Menu
▾
▴
Re: [coLinux-devel] TCP Forwarding? Or General Networking Questions..?
|
From: Richard G. <ric...@ri...> - 2004-02-05 16:49:37
|
Ian, It's not authentication... apparently XP removes the bridging and ICS options when in a domain. They're simply not there. ----- Original Message ----- From: "Ian C. Blenke" <ia...@bl...> To: "Richard Goodwin" <ric...@ri...> Cc: "Cooperative Linux Development" <col...@li...> Sent: Thursday, February 05, 2004 10:29 AM Subject: Re: [coLinux-devel] TCP Forwarding? Or General Networking Questions..? > On Thu, Feb 05, 2004 at 10:00:04AM -0600, Richard Goodwin wrote: > > Ok, > > > > So on my work machine, where I'd most dearly love to run cL, I am unable to > > Bridge or enable ICS because we are members of a domain. So, I need to I > > guess use the IP forwarding of XP or figure out some other solution. > > Why does bridging or ICS affect your authentication? I'm confused. > > > Here's the setup: > > > > Local Area Connection 2: "corporate" network, gets DHCP and DNS addresses > > from network. For arguments sake, let's say it's IP is 199.199.199.199, and > > the gateway is 199.199.199.1, and subnet mask is 255.255.255.252 (which it > > actually is) > > That's impossible. If your IP is 199.199.199.199 with a 255.255.255.252 > mask, your IP is the broadcast (all ones) address on the 199.199.199.196 > network. In that case, I would think it far more likely that your IP > would be 199.199.199.198, with a default route through your router at > 199.199.199.197. The 199.199.199.1 IP would be on a completely different > netblock, unreachable directly. > > You have a host on a /30 segment? Bridging probably is right out for you > then.. but why does ICS block your SMB connectivity? > > If you meant a 255.255.252.0 netblock, then bridging would make sense. > I'll bet this is what you have, as a /22 block with 1024 hosts is far > more common on Enterprise networks. > > > TAP: You know what this is ;-) Currently set to 192.168.0.1, and the gateway > > set to the IP of the LAC#2 (don't know if that's right or not) > > You don't want a gateway on that interface. You only want one "default gateway" on a > box (where packets not destined for any local static routes are sent). > > On your Linux image, you would set your default gateway 192.168.0.1. > > Think of gateway as the "gateway of last resort". If a packet is > destined for somewhere your machine doesn't know how to get to, it hands > it off to the gateway for it to deliver the traffic for you. > > > eth0 in cL: currently set to 192.168.0.40, and gateway set to TAP IP. > > That is correct. > > > I did the IPEnableRouter = 1 in the registry and rebooted, and I can ping > > TAP and LAC#2 from cL, but can't ping past LAC#2. Am I missing something > > obvious? > > Yes. Your network beyond your 199.199.199.x gateway does not have a route > to get back to the 192.168.0.0/24 network. Packets go out, but your enterprise > network does not know how to give them back. > > There are two solutions to this problem: > > 1. You need to enable ICS. All traffic will then appear to be coming from your > LAC#2. ICS is glorified Network Address Translation (NAT). > 2. Convince your enterprise network guys to add a route to your little private > virtual segment on the routers. > > - Ian C. Blenke <ia...@bl...> > > > > ------------------------------------------------------- > The SF.Net email is sponsored by EclipseCon 2004 > Premiere Conference on Open Tools Development and Integration > See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. > http://www.eclipsecon.org/osdn > _______________________________________________ > coLinux-devel mailing list > coL...@li... > https://lists.sourceforge.net/lists/listinfo/colinux-devel > > |
