old-www/HOWTO/IP-Masquerade-HOWTO/testing-masq-icmp.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML
><HEAD
><TITLE
>Testing external MASQ ICMP forwarding </TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="Linux IP Masquerade HOWTO"
HREF="index.html"><LINK
REL="UP"
TITLE="Testing IP Masquerade "
HREF="testing.html"><LINK
REL="PREVIOUS"
TITLE="Testing internal MASQ client to external MASQ server connectivity"
HREF="testing-masqed-pc-to-ext-masq-server.html"><LINK
REL="NEXT"
TITLE="Testing MASQ functionality without DNS"
HREF="testing-masq-wo-dns.html"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>Linux IP Masquerade HOWTO</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="testing-masqed-pc-to-ext-masq-server.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>Chapter 5. Testing IP Masquerade</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="testing-masq-wo-dns.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="TESTING-MASQ-ICMP"
></A
>5.8. Testing external MASQ ICMP forwarding</H1
><P
>&#13;<P
></P
><UL
><LI
><P
><STRONG
>Step Eight: Testing external MASQ ICMP forwarding</STRONG
></P
><P
>From an internal MASQed computer, ping a static TCP/IP address (NOT a 
machine by DNS name) out on the Internet (i.e. <STRONG
>ping 
152.2.210.80</STRONG
> (this technically the DNS name "metalab.unc.edu" which
is home of MetaLabs' Linux Archive).  If this works, it should look something
like the result below and this ultimately shows that ICMP Masquerading is 
working properly.  (hit Control-C to abort the ping): </P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>-------------------------------------
masq-client# ping 152.2.210.80

PING 12.13.14.15 (152.2.210.80): 56 data bytes
64 bytes from 152.2.210.80: icmp_seq=0 ttl=255 time=133.4 ms
64 bytes from 152.2.210.80: icmp_seq=1 ttl=255 time=132.5 ms
64 bytes from 152.2.210.80: icmp_seq=2 ttl=255 time=128.8 ms
64 bytes from 152.2.210.80: icmp_seq=3 ttl=255 time=132.2 ms
^C

--- 152.2.210.80 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 128.8/131.7/133.4 ms  
-------------------------------------</PRE
></FONT
></TD
></TR
></TABLE
></P
><P
>If this didn't work, again check your Internet connection.  Make sure that
the MASQ server itself can ping this address.  If this works from the MASQ 
server, make sure you are using the simple rc.firewall-* ruleset and that 
you have ICMP Masqurading compiled into the Linux kernel.  </P
><P
>Finally, make sure that the ruleset which enables IP MASQ is pointing 
to the correct EXTERNAL interface.  PPPoE users should use the MASQ servers's
logical PPP interface such as "ppp0" and /NOT/ the physical external interface 
like "eth0".</P
></LI
></UL
>&#13;</P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="testing-masqed-pc-to-ext-masq-server.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="testing-masq-wo-dns.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Testing internal MASQ client to external MASQ server connectivity</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="testing.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Testing MASQ functionality without DNS</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>