[clug] Network routing joy (iptables, bridging, nat)
David Tulloh
david at tulloh.id.au
Tue Sep 1 04:36:15 MDT 2009
|----------------|
| br0 |
| | ||-- LAN
VM --|-- tap1 eth1==|==||
VM --|-- tap2 ^ | ||-- Modem, PPPOE
| | |
|------------|---|
|
/-----\
| NAT |
\-----/
|
ppp0
I have a server with a fairly complex networking setup. I've tried to
depict it above, which should be legible in a fixed-width font.
The server has a single network card, eth1. It connects to a local
network running on a private subnet.
I have a modem which provides bridging internet access, the server
connects using ppp. The actual traffic passes through eth1.
Eth1 is bridged in br0 providing access for VMs running on the server
using tap devices.
The server has a static ip address on br0, it runs a dhcp server that
controls the rest of the network.
All of the above works correctly.
What does NOT work correctly is NAT. I want to route all the traffic
from the LAN and VMs out ppp0 through a NAT system.
NAT will work without the bridging but I can't get both to work at the
same time.
Honestly I don't really understand the networking stack in Linux
particularly when it gets this complex. The information I've found
online talks about multiple NAT hook points including in the routing
layer with iptables and the bridging layer with ebtables. I've tried a
number of different approaches and nothing has so far worked.
Can anyone help detangle this mess for me and guide me on the correct
incantations to make it work?
David
More information about the linux
mailing list