Linux Format forums

[bbagger]

The 'Build a router' tutorial in LXF 169 works fine, except for one thing: After having set up the router in 'network-1' you are asked to ping e.g. google.com from 'network-2'. This will not work until you flush the FORWARD chain in 'network-1':

iptables -F FORWARD

Best regards,

Bent

[bsimpson]

Perhaps there was something else omitted? Until I tried the suggestion:

iptables -F FORWARD

any attempt to ping beyond the first VM from the second resulted in a “Destination Host Prohibited” error. I tried the minimal installation for both CentOS v6.3 and v6.4, and I believe I followed the tutorial exactly.

After entering the “iptables -F FORWARD” command on the first VM, I get the following behavior from the second VM:

ping google.com – unknown host
ping 74.125.225.165 – 100% packet loss

Any suggestions would be appreciated.

[bbagger]

It is very important that you get the NATing correct. I can (almost) reproduce your error.

You have to make sure that you set up masquerading on the interface that has the 10.0.2.x address, otherwise it won't work. The tutorial specifies masquerading on eth1. In my case eth1 has the address 192.168.1.2, so masquerading will not work. When I changed the masquerading to happen on eth0 everything worked.

When I wrote 'almost' above it meant that I got the 'unknown host' message, but not the 'ping 74.125.225.165 – 100% packet loss' message. The only explanation I can find is that you somehow got the DNS entry for google.com cached locally.

I hope this gets your tutorial working as well.

Bent