- Sep 30, 2001
- 12,684
- 2
- 81
So I've been playing around with monowall and decided to try it out in vmware, except I'm having some network issues.
My host server has two nics:
eth0 on a private LAN 10.0.0.5 no gateway specified
eth1 is hooked up to a cable modem and has a public ip 216.X.X.116 with a gateway of 216.X.X.254
I've got eth0 bridged to vmnet0, and eth1 bridged to vmnet2. I can ping outside hosts on the host OS and everything works as normal, however no matter what I've tried I can't get monowall to ping anything but the local LAN.
Monowall is setup with a static IP for the WAN side 216.X.X.118(i've got multiple public IP's), and it has an IP of 10.0.0.254 on the LAN side. From monowall I can ping IP's in 10.0.0.0/24 no problem, but anything else doesn't work. For awhile I was getting a "No route to host." which I found odd since I had setup the default gateway in monowall to be 216.X.X.254, but after rebooting it I no longer get "No route to host", I just get timeouts.
Does this have anything to do with ip_forwarding? I shouldn't need any iptable rules to let the vmware monowall out to the internet since it's WAN interface is bridged to the NIC that connects to the outside world just fine... unless I am misunderstanding something.
edit: here are the routes and ip settings from the monowall box, sorry about the whitespace... fusecrap is bad
$ netstat -nr
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 216.X.X.254 UGSc 2 0 vxn1
10/24 link#1 UC 2 0 vxn0
127.0.0.1 127.0.0.1 UH 0 0 lo0
216.X.X link#2 UC 1 0 vxn1
216.X.X.254 00:01:X:X:53:42 UHLW 3 0 vxn1 1193
vxn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.0.0.254 netmask 0xffffff00 broadcast 10.0.0.255
ether 00:0c:29:6e:32:0e
vxn1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 216.X.X.118 netmask 0xffffff00 broadcast 216.X.X.255
ether 00:0c:X::32:18
vxn2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
ether 00:0c:29:6e:32:22
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
edit2:
After some more debugging I can see the packets on my host OS through tcpdump and the ethernet frame is destined for the right location(the gateway @ 216.X.X.254) but there are no responses whatsoever. I'm really confused now
My host server has two nics:
eth0 on a private LAN 10.0.0.5 no gateway specified
eth1 is hooked up to a cable modem and has a public ip 216.X.X.116 with a gateway of 216.X.X.254
I've got eth0 bridged to vmnet0, and eth1 bridged to vmnet2. I can ping outside hosts on the host OS and everything works as normal, however no matter what I've tried I can't get monowall to ping anything but the local LAN.
Monowall is setup with a static IP for the WAN side 216.X.X.118(i've got multiple public IP's), and it has an IP of 10.0.0.254 on the LAN side. From monowall I can ping IP's in 10.0.0.0/24 no problem, but anything else doesn't work. For awhile I was getting a "No route to host." which I found odd since I had setup the default gateway in monowall to be 216.X.X.254, but after rebooting it I no longer get "No route to host", I just get timeouts.
Does this have anything to do with ip_forwarding? I shouldn't need any iptable rules to let the vmware monowall out to the internet since it's WAN interface is bridged to the NIC that connects to the outside world just fine... unless I am misunderstanding something.
edit: here are the routes and ip settings from the monowall box, sorry about the whitespace... fusecrap is bad
$ netstat -nr
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 216.X.X.254 UGSc 2 0 vxn1
10/24 link#1 UC 2 0 vxn0
127.0.0.1 127.0.0.1 UH 0 0 lo0
216.X.X link#2 UC 1 0 vxn1
216.X.X.254 00:01:X:X:53:42 UHLW 3 0 vxn1 1193
vxn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.0.0.254 netmask 0xffffff00 broadcast 10.0.0.255
ether 00:0c:29:6e:32:0e
vxn1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 216.X.X.118 netmask 0xffffff00 broadcast 216.X.X.255
ether 00:0c:X::32:18
vxn2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
ether 00:0c:29:6e:32:22
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
edit2:
After some more debugging I can see the packets on my host OS through tcpdump and the ethernet frame is destined for the right location(the gateway @ 216.X.X.254) but there are no responses whatsoever. I'm really confused now
Facebook
Twitter