Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Reply
 
Thread Tools Search this Thread Display Modes
Old Mar 5, 2010, 01:47 AM   #1
jw2002
macrumors 6502
 
Join Date: Feb 2008
Internet Sharing using Snow Leopard Server

I cannot get the equivalent of "Internet Sharing" to work right using Snow Leopard server. What I would like to do is have the Snow Leopard Server share its en0 with the fw0 interface -- or more accurately bridge the two network interfaces such that traffic can pass both ways.

The ethernet interface is the primary interface used in my Server set up, and is plugged into my Time Capsule, and serves out both DHCP and DNS for any clients connected wirelessly or through one of the time capsule's remaining ethernet ports (behind and not exposed to the WAN). The firewire interface is just connected to a mac mini in hopes of having a low latency network connection that I plan to use for some multiprocessing experiments. Things work almost correctly in that the fw0 client machine on subnet 192.168.2.* can talk to all the clients on the 192.168.1.* en0 subnet and vice versa. However, DNS is not successfully being served to the fw0 client. Furthermore, things like ``ping'' are not traversing the network en0/fw0 successfully, suggesting that the interfaces are not correctly bridged.

I took a look at the Gateway Configuration Assistant, but that feature appears to make too many bad assumptions, does much in the way of user controls, and clobbers already established parameters that I had set up. I tried it once, and it made a royal mess of various settings. It just seems that if this is a 1-click step in OS X, it shouldn't be so hard to do in Snow Leopard Server. Even under linux it's just a matter of an ifconfig command with bridge related command line options to achieve this.

Can anyone suggest what I might be missing or perhaps point me to the script that is behind the Gateway Configuration Assistant? Maybe I could parse that script to suss out the missing step that I need to take. Thanks.
jw2002 is offline   0 Reply With Quote
Old Mar 5, 2010, 11:41 AM   #2
jw2002
Thread Starter
macrumors 6502
 
Join Date: Feb 2008
Okay, found one small improvement. The following extremely obscure and undocumented setting at least allows pings to traverse the network interfaces in both directions. This was issued on the Snow Leopard Server box:

Code:
sudo sysctl -w net.inet.ip.scopedroute=0
Prior to the above command, I would get the following ping fails (from a host located at 192.168.2.47):

Code:
% ping 192.168.1.20
PING 192.168.1.20 (192.168.1.20): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
^C
And after issuing the above command, the pings work:

Code:
% ping 192.168.1.20
PING 192.168.1.20 (192.168.1.20): 56 data bytes
64 bytes from 192.168.1.20: icmp_seq=0 ttl=64 time=441.023 ms
64 bytes from 192.168.1.20: icmp_seq=1 ttl=64 time=302.703 ms
64 bytes from 192.168.1.20: icmp_seq=2 ttl=64 time=1.997 ms
^C
And here is a successful traceroute command that will shed light on how the machines are arranged:

Code:
% traceroute 192.168.1.20
traceroute to 192.168.1.20 (192.168.1.20), 64 hops max, 52 byte packets
 1  192.168.2.1 (192.168.2.1)  1.090 ms  0.180 ms  0.158 ms
 2  192.168.1.20 (192.168.1.20)  376.223 ms  1.020 ms  0.839 ms
However, DNS queries still aren't working on the 192.168.2.* side. The snow leopard server has its DNS server configured and all clients on the 192.168.1.* side refer to it at 192.168.1.6 and have no problem resolving local or external hosts. However, on the 192.168.2 side, it's not working. I have explicitly tried setting their DNS server values to 192.168.1.6 and to 192.168.2.1 (the IP address of the SL server's fw interface), but no dice.
jw2002 is offline   0 Reply With Quote
Old Mar 5, 2010, 01:06 PM   #3
Alrescha
macrumors 65816
 
Join Date: Jan 2008
Location: Boston, MA
Quote:
Originally Posted by jw2002 View Post
DNS queries still aren't working on the 192.168.2.* side.
For what it's worth, the DNS service configuration in Snow Leopard Server does come with an access list of what networks to accept recursive queries from - might be worth a peek.

A.
Alrescha is offline   0 Reply With Quote
Old Mar 6, 2010, 12:45 AM   #4
jw2002
Thread Starter
macrumors 6502
 
Join Date: Feb 2008
Quote:
Originally Posted by Alrescha View Post
For what it's worth, the DNS service configuration in Snow Leopard Server does come with an access list of what networks to accept recursive queries from - might be worth a peek.
Thanks, but I don't think that's it because "localnets" are already allowed by default when DNS is first configured. In addition, adding the 192.168.2.1/24 netblock there explicitly had no effect.

I am starting to think that this might be a NAT/Firewall interaction issue. There is a cryptic message in the networking documentation stating that Snow Leopard NAT works only when the firewall is active. I don't have the firewall active because it is denying all traffic whenever active. I suspect that is due to the Gateway Configuration Manager hosing it up.
jw2002 is offline   0 Reply With Quote
Old Mar 11, 2010, 05:44 PM   #5
landrew4
macrumors newbie
 
Join Date: Jan 2008
Internet Sharing using Snow Leopard Server

The firewall is definitely required to use the NAT service on Snow Leopard server. It is the divert rule in the firewall configuration that diverts any packet on the external interface to the natd port (8668) so the NAT engine can work.
landrew4 is offline   0 Reply With Quote
Old Sep 7, 2010, 02:35 PM   #6
TheBee
macrumors newbie
 
Join Date: Sep 2010
Quote:
Originally Posted by jw2002 View Post
Okay, found one small improvement. The following extremely obscure and undocumented setting at least allows pings to traverse the network interfaces in both directions. This was issued on the Snow Leopard Server box:

Code:
sudo sysctl -w net.inet.ip.scopedroute=0
Yoicks. I found that over at discussions.apple.com as well, but it only works for about 15 minutes for me, and then the box stops routing. Have you found any more documentation about this?
TheBee is offline   0 Reply With Quote
Old Sep 9, 2010, 12:10 PM   #7
TheBee
macrumors newbie
 
Join Date: Sep 2010
Quote:
Originally Posted by TheBee View Post
Yoicks. I found that over at discussions.apple.com as well, but it only works for about 15 minutes for me, and then the box stops routing. Have you found any more documentation about this?
See that discussion- setting it in sysctl.conf and then running "applejack auto restart"
TheBee is offline   0 Reply With Quote
Old Dec 4, 2011, 02:34 PM   #8
blouis79
macrumors member
 
Join Date: Jun 2005
Have got SLS running on laptop. (Learning purposes and home use.) Trying to share a hotel broadband connection over airport to IOS clients. After much hunting for a solution, it's finally working, thought not as simple as setting up SL client.

Basically:
a. use airport to create a computer-to-computer network.
b. set up SLS to be a gateway running DHCP, NAT, firewall.

Mac_OSX_Server_v10.6_Getting_Started describes the process on page 37 without enough detail for a non-network expert to do the job.

ServerAdmin>NAT>Overview>Gateway setup assistant doesn't quite set it all up correctly.

Instructions on how to fix it are here http://support.apple.com/kb/TS3887 "Unable to connect to the Internet after running NAT Gateway Setup Assistant".

Airport icon shows only a computer-to-computer network, but SLS is taking care of the internet gateway function.

BTW, if sharing with non-Apple devices (eg PS3), one has to enter a WEP key as hexadecimal, because different people have different WEP key algorithms. I use WEPKeymaker to generate the hex version and one has to enter the HEX key on all machines including the machine doing the internet sharing.

Last edited by blouis79; Dec 4, 2011 at 03:12 PM. Reason: added WEP
blouis79 is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Internet sharing in Server lacordaire Mac OS X Server, Xserve, and Networking 0 Mar 9, 2014 02:03 PM
Snow Leopard Server VS. OS X Server 10.8 Jaggions Mac OS X Server, Xserve, and Networking 7 Sep 20, 2013 12:33 PM
Mac Mini Snow Leopard Server - File Sharing Problems in Mixed PC/Mac Environment DustinCalton Mac OS X Server, Xserve, and Networking 0 Sep 18, 2013 10:03 AM
Anyone upgrade from Snow Leopard Server to Mountain Lion + Server.app? talmy Mac OS X Server, Xserve, and Networking 13 Jul 14, 2013 11:22 AM
Just looking at the performance, Snow Leopard server or Mountain Lion server? bl00dyg33k Mac OS X Server, Xserve, and Networking 0 Aug 23, 2012 07:55 AM

Forum Jump

All times are GMT -5. The time now is 12:25 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC