simple routing problem

Discussion in 'Linux Networking' started by Martin Baumann, Jun 24, 2003.

  1. Hi all,

    the following scenario:

    lan1: 192.168.1.0/24
    lan2: 10.200.30/24
    eth0 = 192.168.1.1/24
    eth1 = 10.200.3.254/24

    a dualhomed linux-box (debian-woody stable, custom kernel 2.4.20 from
    kernel.org) should route between the two networks. i activated
    ip_forwarding with 'echo 1 > /proc/sys/net/ip_forwarding' and the
    routing table looks like the following:

    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    10.200.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
    192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0


    i can ping both interfaces from the according lan and interestingly
    i'm able to ping 192.168.1.1 from a machine inside the 10.200.3.0-lan,
    but that's it. i cannot ping other machines in the 192.168.1.0 net
    from 10.200.3.x and vice versa it's the same.

    i would be glad about any hints what could be going on, since as far
    as i know there is nothing more to do except activating ip-forwarding
    for a linux box to act as a simple router between two lans. gated or
    routed is only neccessary for dynamic routing, correct me if i am
    wrong!

    greetings,
    martin
     
    Martin Baumann, Jun 24, 2003
    #1
    1. Advertisements

  2. Martin Baumann

    Ida Guest

    Are your linux box running IPTABLES? If yes, disable it first, then tighten
    it up step by step.

    Ida Young
    Support of ITShield firewall
    http://www.itshield.com
     
    Ida, Jun 24, 2003
    #2
    1. Advertisements

  3. Martin Baumann

    no body Guest

    i can ping both interfaces from the according lan and interestingly
    Do the boxes on the 10.200.3 net have your 10.200.3.254 box set as their
    gateway?
     
    no body, Jun 24, 2003
    #3
  4. no sorry this is a typo, it has to be 10.200.3.0/24 ...
    the ip-addresses on the linux-box are 192.168.1.1 and 10.200.3.254

    the clients in the 192.168.1.0 subnet use 192.168.1.1 as their gateway
    and the clients in the 10.200.3.0 subnet use 10.200.3.254, each client
    is able to ping it´s gateway, i can even ping the other lan-card, e.g.
    from a box with the ip-adress 192.168.1.100 i can ping 10.200.3.254,
    but no other ip in the 10.200.3.0 subnet. it´s the same when pinging
    from e.g. 10.200.3.100 to 192.168.1.1, the client gets a reply, but
    only when pinging the gateway´s ip in the other net.

    what i did now is to activate ipmasquerading (with iptables) and with
    the help of this the box is routing, but this is not what i want. i
    want to act the machine as a router without the help of iptables.
    still hoping there´s a solution,
    martin
     
    Martin Baumann, Jun 25, 2003
    #4
  5. That isn't the right thing to do to enable IP forewarding. Instead use

    echo -n 1 > /proc/sys/net/ipv4/ip_forward

    The ip_forward proc file must exist already, or you aren't using a
    kernel with IP forwarding compiled in.

    Of course, it could just be mistake in recalling what you did to enable
    IP forwarding and, if so, then something else is wrong.
     
    Clifford Kite, Jun 25, 2003
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.