateway as the "gateway of last resort". If a packet is destined for somewhere your machine doesn't know how to get to, it hands it off to the gateway for it to deliver the traffic for you. > eth0 in cL: currently set to 192.168.0.40, and gateway set to TAP IP. That is correct. > I did the IPEnableRouter = 1 in the registry and rebooted, and I can ping > TAP and LAC#2 from cL, but can't ping past LAC#2. Am I missing something > obvious? Yes. Your network beyond your 199.199.199.x gateway does not have a route to get back to the 192.168.0.0/24 network. Packets go out, but your enterprise network does not know how to give them back. There are two solutions to this problem: 1. You need to enable ICS. All traffic will then appear to be coming from your LAC#2. ICS is glorified Network Address Translation (NAT). 2. Convince your enterprise network guys to add a route to your little private virtual segment on the routers. - Ian C. Blenke <ia...@bl...> |
|
From: Richard G. <ric...@ri...> - 2004-02-05 16:49:37
|
Ian, It's not authentication... apparently XP removes the bridging and ICS options when in a domain. They're simply not there. ----- Original Message ----- From: "Ian C. Blenke" <ia...@bl...> To: "Richard Goodwin" <ric...@ri...> Cc: "Cooperative Linux Development" <col...@li...> Sent: Thursday, February 05, 2004 10:29 AM Subject: Re: [coLinux-devel] TCP Forwarding? Or General Networking Questions..? > On Thu, Feb 05, 2004 at 10:00:04AM -0600, Richard Goodwin wrote: > > Ok, > > > > So on my work machine, where I'd most dearly love to run cL, I am unable to > > Bridge or enable ICS because we are members of a domain. So, I need to I > > guess use the IP forwarding of XP or figure out some other solution. > > Why does bridging or ICS affect your authentication? I'm confused. > > > Here's the setup: > > > > Local Area Connection 2: "corporate" network, gets DHCP and DNS addresses > > from network. For arguments sake, let's say it's IP is 199.199.199.199, and > > the gateway is 199.199.199.1, and subnet mask is 255.255.255.252 (which it > > actually is) > > That's impossible. If your IP is 199.199.199.199 with a 255.255.255.252 > mask, your IP is the broadcast (all ones) address on the 199.199.199.196 > network. In that case, I would think it far more likely that your IP > would be 199.199.199.198, with a default route through your router at > 199.199.199.197. The 199.199.199.1 IP would be on a completely different > netblock, unreachable directly. > > You have a host on a /30 segment? Bridging probably is right out for you > then.. but why does ICS block your SMB connectivity? > > If you meant a 255.255.252.0 netblock, then bridging would make sense. > I'll bet this is what you have, as a /22 block with 1024 hosts is far > more common on Enterprise networks. > > > TAP: You know what this is ;-) Currently set to 192.168.0.1, and the gateway > > set to the IP of the LAC#2 (don't know if that's right or not) > > You don't want a gateway on that interface. You only want one "default gateway" on a > box (where packets not destined for any local static routes are sent). > > On your Linux image, you would set your default gateway 192.168.0.1. > > Think of gateway as the "gateway of last resort". If a packet is > destined for somewhere your machine doesn't know how to get to, it hands > it off to the gateway for it to deliver the traffic for you. > > > eth0 in cL: currently set to 192.168.0.40, and gateway set to TAP IP. > > That is correct. > > > I did the IPEnableRouter = 1 in the registry and rebooted, and I can ping > > TAP and LAC#2 from cL, but can't ping past LAC#2. Am I missing something > > obvious? > > Yes. Your network beyond your 199.199.199.x gateway does not have a route > to get back to the 192.168.0.0/24 network. Packets go out, but your enterprise > network does not know how to give them back. > > There are two solutions to this problem: > > 1. You need to enable ICS. All traffic will then appear to be coming from your > LAC#2. ICS is glorified Network Address Translation (NAT). > 2. Convince your enterprise network guys to add a route to your little private > virtual segment on the routers. > > - Ian C. Blenke <ia...@bl...> > > > > ------------------------------------------------------- > The SF.Net email is sponsored by EclipseCon 2004 > Premiere Conference on Open Tools Development and Integration > See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. > http://www.eclipsecon.org/osdn > _______________________________________________ > coLinux-devel mailing list > coL...@li... > https://lists.sourceforge.net/lists/listinfo/colinux-devel > > |
|
From: Ian C. B. <ia...@bl...> - 2004-02-05 17:01:28
|
On Thu, Feb 05, 2004 at 10:49:32AM -0600, Richard Goodwin wrote: > Ian, > > It's not authentication... apparently XP removes the bridging and ICS > options when in a domain. They're simply not there. Oh?! Interesting! That's a first for me. Has anyone else experienced this before? - Ian |
|
From: Tony H. <tm...@no...> - 2004-02-05 17:03:55
|
Richard Goodwin wrote: > Ian, > > It's not authentication... apparently XP removes the bridging and ICS > options when in a domain. They're simply not there. > Bridging is there... I'm in a domain at the moment and right clicking on the adapter has a 'bridge connections' option. It only appears if you have >1 network adapter I think. Tony |
|
From: Richard G. <ric...@ri...> - 2004-02-05 17:09:53
|
Interesting.. I actually have a dual port adapter, plus the TAP, plus a bluetooth network "adapter", plus one more... I wonder why bridging doesn't show up for me. Tony, ICS IS missing for you right? BTW, the easiest answer to all this is to run a proxy on the Windows host, and most of the linux stuff will communicate through an http proxy. However, this crashes the current daemon (Dan is working on it, memory problem) so I'm still toying with the bridging stuff in the meantime. Ian, Thanks for the smackdown on the networking info...In my haste of making up numbers, I broke some rules ;-) ----- Original Message ----- From: "Tony Hoyle" <tm...@no...> To: "Richard Goodwin" <ric...@ri...> Cc: "Ian C. Blenke" <ia...@bl...>; "Cooperative Linux Development" <col...@li...> Sent: Thursday, February 05, 2004 11:03 AM Subject: Re: [coLinux-devel] TCP Forwarding? Or General Networking Questions..? > Richard Goodwin wrote: > > Ian, > > > > It's not authentication... apparently XP removes the bridging and ICS > > options when in a domain. They're simply not there. > > > Bridging is there... I'm in a domain at the moment and right clicking on > the adapter has a 'bridge connections' option. > > It only appears if you have >1 network adapter I think. > > Tony > > > |
|
From: Tony H. <tm...@no...> - 2004-02-05 17:11:35
|
Tony Hoyle wrote: > > Bridging is there... I'm in a domain at the moment and right clicking on > the adapter has a 'bridge connections' option. Internet connection sharing is there too, on the same page as the internet connection firewall. Tony |
|
From: Richard G. <ric...@ri...> - 2004-02-05 17:25:37
|
Weird.. I'll dig up the MS KB article that I found that basically said "ICS is not available when a machine is part of a domain". If that's not true, then it must be that the admins-that-be feel that I shouldn't be allowed to enable ICS ;-) ----- Original Message ----- From: "Tony Hoyle" <tm...@no...> To: "Tony Hoyle" <tm...@no...> Cc: "Richard Goodwin" <ric...@ri...>; "Ian C. Blenke" <ia...@bl...>; "Cooperative Linux Development" <col...@li...> Sent: Thursday, February 05, 2004 11:11 AM Subject: Re: [coLinux-devel] TCP Forwarding? Or General Networking Questions..? > Tony Hoyle wrote: > > > > Bridging is there... I'm in a domain at the moment and right clicking on > > the adapter has a 'bridge connections' option. > > Internet connection sharing is there too, on the same page as the > internet connection firewall. > > Tony > > > > > |
|
From: Robert <ro...@ar...> - 2004-02-05 17:34:43
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
There is a likelyhood that an admin would disable ICS by AD policy.
It's a bit nasty to have a PC in a network competing with your "proper"
DHCP server.<br>
<br>
Robert.<br>
<br>
Richard Goodwin wrote:<br>
<blockquote cite="mid02c401c3ec0d$1208ea50$647ba8c0@beeners" type="cite">
<pre wrap="">Weird..
I'll dig up the MS KB article that I found that basically said "ICS is not
available when a machine is part of a domain". If that's not true, then it
must be that the admins-that-be feel that I shouldn't be allowed to enable
ICS ;-)
----- Original Message -----
From: "Tony Hoyle" <a class="moz-txt-link-rfc2396E" href="mailto:tm...@no..."><tm...@no...></a>
To: "Tony Hoyle" <a class="moz-txt-link-rfc2396E" href="mailto:tm...@no..."><tm...@no...></a>
Cc: "Richard Goodwin" <a class="moz-txt-link-rfc2396E" href="mailto:ric...@ri..."><ric...@ri...></a>; "Ian C. Blenke"
<a class="moz-txt-link-rfc2396E" href="mailto:ia...@bl..."><ia...@bl...></a>; "Cooperative Linux Development"
<a class="moz-txt-link-rfc2396E" href="mailto:col...@li..."><col...@li...></a>
Sent: Thursday, February 05, 2004 11:11 AM
Subject: Re: [coLinux-devel] TCP Forwarding? Or General Networking
Questions..?
</pre>
<blockquote type="cite">
<pre wrap="">Tony Hoyle wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Bridging is there... I'm in a domain at the moment and right clicking on
the adapter has a 'bridge connections' option.
</pre>
</blockquote>
<pre wrap="">Internet connection sharing is there too, on the same page as the
internet connection firewall.
Tony
</pre>
</blockquote>
<pre wrap=""><!---->
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
<a class="moz-txt-link-freetext" href="http://www.eclipsecon.org/osdn">http://www.eclipsecon.org/osdn</a>
_______________________________________________
coLinux-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:coL...@li...">coL...@li...</a>
<a class="moz-txt-link-freetext" href="https://lists.sourceforge.net/lists/listinfo/colinux-devel">https://lists.sourceforge.net/lists/listinfo/colinux-devel</a>
</pre>
</blockquote>
<br>
</body>
</html>
|
|
From: Richard G. <ric...@ri...> - 2004-02-05 17:36:41
|
Hot on the heels of my last email, I found the section where it is disabled. Oh well, it shall have to be a proxy for me, so I'll sit back and wait for the next cL release... Thanks! ----- Original Message ----- From: "Robert" <ro...@ar...> To: "Richard Goodwin" <ric...@ri...> Cc: "Cooperative Linux Development" <col...@li...> Sent: Thursday, February 05, 2004 11:34 AM Subject: Re: [coLinux-devel] TCP Forwarding? Or General Networking Questions..? > There is a likelyhood that an admin would disable ICS by AD policy. It's a bit nasty to have a PC in a network competing with your "proper" DHCP server. > > Robert. > > Richard Goodwin wrote: > > Weird.. > > I'll dig up the MS KB article that I found that basically said "ICS is not > available when a machine is part of a domain". If that's not true, then it > must be that the admins-that-be feel that I shouldn't be allowed to enable > ICS ;-) > > ----- Original Message ----- > From: "Tony Hoyle" <tm...@no...> > To: "Tony Hoyle" <tm...@no...> > Cc: "Richard Goodwin" <ric...@ri...>; "Ian C. Blenke" > <ia...@bl...>; "Cooperative Linux Development" > <col...@li...> > Sent: Thursday, February 05, 2004 11:11 AM > Subject: Re: [coLinux-devel] TCP Forwarding? Or General Networking > Questions..? > > > Tony Hoyle wrote: > Bridging is there... I'm in a domain at the moment and right clicking on > the adapter has a 'bridge connections' option. > Internet connection sharing is there too, on the same page as the > internet connection firewall. > > Tony > > > > > > > > > ------------------------------------------------------- > The SF.Net email is sponsored by EclipseCon 2004 > Premiere Conference on Open Tools Development and Integration > See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. > http://www.eclipsecon.org/osdn > _______________________________________________ > coLinux-devel mailing list > coL...@li... > https://lists.sourceforge.net/lists/listinfo/colinux-devel > > > |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X