NAT connection only half working

Andrew Nelson Andrew.Nelson at hsc.utah.edu
Sun Nov 30 02:16:48 CET 2003 

I'm trying to build a beowulf cluster for a school project.  I'm trying to use FAI to help ease the install burden.  

My network setup is kind of a mess but I will try to explain.  I use aros.net and quest dsl to connect to the web.  This means I have a single "real" ip to the rest of the world.  Then I have this ActionTech DSL modem/router/nat that doles out addresses on the 192.168.0.0 network.  I have some machines that connect via dhcp and some addresses that I hard code.  My workstation(frogger) and the master node of my cluster(mantispid) are both hard coded.  Mantipid has the address 192.168.0.16.  Now this all works great.  But then to create the cluster I needed to mess things up just a touch.  I want the master node to dole out ip's on the 192.168.1.0 network and then nat connection from the 192.168.1.0 network to the world.  So the mess is the second nat that may or may not cause problems.  I can't see why it would but it is kinda messy. 

Here is a picture
http://155.100.147.21/MyNetwork.png

Here is the ipables script on mantispid
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

Pretty simple ehh
So then I start up one of the cluster nodes.  It boots via a floppy.
It does it thing then it kinda hangs on the updatebase command.  Update base runs apt-get update and some other stuff.  So then I go to a new console and check out the logs and see that the node can't connect to the apt sources.  Then I try pinging a source.

atom01:/# ping -c 2 ftp.us.debian.org
PING ftp.us.debian.org (216.37.55.114): 56 data bytes
64 bytes from 216.37.55.114: icmp_seq=0 ttl=52 time=135.5 ms
64 bytes from 216.37.55.114: icmp_seq=1 ttl=52 time=134.6 ms

--- ftp.us.debian.org ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 134.6/135.0/135.5 ms

As you can see ping works.  The indicates to me the nat works.  So then I try 
atom01:/# wget www.google.com                       
--16:19:51--  http://www.google.com/
           => `index.html'
Resolving www.google.com... done.
Connecting to www.google.com[216.239.37.99]:80... 

And this just hangs forever.

Well then I figure something must be muffed up with my ipables rule.  Just to make sure I plug my laptop into the same switch as the node atom01 is plugged into.  I then set the laptop to boot via dhcp and see if I experience the same problems.  This is the weird part.  I have no problems with the laptop.  Ping works, wget works and apt-get update works.

So there is my problem.  If anyone has any ideas what I could do to fix or trouble shoot this problem please let me know.  I will be eternally gratefull.

//Andy

More information about the linux-fai mailing list