From: Billy Hager (whager_at_bellsouth.net)
Date: Tue 21 May 2002 - 02:28:21 BST
All right here are my troubles. :( 
I have a vserver located on a machine on my local network.  In comming 
connections from anywhere(internet/local net) work fine.  Out going 
connections to the local network work fine.  Out going connections to 
computers outside my local network (i.e. anything where I have to go through 
my default gw) don't seem to be working properly.
More specificly, connections comming from the vserver don't apear to be 
masqueraded when they should be.  I'm sure It's just something stupid that 
I'm doing, so here goes some more info about my network ....
Interfaces:
eth0:  192.168.1.223/24  <---- My local network
eth0:1 192.168.2.223/24 <---- IP addr my vserver is bound to
eth1: <---- DSL Modem plugged in here
ppp0: <--- pppoe device for DSL.  Dynamic IP. (default gw)
Netfilter setup:
/proc/sys/net/ipv4/ip_forward = 1
/proc/sys/net/ipv4/ip_dynaddr = 1
iptables -t nat -A POSTROUTING -o ppp+ -j MASQUERADE
Everything else is set do accept by default.  This isn't secure, but I'm just 
trying to get this to work first.
I believe the packets aren't getting masqueraded correctly because of this 
sample output from "tcpdump -i ppp0" when I run "dig google.com".
09:03:37.445715 192.168.2.223.mpnjsomb > 205.152.46.254.domain:  4+ A? 
google.com. (28) (DF)
09:03:42.446408 192.168.2.223.srsp > 205.152.0.5.domain:  4+ A? google.com. 
(28) (DF)
Using the exact same filesystem I have achieved out going net access when I 
connected my DSL modem to a linksys DSL/CABLE router on my network.  I would 
love to just use the linksys device, unfortunately, it's unreliable.  I can't 
depend on it to hold an internet connection.
If I had some more hardware I would set up a second box as a firewall and 
everything would be great, but I dont.  Has anyone ever been in a simular 
situation?
-- Billy Hager | AIM: wwhager2 whager_at_bellsouth.net | http://www.billsbox.net