| View previous topic :: View next topic |
| Author |
Message |
gsmd
n00b
Joined: 20 Jul 2008
Posts: 28
|
 Posted: Mon Dec 15, 2008 2:40 pm Post subject: routing between 2 segments doesn't work [SOLVED] (sorta) |
 |
|
Hi.
I've got a Gentoo box that works as an ADSL (pppoe) router with clients behind eth0 (so routing is enabled).
Now,
| Code: | 192.168.1.0 * 255.255.255.0 U 0 0 0 eth2
10.1.1.0 * 255.255.255.0 U 0 0 0 eth0
iptables -I FORWARD -i eth2 -j ACCEPT |
I can't ping from 10.1.1.1 to 192.168.1.1, though the router box pings both of them.
Could you please suggest how to 'debug' this?
TIA.
Last edited by gsmd on Fri Jan 09, 2009 7:42 am; edited 1 time in total |
|
| Back to top |
|
 |
richard.scott
Veteran
Joined: 19 May 2003
Posts: 1497
Location: Oxfordshire, UK
|
| Posted: Mon Dec 15, 2008 3:01 pm Post subject: |
|
|
what do you get for:
|
|
| Back to top |
|
|
gsmd
n00b
Joined: 20 Jul 2008
Posts: 28
|
| Posted: Mon Dec 15, 2008 3:03 pm Post subject: |
|
|
Thanks for your reply.
| Code: | Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
19.3.5.12 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
10.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.1.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo
0.0.0.0 19.3.5.12 0.0.0.0 UG 4005 0 0 ppp0
|
BTW, I've changed it to look like
| Code: |
192.168.1.0 192.168.1.254 255.255.255.0 UG 0 0 0 eth2
10.1.1.0 10.1.1.254 255.255.255.0 UG 0 0 0 eth0
|
with 192.168.1.254 & 10.1.1.254 being the local interfaces of the linux box.
Still no luck. |
|
| Back to top |
|
|
gentoo_ram
Guru
Joined: 25 Oct 2007
Posts: 514
Location: San Diego, California USA
|
| Posted: Mon Dec 15, 2008 5:52 pm Post subject: |
|
|
What does 'iptables -nvL FORWARD' say? Also, what about /proc/sys/net/ipv4/ip_forward? That needs to say '1'.
I'd do a rule like 'iptables -A FORWARD -s 10.1.1.0/24 -d 192.168.1.0/24 -j ACCEPT' and 'iptables -A FORWARD -s 192.168.1.0/24 -d 10.1.1.0/24 -j ACCEPT' |
|
| Back to top |
|
|
gsmd
n00b
Joined: 20 Jul 2008
Posts: 28
|
| Posted: Mon Dec 15, 2008 6:13 pm Post subject: |
|
|
Thanks for your reply.
| Code: |
# cat /proc/sys/net/ipv4/ip_forward
1
# iptables -nvL FORWARD
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
179M 81G ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED
47714 5520K ACCEPT all -- eth0 * 10.1.1.0/24 0.0.0.0/0
191M 164G ACCEPT all -- ppp0 * 0.0.0.0/0 10.1.1.0/24
0 0 ACCEPT all -- * * 10.1.1.0/24 192.168.1.0/24
0 0 ACCEPT all -- * * 192.168.1.0/24 10.1.1.0/24
|
No luck. |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23097
|
| Posted: Tue Dec 16, 2008 3:59 am Post subject: |
|
|
| Please show the output of iptables-save -c ; ip addr ; ip route on the router and the output of ip addr ; ip route on both 10.1.1.1 and 192.168.1.1. Also, what is the output of ping -c 4 10.1.1.1 ; arp -ne when run from 192.168.1.1? Repeat with the addresses swapped. |
|
| Back to top |
|
|
gsmd
n00b
Joined: 20 Jul 2008
Posts: 28
|
| Posted: Fri Jan 09, 2009 7:41 am Post subject: |
|
|
Thanks for your help.
The real problem, though, is that the ADSL modem that is unreachable (192.168.1.1) doesn't allow set the default gateway so that it can't send packets back. |
|
| Back to top |
|
|
|
Networking & Security
