Suse 12.1 Apache, 2 NICs, 2 Nets, problem with port forwarding


Im using Suse 11.1 for years now, because whenever I try to update to higher versions (at the moment 12.1) the same problem occurs. I’m using Suse since V7 and never had a problem with the following configurations.

I have 2 servers an older one (32 bit) and a newer (64 bit) and on both it’s the same story. Fresh install of 11.1 works, fresh install of 12.1 doesn’t.

I always make fresh installations.

I’m working via console, runlevel 3, yast, but tested several times other installations and ways to configure, gnome, kde, with and without network manager, deinstalled networkmanager, disabled IPv6 on start or in yast or not, minimal installation, and so on. (Because I got a question in another forum: IPV6 is activated in Suse 11.1 (no problems).)

  • I have 2 NICs, LAN.
  • No WLAN or other interfaces integrated.
  • In Yast ifup is activated.
  • The first card is configured via DHCP,, WINS-Server, DNS-Infos etc.
  • The 0-net is my intranet (Samba, SSH …) and works as expected.
  • The second card is configured statical via yast as It’s for external access to the Apache2 server.
  • I use an IpCop router for both nets on a separate computer. It has 3 NICs (external, demilitarized, internal
  • 2 switches: 1 for the 0-net (with DHCP), the other for the 1-net.
  • PORT-forwarding is activated in IpCop for port 80 to be redirected to NIC, where the Apache2 server listens on.
  • Suse firewall is deactivated (but it makes no difference, when I activate it and add the services manually to the zones).

Ok, now I can ping all cards in all directions. Router finds all cards correctly and vice versa. All requests are led through the right switches, wires and cards.

ifconfig shows all cards, correct IPs and shows them permanently.
netstat -nr shows exactly the same entries like Suse 11.1

When I call my webserver from outside I get a message “Called server needs too long to respond” in my browser. That tells me that the request was forwarded correctly to the server but was not forwarded to the webserver inside Suse.

When I change port-forwarding to card it works, but not with card

When I swap the wires of my server ( is connected with switch of 1-net, where port 80 is forwarded to) I have external access to the webserver but no access from inside to the intranet (0-net) any longer. It even works when I set the Apache directive “Listen”.

I’ve tested several NICs, onboard or not. So I’m shure that cards are OK.

For years I’m compiling Apache by myself, but tried also rpm installations. I’ve played around with several listen directives and much more.

No entries in logfiles that would give me a hint.

I’ve compared all relevant /etc files on Suse 11.1 an 12.1.

No more ideas…

Maybe someone can help.

What does the traceroute show you when contacting the server from outside ? and also enable ipv6 or get another fresh install becaause it causes problem sometimes :slight_smile:

Sorry for delay and thanks for answering.

seems to be OK:

files2:~ # traceroute
traceroute to (, 30 hops max, 40 byte packets using UDP
 1 (  0.246 ms   0.187 ms   0.158 ms

Done several times. with and without IPV6.

Some more.
But no difference between Suse11.1

files2:~ # route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface           UG    0      0        0 eth0        U      0      0        0 lo     U      0      0        0 eth0  U     0      0        0 eth0  U     0      0        0 eth1

files2:~ # ifconfig
eth0      Link encap:Ethernet  HWaddr 00:26:B9:47:88:C5
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::226:b9ff:fe47:88c5/64 Scope:Link
          RX packets:2393 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2155 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:283176 (276.5 Kb)  TX bytes:992725 (969.4 Kb)

eth1      Link encap:Ethernet  HWaddr 00:26:B9:47:88:C6
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::226:b9ff:fe47:88c6/64 Scope:Link
          RX packets:64 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4100 (4.0 Kb)  TX bytes:642 (642.0 b)

Hmm the ip addresses are different from your original description ? Did anything else change as well ?

Did you try sniffing the traffic with tcpdump or wireshark at both IpCop interfaces and at the apache server ?

Question, could you identify your nic’s a bit better for me, I seem to be missing one. Masks would help as would any static routes you’ve set and where?