Lamar Owen wrote:
On Nov 6, 2010, at 4:05 PM, Dotan Cohen wrote:
On Sat, Nov 6, 2010 at 20:51, Lamar Owen lowen@pari.edu wrote:
But at the end you would access 192.168.1.1 and it would get translated to 192.168.0.1 at the eth0 point and wouldn't interfere with the wlan0 version of the 192.168.0.1 address. I'm not exactly 100% sure it can be done without an external NAT box, but a small external router that can do NAT would make it much easier.
That is not what I am trying to do, I will try to rephrase: I have a laptop connected to two network interfaces: eth0 and wlan0. Each interface connects to a different LAN. Both LANs have machines on the 192.168.0.1 address that I must access via port 80 in a web browser.
I don't need to access each one at the same time, but I do need to leave both interfaces up for other software running on this machine. CentOS 5.5, Dell Inspiron laptop.
Right, I understood that. If you did a NAT you would access the WLAN one with its native 192.168.0.1, and the other one on eth0 with the translated (also RFC 1918) address, whatever you might have set that to. Now, I do realize that some routers will re-inject their IP address into URLs, and that might break things; fixable using DNS, but that's neither here nor there.
And your machine itself needs access to both routers at the same time, whether you do or not, as you've described things, since one of those routers is the default gateway for the machine.
I suppose that I need either:
- An address system such as eth0:192.168.0.1 and wlan0:192.168.0.1
(syntax invented to illustrate idea, it doesn't really work!)
-or-
- A way to do something like this as a user without affecting other
users: $ export INTERFACE=eth0 $ lynx 192.168.0.1 $ export INTERFACE=wlan0 $ lynx 192.168.0.1
2.5) The iptables -mowner --uid-owner rule might help you. (see http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#OWNERMATCH )
It has breakage as noted in the tutorial, however.
Packet routing isn't designed to switch between multiple devices with the same address; the interface used isn't supposed to matter, in the eyes of the routing table (and in normal IP practice). Addresses are supposed to be unique, from the point of view of any given IP host, in other words. This is the problem NAT was invented to solve. Some routing protocols deal with this in ways, but, again, these protocols assume that if the address is the same, it's going to the same host. But you already knew all that.....and I know you already knew all that.
To amplify this just a little bit, by the rules of IP routing, every machine must:
A) Have a unique address. B) Be attached to the proper subnet for that address as defined by the local netmask.
Once those are true, there exists a unique route between any two machines connected to the network, or the Internet.
Having said that, part of the 192.168 address block is unique in that it cannot be routed over the Internet. It doesn't exist anywhere as far as those routers are concerned. However, there is a way to map that block of local addresses to routeable addresses, called Network Address Translation (NAT). All you need is one router between the private block and the Internet that you can use to do that mapping. Most firewalls can handle that in their sleep.
So what you need is a way to insert a router between your software and one of your devices with the duplicated address. That router would then translate the addresses in one of those subnets into a unique address that won't conflict with the other. Personally, I would probably use a VM with FreeBSD and/or m0n0wall.
But I still wonder if you are unique in finding this address collision, or do others also have the same problem? If it is widespread, then it should be solved by the people managing those devices.
Bob McConnell N2SPP