Menu
▾
▴
colinux-users
|
From: Mike <dis...@bo...> - 2008-03-25 21:00:15
|
Hi, I've been trying to get the 'private network' design, as shown in the Network Howto (section 'Keep Windows off the network -- surf via Linux') to work. On my pc with wired internet connection it works like a charm, but now I'm trying to set it up on a pc with a wireless connection. Tried all kind of variants (w/wo loopback, taptun/pcap-bridge, various IP configurations, w/wo promisc) but did not succeed to get it to work. OS: WinXP pro and Archlinux on Colinux (0.7.2) I connect to internet through a router using wep encryption and fixed IP adresses. The host has a wifi card (ZyDas zd1211, usb), -MAC 00:11:E2:00:EA:93 -ip 192.168.2.23 (name PhysicalNetwork) -gw 192.168.2.254 -pcap-bridge 192.168.2.24 (Colinux-TAP-external-network) -taptun 192.168.100.1 (Colinux-TAP-guest-network) The guest (Archlinux, runs squid),has eth0: 192.168.2.25 (name Colinux-TAP-external-network) eth1: 192.168.100.2 (name Colinux-TAP-guest-network) The connection to the guest through 192.168.100.1-192.168.100.2 works. Now the simple question is: how do I get it to work? More precise: -When I use a loopback adapter in windows, what would the design look like (e.g. which IP addresses and gw's I should use ). What type of bridge I should use (the ICS or bridge) between PhysicalNetwork and Colinux-TAP-host? -Can I also use pcap-bridge adapter on the client, to inject directly into the PhysicalNetwork adapter, should I, in that case, install the wireless extensions (iwconfig, etc) in the guest, or would the connection use the wireless-settings of the host? Should I provide a MAC address for Colinux-TAP-host (a unique one or a copy of the PhysicalNetwork adapter) Lots of questions, but I would love to get this to work... Thanks Mike |
|
From: Henry N. <Hen...@Ar...> - 2008-03-25 21:54:12
|
Hello Mike, Mike schrieb: > Hi, > I've been trying to get the 'private network' design, as shown in the Network > Howto (section 'Keep Windows off the network -- surf via Linux') to work. On my > pc with wired internet connection it works like a charm, but now I'm trying to > set it up on a pc with a wireless connection. Tried all kind of variants (w/wo > loopback, taptun/pcap-bridge, various IP configurations, w/wo promisc) but did > not succeed to get it to work. > > OS: WinXP pro and Archlinux on Colinux (0.7.2) > > I connect to internet through a router using wep encryption and fixed IP > adresses. > > The host has a wifi card (ZyDas zd1211, usb), > -MAC 00:11:E2:00:EA:93 > -ip 192.168.2.23 (name PhysicalNetwork) > -gw 192.168.2.254 > -pcap-bridge 192.168.2.24 (Colinux-TAP-external-network) > -taptun 192.168.100.1 (Colinux-TAP-guest-network) > > > The guest (Archlinux, runs squid),has > eth0: 192.168.2.25 (name Colinux-TAP-external-network) > eth1: 192.168.100.2 (name Colinux-TAP-guest-network) > > The connection to the guest through 192.168.100.1-192.168.100.2 works. > > Now the simple question is: how do I get it to work? > More precise: > -When I use a loopback adapter in windows, what would the design look like (e.g. > which IP addresses and gw's I should use ). What type of bridge I should use > (the ICS or bridge) between PhysicalNetwork and Colinux-TAP-host? > > -Can I also use pcap-bridge adapter on the client, to inject directly into the > PhysicalNetwork adapter, should I, in that case, install the wireless extensions > (iwconfig, etc) in the guest, or would the connection use the wireless-settings > of the host? Should I provide a MAC address for Colinux-TAP-host (a unique one > or a copy of the PhysicalNetwork adapter) > > Lots of questions, but I would love to get this to work... true lot of. :-) Hope, we talk about a scene, that was in wiki as http://colinux.wikia.com/wiki/Network#TAP_-_Private_Connection_with_Hosting_OS First you should configure the networks separately. I see, eth1 is working for you - the connection between host and guest. Disable eth1 while you configure the eth0. After both of network works separately, you can enable both at same time. eth0 should not bridge to any "TAP". The "pcap-bridge 192.168.2.24" should configure to your real LAN "(name PhysicalNetwork)" or the name of WiFI card. But, I'm afraid pcap-bridge does not work for your card. Some times helps to disable CRC checksum in this card. Some Access points don't allow to injecting different MAC on same air channel. In that case pcap-bridge would never work. Check the outgoing and response of network with http://www.wireshark.org/ on your WiFi. Test to send a Ping to your router, and watch the answer from your router. I currently not know the state of wireshark. Have it a option to inject (send) ping packets? If yes, try it with this tool. It uses also the WinPcap, the same coLinux use for pcap-bridge. An other way would better work: Let windows bridge the WiFi with you second TAP (Colinux-TAP-external-network), hope this is the name. You needs to have 2 Win32-TAP drivers for that scenario and you must give the right names in the colinux config, autodetection does not work with more as one TAP-Win32. Don't use the same MAC more as ones, this would never work. iwconfig is not usable inside coLinux. The client does not know the external hardware (wifi, ethernet cable, or DSL modem). -- Henry N. |
|
From: Mike <dis...@bo...> - 2008-03-29 09:44:33
|
> > I connect to internet through a router using wep encryption and fixed IP > > adresses. > > > > The host has a wifi card (ZyDas zd1211, usb), > > -MAC 00:11:E2:00:EA:93 > > -ip 192.168.2.23 (name PhysicalNetwork) > > -gw 192.168.2.254 > > -pcap-bridge 192.168.2.24 (Colinux-TAP-external-network) > > -taptun 192.168.100.1 (Colinux-TAP-guest-network) > > > > > > The guest (Archlinux, runs squid),has > > eth0: 192.168.2.25 (name Colinux-TAP-external-network) > > eth1: 192.168.100.2 (name Colinux-TAP-guest-network) > > > > The connection to the guest through 192.168.100.1-192.168.100.2 works. > > > > Hope, we talk about a scene, that was in wiki as > http://colinux.wikia.com/wiki/Network#TAP_-_Private_Connection_with_Hosting_OS Yep, that's exactly what I want. -snip- > eth0 should not bridge to any "TAP". The "pcap-bridge 192.168.2.24" > should configure to your real LAN "(name PhysicalNetwork)" or the name > of WiFI card. But, I'm afraid pcap-bridge does not work for your card. > Some times helps to disable CRC checksum in this card. Some Access > points don't allow to injecting different MAC on same air channel. In > that case pcap-bridge would never work. I cannot find where to disable CRC checksum in this ZyDas adapter. Also tried another USB adapter (Netgear) same problem, so I've given up trying to inject straight into the Wifi adapter. Pity that it does not work, in my other PC (wired) it works perfect. -snip > > An other way would better work: Let windows bridge the WiFi with you > second TAP (Colinux-TAP-external-network), hope this is the name. You > needs to have 2 Win32-TAP drivers for that scenario and you must give > the right names in the colinux config, autodetection does not work with > more as one TAP-Win32. OK the scenario would than be: (for simplicity lets forget the host->guest connection for now) Internet Router: 192.168.2.254 Colinux: eth0: (taptun 10.0.1.1 255.255.255.0 10.0.1.255 gw 10.0.1.2) Host: wtap0 (WinTAP 10.0.1.2 255.255.255.0 10.0.1.255 gw 192.168.2.254) phys (Wifi 192.168.2.23 255.255.255.0 192.168.2.255 gw 192.168.2.254) +---------------------+ +-------------------------+ | Colinux guest | | WinXP host | +-----+ | eth0 +<------>+ wtap0 phys +<--->+lan | | ^ | +------>???<------+ | ^ +-----+ +---------------------+ | +-------------------------+ | | | 10.0.1.0 192.168.2.0 network network Question now is how to make sure the wtap0 forwards all communication to phys and vice versa? > Don't use the same MAC more as ones, this would never work. OK that's clear > > iwconfig is not usable inside coLinux. The client does not know the > external hardware (wifi, ethernet cable, or DSL modem). OK. Mike |
|
From: Henry N. <Hen...@Ar...> - 2008-03-30 20:25:06
|
Mike wrote: > OK the scenario would than be: > (for simplicity lets forget the host->guest connection for now) > > Internet Router: 192.168.2.254 > > Colinux: > eth0: (taptun 10.0.1.1 255.255.255.0 10.0.1.255 gw 10.0.1.2) > > Host: > wtap0 (WinTAP 10.0.1.2 255.255.255.0 10.0.1.255 gw 192.168.2.254) > phys (Wifi 192.168.2.23 255.255.255.0 192.168.2.255 gw 192.168.2.254) > > +---------------------+ +-------------------------+ > | Colinux guest | | WinXP host | +-----+ > | eth0 +<------>+ wtap0 phys +<--->+lan > | | ^ | +------>???<------+ | ^ +-----+ > +---------------------+ | +-------------------------+ | > | | > 10.0.1.0 192.168.2.0 > network network > > Question now is how to make sure the wtap0 forwards all communication to phys > and vice versa? This type of forwarding is named "bridge". I'm prefer Windows bridge way. That I have tested with cable networks. http://colinux.wikia.com/wiki/Network#TAP_with_Windows_Software_Bridge The other way is Internet Connection Sharing (ICS). This is perhaps the better way for WLAN. http://colinux.wikia.com/wiki/Network#Internet_Connection_Sharing_.28ICS.29 "Networking" in http://www.ibm.com/developerworks/library/l-virtualization-colinux/ -- Henry N. |
|
From: Henry N. <Hen...@Ar...> - 2008-03-30 20:29:31
|
Henry Nestler wrote: > Mike wrote: >> OK the scenario would than be: >> (for simplicity lets forget the host->guest connection for now) >> >> Internet Router: 192.168.2.254 >> >> Colinux: >> eth0: (taptun 10.0.1.1 255.255.255.0 10.0.1.255 gw 10.0.1.2) >> >> Host: >> wtap0 (WinTAP 10.0.1.2 255.255.255.0 10.0.1.255 gw 192.168.2.254) >> phys (Wifi 192.168.2.23 255.255.255.0 192.168.2.255 gw 192.168.2.254) >> >> +---------------------+ +-------------------------+ >> | Colinux guest | | WinXP host | +-----+ >> | eth0 +<------>+ wtap0 phys +<--->+lan >> | | ^ | +------>???<------+ | ^ +-----+ >> +---------------------+ | +-------------------------+ | >> | | >> 10.0.1.0 192.168.2.0 >> network network >> >> Question now is how to make sure the wtap0 forwards all communication to phys >> and vice versa? > > This type of forwarding is named "bridge". > > I'm prefer Windows bridge way. That I have tested with cable networks. > http://colinux.wikia.com/wiki/Network#TAP_with_Windows_Software_Bridge > > The other way is Internet Connection Sharing (ICS). > This is perhaps the better way for WLAN. > http://colinux.wikia.com/wiki/Network#Internet_Connection_Sharing_.28ICS.29 > "Networking" in > http://www.ibm.com/developerworks/library/l-virtualization-colinux/ > Think this description for ICS is better: http://colinux.wikia.com/wiki/Getting_Started_with_coLinux_-_Long_manual#Setting_up_networking_with_TAP-Win32_and_ICS -- Henry N. |
|
From: Mike <dis...@bo...> - 2008-04-05 10:36:28
|
Henry Nestler <Henry.Ne@...> writes: > Think this description for ICS is better: > http://colinux.wikia.com/wiki/Getting_Started_with_coLinux_-_Long_manual#Setting_up_networking_with_TAP-Win32_and_ICS > OK, I'm getting further. Basically I'm using the configuration as suggested in your last example. Situation is now that, from within colinux, I can ping the lan-router (192.168.2.254), but not the ADSL-router (192.168.1.254). When I ping e.g. www.colinux.org, the IP address is resolved, but I get no packages back. That would suggest a setting in the router blocking the request. However, when I start the PC with my second boot option (Ubuntu) then I'm getting through without problem (can access http,ping,ftp, etc). This is the current layout (for simplicities sake I've left out the second virtual TAP network eth1-wtap1): +-----------------------+ +------------------------+ | coLinux (guest) | | WinXP (host) | | | | wtap0: (Win-TAP32)<-+ | | eth0: | | IP:192.168.100.1 | | | IP 192.168.100.2 <--|------|--> | | | gateway: 192.168.100.1| | ICS | +-----------------------+ +---|--> | | | | PhysicalNetwork: <-+ | | | IP:192.168.2.10 (wifi) | | | gateway: 192.168.2.254 | | +------------------------+ | +------------------------+ | | lan router (netgear) | | | 192.168.2.254 | +---|--> | | | +---|--> | | | IP: 192.168.1.253 | | | gateway: 192.168.1.254 | | +------------------------+ | | +------------------------+ | | ADSL router (speedtouch| +----------------+ | | IP:192.168.1.254 | | | +---|--> <---|--|other lan router| | | |IP:192.168.1.252| +------------------------+ +--|--> | +----------------+ | Provider | | | Dynamic IP (DHCP): | | <--|--+ | | | | | | +------------------------+ +------------------------+ ============================================================= These are the network settings of colinux guest: ifconfig eth0 Link encap:Ethernet HWaddr 00:FF:70:2D:9E:70 inet addr:192.168.100.2 Bcast:192.168.100.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:402 errors:0 dropped:0 overruns:0 frame:0 TX packets:87 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:145595 (142.1 Kb) TX bytes:6438 (6.2 Kb) Interrupt:2 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:12266 errors:0 dropped:0 overruns:0 frame:0 TX packets:12266 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1644280 (1.5 Mb) TX bytes:1644280 (1.5 Mb) route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.100.0 * 255.255.255.0 U 0 0 0 eth0 default 192.168.100.1 0.0.0.0 UG 0 0 0 eth0 ======================================================================== These are the network settings of the windows host ipconfig /all Windows IP-configuratie Host-naam . . . . . . . . . . . .: amd64-5000 Primair DNS-achtervoegsel. . . . .: Knooppunttype: . . . . . . . . . .: onbekend IP-routering ingeschakeld. . . . .: ja WINS-proxy ingeschakeld . . . . . : nee Ethernet-adapter wtap0: Verbindingsspec. DNS-achtervoegsel: Beschrijving . . . . . . . . . . .: TAP-Win32 Adapter V8 (coLinux) #2 Fysiek adres. . . . . . . . . . . : 00-FF-AC-BD-CA-42 DHCP ingeschakeld:. . . . . . . . : nee IP-adres. . . . . . . . . . . . . : 192.168.100.1 Subnetmasker. . . . . . . . . . . : 255.255.255.0 Standaardgateway. . . . . . . . . : Ethernet-adapter PhysicalNetwork: Verbindingsspec. DNS-achtervoegsel: Beschrijving . . . . . . . . . . .: X-Micro WLAN 11g USB Adapter Fysiek adres. . . . . . . . . . . : 00-11-E2-00-EA-92 DHCP ingeschakeld:. . . . . . . . : nee IP-adres. . . . . . . . . . . . . : 192.168.2.10 Subnetmasker. . . . . . . . . . . : 255.255.255.0 Standaardgateway. . . . . . . . . : 192.168.2.254 =============================================================== So the wireless connection from colinux to the router is up and running, but I sill cannot get further. What have i missed?? Thanks. Mike |
|
From: <Use...@zo...> - 2008-04-05 20:21:24
|
dis...@bo...(Mike) 05.04.08 10:36 Once upon a time "Mike " shaped the electrons to say... >Henry Nestler <Henry.Ne@...> writes: >> Think this description for ICS is better: >> >http://colinux.wikia.com/wiki/Getting_Started_with_coLinux_-_Long_manu >>al#Setting_up_networking_with_TAP-Win32_and_ICS >OK, I'm getting further. Basically I'm using the configuration as >suggested in your last example. >Situation is now that, >from within colinux, I can ping the lan-router (192.168.2.254), >but not the ADSL-router (192.168.1.254). >When I ping e.g. www.colinux.org, the IP address is resolved, >but I get no packages back. Where do know from that they are going "out" at all? can you telnet to ix.de port 80 or so? >That would suggest a setting in the router blocking the request. Yes. ICMP is not TCP and maybe the windows firewall is blocking it? Have you tried traceroute/tracepath/tracert? >However, when I start the PC with my second boot option >(Ubuntu) then I'm getting through without problem (can access >http,ping,ftp, etc). >This is the current layout (for simplicities sake >I've left out the second virtual TAP network eth1-wtap1): > +-----------------------+ +------------------------+ > | coLinux (guest) | | WinXP (host) | > | | | wtap0: (Win-TAP32)<-+ | > | eth0: | | IP:192.168.100.1 | | > | IP 192.168.100.2 <--|------|--> | | > | gateway: 192.168.100.1| | ICS | > +-----------------------+ +---|--> | | > | | PhysicalNetwork: <-+ | > | | IP:192.168.2.10 (wifi) | > | | gateway: 192.168.2.254 | > | +------------------------+ > | +------------------------+ > | | lan router (netgear) | > | | 192.168.2.254 | > +---|--> | > | | > +---|--> | > | | IP: 192.168.1.253 | > | | gateway: 192.168.1.254 | > | +------------------------+ > | > | +------------------------+ > | | ADSL router (speedtouch| +----------------+ > | | IP:192.168.1.254 | | | > +---|--> <---|--|other lan router| > | | |IP:192.168.1.252| > +------------------------+ +--|--> | +----------------+ > | Provider | | | Dynamic IP (DHCP): | > | <--|--+ | | > | | | | > +------------------------+ +------------------------+ > ============================================================= >============================================================= >These are the network settings of colinux guest: >ifconfig >eth0 Link encap:Ethernet HWaddr 00:FF:70:2D:9E:70 > inet addr:192.168.100.2 Bcast:192.168.100.255 >Mask:255.255.255.0 > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:402 errors:0 dropped:0 overruns:0 frame:0 > TX packets:87 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:145595 (142.1 Kb) TX bytes:6438 (6.2 Kb) Why do you have such a lot "incoming" traffic? >Destination Gateway Genmask Flags Metric Ref Use Iface >192.168.100.0 * 255.255.255.0 U 0 0 0 eth0 >default 192.168.100.1 0.0.0.0 UG 0 0 0 eth0 /etc/resolv.conf? >====================================================================== >These are the network settings of the windows host >ipconfig /all >Windows IP-configuratie > Host-naam . . . . . . . . . . . .: amd64-5000 > Primair DNS-achtervoegsel. . . . .: > Knooppunttype: . . . . . . . . . .: onbekend > IP-routering ingeschakeld. . . . .: ja > WINS-proxy ingeschakeld . . . . . : nee >Ethernet-adapter wtap0: > Verbindingsspec. DNS-achtervoegsel: > Beschrijving . . . . . . . . . . .: > TAP-Win32 Adapter V8 (coLinux) #2 > Fysiek adres. . . . . . . . . . . : 00-FF-AC-BD-CA-42 > DHCP ingeschakeld:. . . . . . . . : nee > IP-adres. . . . . . . . . . . . . : 192.168.100.1 > Subnetmasker. . . . . . . . . . . : 255.255.255.0 > Standaardgateway. . . . . . . . . : ^^^^^?????????????? >Ethernet-adapter PhysicalNetwork: > Verbindingsspec. DNS-achtervoegsel: > Beschrijving . . . . . . . . . . .: > X-Micro WLAN 11g USB Adapter > Fysiek adres. . . . . . . . . . . : 00-11-E2-00-EA-92 > DHCP ingeschakeld:. . . . . . . . : nee > IP-adres. . . . . . . . . . . . . : 192.168.2.10 > Subnetmasker. . . . . . . . . . . : 255.255.255.0 > Standaardgateway. . . . . . . . . : 192.168.2.254 >=============================================================== >So the wireless connection from colinux to the router is up and >running, but I sill cannot get further. What have i missed?? >Thanks. >Mike Rainer---<=====> Vertraulich // Key-ID:38F34C59 // <=====>--------------ocholl, Kiel, Germany ------------ |
|
From: Mike <dis...@bo...> - 2008-04-06 13:30:35
|
Rainer Zocholl <UseNet-Posting-Nospam-74308-@...> writes: > > dispose02@...(Mike) 05.04.08 10:36 > > Once upon a time "Mike " shaped the electrons to say... YEs, a colleague of mine believes electrons are egg-shaped, thats why computers sometimes do unexpected things... > >When I ping e.g. www.colinux.org, the IP address is resolved, > >but I get no packages back. > > Where do know from that they are going "out" at all? When I ping a network which I've never pinged from that pc, I assume it cannot be from cache. Traceroute returns packages from the lan-router, not from the rest of the world, so I assume there is traffic going in and out. > can you telnet to ix.de port 80 or so? Have no telnet installed, but ssh works to all 192.168.2.* workstations, not to 192.168.1.3 (a pc on the 192.168.1.* network). > >That would suggest a setting in the router blocking the request. > > Yes. ICMP is not TCP and maybe the windows firewall is blocking it? Firewall on the PC is turned of, when I use Ubuntu from the same PC, there is no problem, suggests that the router-firewalls are not blocking, or .... > Have you tried traceroute/tracepath/tracert? traceroute shows an answer from the lan-router, but then only * * ... > >============================================================= > >These are the network settings of colinux guest: > >ifconfig > > >eth0 Link encap:Ethernet HWaddr 00:FF:70:2D:9E:70 > > inet addr:192.168.100.2 Bcast:192.168.100.255 > >Mask:255.255.255.0 > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > RX packets:402 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:87 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:1000 > > RX bytes:145595 (142.1 Kb) TX bytes:6438 (6.2 Kb) > > Why do you have such a lot "incoming" traffic? I've no idea, may be because I used that route to access webmin on colinux > >Destination Gateway Genmask Flags Metric Ref Use Iface > >192.168.100.0 * 255.255.255.0 U 0 0 0 eth0 > >default 192.168.100.1 0.0.0.0 UG 0 0 0 eth0 > > /etc/resolv.conf? nameserver 192.168.2.254 > >====================================================================== > > >These are the network settings of the windows host > >ipconfig /all > > >Ethernet-adapter wtap0: > > Verbindingsspec. DNS-achtervoegsel: > > Beschrijving . . . . . . . . . . .: > > TAP-Win32 Adapter V8 (coLinux) #2 > > Fysiek adres. . . . . . . . . . . : 00-FF-AC-BD-CA-42 > > DHCP ingeschakeld:. . . . . . . . : nee > > IP-adres. . . . . . . . . . . . . : 192.168.100.1 > > Subnetmasker. . . . . . . . . . . : 255.255.255.0 > > Standaardgateway. . . . . . . . . : ^^^^^?????????????? is ICS-bridged to PhysicalNetwork, guess it does not need a standard gateway, or..... Thanks Mike |
|
From: <Use...@zo...> - 2008-04-06 17:50:27
|
dis...@bo...(Mike) 06.04.08 13:30 Once upon a time "Mike " shaped the electrons to say... >Rainer Zocholl <UseNet-Posting-Nospam-74308-@...> writes: >> dispose02@...(Mike) 05.04.08 10:36 >> >> Once upon a time "Mike " shaped the electrons to say... >YEs, a colleague of mine believes electrons are egg-shaped, thats why >computers sometimes do unexpected things... He's an egghead? ;-) I reinsert you good painting: >>> +-----------------------+ +------------------------+ >>> | coLinux (guest) | | WinXP (host) | >>> | | | wtap0: (Win-TAP32)<-+ | >>> | eth0: | | IP:192.168.100.1 | | >>> | IP 192.168.100.2 <--|------|--> | | >>> | gateway: 192.168.100.1| | ICS | >>> +-----------------------+ +---|--> | | or:Ubuntu >>> | | PhysicalNetwork: <-+ | >>> | | IP:192.168.2.10 (wifi) | >>> | | gateway: 192.168.2.254 | >>> | +------------------------+ >>> | +------------------------+ >>> | | lan router (netgear) | >>> | | 192.168.2.254 | >>> +---|--> | >>> | | >>> +---|--> | >>> | | IP: 192.168.1.253 | >>> | | gateway: 192.168.1.254 | >>> | +------------------------+ >>> | >>> | +------------------------+ >>> | | ADSL router (speedtouch| +----------------+ >>> | | IP:192.168.1.254 | | | >>> +---|--> <---|--|other lan router| >>> | | |IP:192.168.1.252| >>> +------------------------+ +--|--> | +----------------+ >>> | Provider | | | Dynamic IP (DHCP): | >>> | <--|--+ | | >>> | | | | >>> +------------------------+ +------------------------+ >>> ============================================================= If i interpret your drawing the otherway, you are doing natting twice? Once at IP:192.168.1.254 and second times on 192.168.2.254. That's good for lot of funny effects. >>>When I ping e.g. www.colinux.org, the IP address is resolved, >>>but I get no packages back. >> >> Where do know from that they are going "out" at all? >When I ping a network which I've never pinged from that pc, >I assume it cannot be from cache. I think the other way: To get "no resonse" you have two chances: The way out, and the way back. >Traceroute returns packages from the lan-router, as there is no routing involved. >not from the rest of the world, so I assume there is >traffic going in and out. >> can you telnet to ix.de port 80 or so? >Have no telnet installed, but ssh works to all 192.168.2.* workstations, same LAN segment, no routing involved. >not to 192.168.1.3 (a pc on the 192.168.1.* network). So you have a routing problem. >>>That would suggest a setting in the router blocking the request. >> >> Yes. ICMP is not TCP and maybe the windows firewall is blocking it? >Firewall on the PC is turned off, >when I use Ubuntu from the same PC, there is no problem, I added that to the drawing. Right? >suggests that the router-firewalls are not blocking, or .... What does "arp -a" say? Which MACs do you see at what ("external") IPs? >> Have you tried traceroute/tracepath/tracert? >traceroute shows an answer from the lan-router, but then only * * ... So you have a routing problem... >>>============================================================= >>>These are the network settings of colinux guest: >>>ifconfig >> >>>eth0 Link encap:Ethernet HWaddr 00:FF:70:2D:9E:70 >>> inet addr:192.168.100.2 Bcast:192.168.100.255 >>>Mask:255.255.255.0 >>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >>> RX packets:402 errors:0 dropped:0 overruns:0 frame:0 >>> TX packets:87 errors:0 dropped:0 overruns:0 carrier:0 >>> collisions:0 txqueuelen:1000 >>> RX bytes:145595 (142.1 Kb) TX bytes:6438 (6.2 Kb) >> >> Why do you have such a lot "incoming" traffic? >I've no idea, may be because I used that route to access webmin on >colinux Do you have tcpdump resp. wireshark or can install it? >>>Destination Gateway Genmask Flags Metric Ref Use >>>Iface 192.168.100.0 * 255.255.255.0 U 0 0 >>>0 eth0 default 192.168.100.1 0.0.0.0 UG 0 >>>0 0 eth0 >> >> /etc/resolv.conf? >nameserver 192.168.2.254 So it is doing the name resolutionand is accssible from your colinux using (mostly) UDP. But as it is on the same LAN segment: No routing is in volved. I assume 192.168.1.254 does not know how to reach 192.168.100.x ! What IPs do you see (with wireshark) on the physical 192.168.2.10? >>>Ethernet-adapter wtap0: >>> Verbindingsspec. DNS-achtervoegsel: >>> Beschrijving . . . . . . . . . . .: >>> TAP-Win32 Adapter V8 (coLinux) #2 >>> Fysiek adres. . . . . . . . . . . : 00-FF-AC-BD-CA-42 >>> DHCP ingeschakeld:. . . . . . . . : nee >>> IP-adres. . . . . . . . . . . . . : 192.168.100.1 >>> Subnetmasker. . . . . . . . . . . : 255.255.255.0 >>> Standaardgateway. . . . . . . . . : > ^^^^^?????????????? >is ICS-bridged to PhysicalNetwork, guess it does not need a standard >gateway, or..... Where should the guest system know from where to place pakets of foreign nets? But: Is ICS really "bridging" or is that MS-marketing speak for "NATting" ? In case of "bridge" it's clear where the routing problem comes from: Your front end (adsl) router can't know where it should place the anwers for the colunix net. So it's clear, that you can get the DNS responses but do not come further. - Give your colinux an IP in the pysical LAN of your Windows box. - fill up the default gateway entry. Maybe your windows event lock will have interessting news for you. Rainer---<=====> Vertraulich // Key-ID:38F34C59 // <=====>--------------ocholl, Kiel, Germany ------------ |
|
From: <Use...@zo...> - 2008-04-06 18:08:07
|
dis...@bo...(Mike) 06.04.08 13:30 Once upon a time "Mike " shaped the electrons to say... http://www.securitypronews.com/it/networksystems/spn-21-20030731Windows2000ICSNATandIAS.html The machine on which ICS is configured is actually acting as a Network Address Translation (NAT) server. In a nutshell, Network Address Translation is usually used to translate between two connected ranges of IP addresses, usually one that is using a public IP address, and the other which is using a private address range. The `external' interface has a real IP address, and the internal interface is given the private address *192.168.0.1*. The system also acts as a sort of mini DHCP server, handing out IP addresses in the 192.168.0.0/24 range to clients on the internal network. To that end, clients use the addresses received, pointing to the 192.168.0.1 interface as their default gateway. The ICS system also does a DNS proxy function, meaning that all client hostname resolution requests will be forwarded to the ICS system for resolution via the configured external DNS parameters. So i assume: NAT does not work, the pakets from 192.168.100.2 are simply forwarded to the default gateway, which hapens to be your DNS server. Let DHCP determine the IP of the guest or choose 192.168.0.x instead of endless guessing: Install wireshark and see which IPs are used where. > +-----------------------+ +------------------------+ > | coLinux (guest) | | WinXP (host) | > | | | wtap0: (Win-TAP32)<-+ | > | eth0: | | IP:192.168.100.1 | | > | IP 192.168.100.2 <--|------|--> | | > | gateway: 192.168.100.1| | ICS | > +-----------------------+ +---|--> | | > | | PhysicalNetwork: <-+ | > | | IP:192.168.2.10 (wifi) | > | | gateway: 192.168.2.254 | > | +------------------------+ > | +------------------------+ > | | lan router (netgear) | > | | 192.168.2.254 | > +---|--> | > | | > +---|--> | > | | IP: 192.168.1.253 | > | | gateway: 192.168.1.254 | > | +------------------------+ > | > | +------------------------+ > | | ADSL router (speedtouch| +----------------+ > | | IP:192.168.1.254 | | | > +---|--> <---|--|other lan router| > | | |IP:192.168.1.252| > +------------------------+ +--|--> | +----------------+ > | Provider | | | Dynamic IP (DHCP): | > | <--|--+ | | > | | | | > +------------------------+ +------------------------+ > ============================================================= >>>Destination Gateway Genmask Flags Metric Ref Use >>>Iface 192.168.100.0 * 255.255.255.0 U 0 0 >>>0 eth0 default 192.168.100.1 0.0.0.0 UG 0 >>>0 0 eth0 >> >> /etc/resolv.conf? >nameserver 192.168.2.254 Rainer---<=====> Vertraulich // Key-ID:38F34C59 // <=====>--------------ocholl, Kiel, Germany ------------ |
|
From: Mike <dis...@bo...> - 2008-03-29 09:36:25
|
> > I connect to internet through a router using wep encryption and fixed IP > > adresses. > > > > The host has a wifi card (ZyDas zd1211, usb), > > -MAC 00:11:E2:00:EA:93 > > -ip 192.168.2.23 (name PhysicalNetwork) > > -gw 192.168.2.254 > > -pcap-bridge 192.168.2.24 (Colinux-TAP-external-network) > > -taptun 192.168.100.1 (Colinux-TAP-guest-network) > > > > > > The guest (Archlinux, runs squid),has > > eth0: 192.168.2.25 (name Colinux-TAP-external-network) > > eth1: 192.168.100.2 (name Colinux-TAP-guest-network) > > > > The connection to the guest through 192.168.100.1-192.168.100.2 works. > > > > Hope, we talk about a scene, that was in wiki as > http://colinux.wikia.com/wiki/Network#TAP_-_Private_Connection_with_Hosting_OS Yep, that's exactly what I want. -snip- > eth0 should not bridge to any "TAP". The "pcap-bridge 192.168.2.24" > should configure to your real LAN "(name PhysicalNetwork)" or the name > of WiFI card. But, I'm afraid pcap-bridge does not work for your card. > Some times helps to disable CRC checksum in this card. Some Access > points don't allow to injecting different MAC on same air channel. In > that case pcap-bridge would never work. I cannot find where to disable CRC checksum in this ZyDas adapter. Also tried another USB adapter (Netgear) same problem, so I've given up trying to inject straight into the Wifi adapter. Pity that it does not work, in my other PC (wired) it works perfect. -snip > > An other way would better work: Let windows bridge the WiFi with you > second TAP (Colinux-TAP-external-network), hope this is the name. You > needs to have 2 Win32-TAP drivers for that scenario and you must give > the right names in the colinux config, autodetection does not work with > more as one TAP-Win32. OK the scenario would than be: (for simplicity lets forget the host->guest connection for now) Internet Router: 192.168.2.254 Colinux: eth0: (taptun 10.0.1.1 255.255.255.0 10.0.1.255 gw 10.0.1.2) Host: wtap0 (WinTAP 10.0.1.2 255.255.255.0 10.0.1.255 gw 192.168.2.254) phys (Wifi 192.168.2.23 255.255.255.0 192.168.2.255 gw 192.168.2.254) +---------------------+ +-------------------------+ | Colinux guest | | WinXP host | +-----+ | eth0 +<------>+ wtap0 phys +<--->+lan | | ^ | +------>???<------+ | ^ +-----+ +---------------------+ | +-------------------------+ | | | 10.0.1.0 192.168.2.0 network network > Don't use the same MAC more as ones, this would never work. OK that's clear > > iwconfig is not usable inside coLinux. The client does not know the > external hardware (wifi, ethernet cable, or DSL modem). OK. Mike |
|
From: Mike <dis...@bo...> - 2008-03-29 09:51:38
|
Mike <dispose02@...> writes: The parent of this mail should be disgarded It was posted before the actual question was added. Excuse Mike |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X