www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

Strange NAT problem with VLAN Bridge

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Signal a BUG
View previous topic :: View next topic  
Author Message
raspi



Joined: 05 Jul 2008
Posts: 3
Location: Finland

PostPosted: Sun Jul 06, 2008 5:31 am    Post subject: Strange NAT problem with VLAN Bridge Reply with quote

I have

    BRIDGE00 - LAN (ETH00.111) 192.168.0.0/24
    BRIDGE01 - WLAN (ETH00.222) 192.168.1.0/24
    BRIDGE02 - Internet (ETH00.444 ETH01.333) x.x.x.x/25


If I do it manually in Debian like so:

/etc/network/interfaces:
Code:

 auto lo
 iface lo inet loopback
 
 # The primary network interface
 allow-hotplug eth0
 allow-hotplug eth1
 
 iface eth0 inet static
 iface eth1 inet static
 
 auto vlan111
 auto vlan222
 auto vlan333
 auto vlan444
 auto br0
 auto br1
 auto br2
 
 # LAN
 iface vlan111 inet static
         vlan_raw_device eth0
 
 # WLAN
 iface vlan222 inet static
         vlan_raw_device eth0
 
 # ADSL Modem
 iface vlan333 inet static
         vlan_raw_device eth1
 
 # Internet
 iface vlan444 inet static
         vlan_raw_device eth0
 
 # LAN bridge
 iface br0 inet static
         address 192.168.0.1
         netmask 255.255.255.0
         bridge_ports eth0.111
         bridge_stp on
 
 # Internet bridge
 iface br1 inet static
         address x.x.x.x
         netmask 255.255.255.128
         gateway x.x.x.x
         bridge_ports eth1.333 eth0.444
         bridge_stp on
         post-up iptables -t nat -A POSTROUTING -o br1 -j MASQUERADE
         pre-down iptables -t nat -D POSTROUTING -o br1 -j MASQUERADE
 
 # WLAN bridge
 iface br2 inet static
         address 192.168.1.1
         netmask 255.255.255.0
         bridge_ports eth0.222
         bridge_stp on



/etc/sysctl.conf:
Code:

 net.ipv4.conf.default.forwarding=1


So br0 and br2 can access internet using 192.168.0.1/192.168.1.1 as GW and br1 is "straight-through" access without NAT.

Bridge br1 (Internet) doesn't NAT VLAN 444/333 with br1's IP while ZeroShell (BRIDGE02, same as br1 in example) does. So what is ZeroShell doing?
_________________
raspi
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Signal a BUG All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group