Author Topic: Client access to dsl connection problem  (Read 1615 times)

KingCrab

  • Regular Poster
  • **
  • Posts: 45
    • View Profile
Client access to dsl connection problem
« on: August 15, 2007, 01:47:56 pm »
Hi,

I've a big problem getting my clients connected to the internet over dsl. What I have so far is a working dsl connection on external side (pppoeconf and pon dsl-provider). I changed the mysql entry describing the network devices and I can see the ppp0 connection details on web-admin/network. But none of my clients is able to reach the outside world. The firewall rules are untouched.

Hope anyone could help me solving this. Thanks in advance,
KingCrab

Zaerc

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 2256
  • Department of Redundancy Department.
    • View Profile
Re: Client access to dsl connection problem
« Reply #1 on: August 15, 2007, 03:58:40 pm »
I think the problem is that the firewall rules need to be adjusted slightly:
Code: [Select]
# iptables -L -v -n -t nat
Chain PREROUTING (policy ACCEPT 57641 packets, 3434K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 998K packets, 73M bytes)
 pkts bytes target     prot opt in     out     source               destination         
  128 10658 MASQUERADE  0    --  *      eth0    192.168.80.0/24     !192.168.80.0/24     

Chain OUTPUT (policy ACCEPT 998K packets, 73M bytes)
 pkts bytes target     prot opt in     out     source               destination         

In your case I suspect that in the "MASQUERADE" rule "eth0" should be "ppp0" (or similar), but I have no idea where to change that.
"Change is inevitable. Progress is optional."
-- Anonymous


KingCrab

  • Regular Poster
  • **
  • Posts: 45
    • View Profile
Re: Client access to dsl connection problem
« Reply #2 on: August 15, 2007, 04:40:34 pm »
ppp0 seems to be changed already, but my output differ a bit from your one. Don't know where these changes come from.

Quote
iptables -L -v -n -t nat
Chain PREROUTING (policy ACCEPT 21 packets, 2272 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain POSTROUTING (policy ACCEPT 122K packets, 9441K bytes)
 pkts bytes target     prot opt in     out     source               destination
    3   144 SNAT       0    --  *      ppp0    192.168.30.0/24     !192.168.30.0/24     to:192.168.10.1

Chain OUTPUT (policy ACCEPT 122K packets, 9441K bytes)
 pkts bytes target     prot opt in     out     source               destination


Zaerc

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 2256
  • Department of Redundancy Department.
    • View Profile
Re: Client access to dsl connection problem
« Reply #3 on: August 15, 2007, 05:51:20 pm »
I think those rules are pretty much equivalent (just a different way of doing it), so I guess LMCE already noticed and set that up properly.

Just curious, you are using "192.168.30.0" for the internal network instead of the default "192.168.80.0" subnet?
"Change is inevitable. Progress is optional."
-- Anonymous


KingCrab

  • Regular Poster
  • **
  • Posts: 45
    • View Profile
Re: Client access to dsl connection problem
« Reply #4 on: August 15, 2007, 08:35:43 pm »
Yes, but there no real cause why I choose 192.168.30.0. Maybe just to be different  ;-)

pixelator

  • Veteran
  • ***
  • Posts: 70
    • View Profile
Re: Client access to dsl connection problem
« Reply #5 on: August 16, 2007, 03:11:42 am »
I had this same issue when I first set up pppoe for dsl access. In my case, it turned out to be a DNS issue.
The clients were not receiving the correct DNS info from the core.

also make sure the dns is correct on the core.

Adding the correct DNS info to each client resolved this for me.
The other thing to check is the default gateway on the clients and make sure they are pointing to the core.

KingCrab

  • Regular Poster
  • **
  • Posts: 45
    • View Profile
Re: Client access to dsl connection problem
« Reply #6 on: August 20, 2007, 12:05:26 am »
On my test client the resolv.conf nameserver entry links to the internal address of my core. Does it have to be the one given by dsl provider or is this correct?

@pixelator Could you give a short description of what you've done and how your settings look like respectively?

Zaerc

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 2256
  • Department of Redundancy Department.
    • View Profile
Re: Client access to dsl connection problem
« Reply #7 on: August 20, 2007, 02:48:12 am »
In my setup the core's resolv.conf has ips of the domain servers handed out by my modem's DHCP (which are my provider's dns and the modem's ip).  The diskless MD has the ip of the core as it's nameserver.  I hope that helps.

Even without domain resolution, you can always try to ping/traceroute ip numbers directly.
"Change is inevitable. Progress is optional."
-- Anonymous


KingCrab

  • Regular Poster
  • **
  • Posts: 45
    • View Profile
Re: Client access to dsl connection problem
« Reply #8 on: August 20, 2007, 01:14:31 pm »
Than the problem seems to be somewhere else. All of the dns entrys are correct.
But I can't even ping my providers nameserver ip from "inside"...

Zaerc

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 2256
  • Department of Redundancy Department.
    • View Profile
Re: Client access to dsl connection problem
« Reply #9 on: August 20, 2007, 07:28:16 pm »
Can you ping them from the core itself?
"Change is inevitable. Progress is optional."
-- Anonymous


KingCrab

  • Regular Poster
  • **
  • Posts: 45
    • View Profile
Re: Client access to dsl connection problem
« Reply #10 on: August 20, 2007, 09:16:41 pm »
Yes, a ping from core works

Zaerc

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 2256
  • Department of Redundancy Department.
    • View Profile
Re: Client access to dsl connection problem
« Reply #11 on: August 20, 2007, 10:22:50 pm »
can you show me the output of "ifconfig" and "route -n" on both the core and a MD?
"Change is inevitable. Progress is optional."
-- Anonymous