Salut à tous,
J’ai un réseau privé auquel je souhaite fournir la connectivité internet en utilsant un serveur disposant d’une IP publique et effectivement relié au net.
Le réseau privée est en 172.16.100.0/24.
Mon interface publique est 194.116.. (avec redondance Ethernet donc l’interface s’apelle bond)
[size=150]SUR LE SERVEUR NAT:[/size]
CONFIG RESEAU PUBLIQUE
/# ifconfig bond
bond0 Link encap:Ethernet HWaddr 00:E0:81:47:93:08
inet addr:194.116.*.* Bcast:194.116.144.255 Mask:255.255.255.0
inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:2758 errors:0 dropped:0 overruns:0 frame:0
TX packets:242 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:205757 (200.9 KiB) TX bytes:35994 (35.1 KiB)[/code]
[color=blue]CONFIG RESEAU PRIVE[/color]
[code]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:E0:81:47:92:C2
inet addr:172.16.100.4 Bcast:172.16.100.255 Mask:255.255.255.0
inet6 addr: fe80::2e0:81ff:fe47:92c2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1407 errors:0 dropped:0 overruns:0 frame:0
TX packets:171 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:132673 (129.5 KiB) TX bytes:24698 (24.1 KiB)
CONNECTIVITE RESEAU
[code]# ping free.fr
PING free.fr (212.27.48.10) 56(84) bytes of data.
64 bytes from www.free.fr (212.27.48.10): icmp_seq=1 ttl=120 time=23.1 ms
64 bytes from www.free.fr (212.27.48.10): icmp_seq=2 ttl=120 time=23.3 ms
— free.fr ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 23.132/23.260/23.389/0.199 ms
[/code]
FORWARD IP
# cat /proc/sys/net/ipv4/ip_forward
1
CONFIG IPTABLES
[code]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE 0 – anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[/code]
[size=150]SUR LE CLIENT DU LAN:[/size]
CONFIG RESEAU PRIVE:[code]
ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:3E:64:E2:FA
inet addr:172.16.100.201 Bcast:172.16.100.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9246 errors:0 dropped:0 overruns:0 frame:0
TX packets:66 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:859576 (839.4 KiB) TX bytes:4817 (4.7 KiB)[/code]
ROUTE PAR DEFAUT:
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 172.16.100.4 0.0.0.0 UG 0 0 0 eth0
CONNECTIVITE VERS LE SERVEUR NAT:
[code]# ping 172.16.100.4
PING 172.16.100.4 (172.16.100.4) 56(84) bytes of data.
64 bytes from 172.16.100.4: icmp_seq=1 ttl=64 time=4.44 ms
64 bytes from 172.16.100.4: icmp_seq=2 ttl=64 time=0.167 ms
— 172.16.100.4 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1004ms
rtt min/avg/max/mdev = 0.167/2.306/4.445/2.139 ms[/code]
[size=150]MAIS [/size]
Impossible d’atteindre INternet depuis un PC du LAN:
[code]# ping 4.2.2.1
PING 4.2.2.1 (4.2.2.1) 56(84) bytes of data.
— 4.2.2.1 ping statistics —
8 packets transmitted, 0 received, 100% packet loss, time 7005ms[/code]
Une idée ?
Comment debugger ? Comment avoir plus d infos ?
Merci