| View previous topic :: View next topic |
| Author |
Message |
tassilo80
Guru
Joined: 26 Mar 2003
Posts: 346
Location: Koblenz, Germany
|
 Posted: Mon Sep 15, 2003 3:49 pm Post subject: Routing problems |
 |
|
Hi,
I have a problem with my desktop. It is connected to the internet by dsl (eth0) and should act as a router for my laptop which ist connected to eth1. This worked fine till I updated yesterday and overwrote some files without checking before with etc-update. No I can't ping my desktop with my laptop, but the other way works.
These are the settings of my desktop:
| Code: |
mymachine init.d # cat /etc/conf.d/net
# /etc/conf.d/net:
# $Header: /home/cvsroot/gentoo-src/rc-scripts/etc/conf.d/net,v 1.7 2002/11/18 19:39:22 azarah Exp $
# Global config file for net.* rc-scripts
# This is basically the ifconfig argument without the ifconfig $iface
#
iface_eth0="192.168.1.3 broadcast 192.168.1.255 netmask 255.255.255.0"
iface_eth1="192.168.1.1 broadcast 192.168.1.255 netmask 255.255.255.0"
# For DHCP set iface_eth? to "dhcp"
# For passing options to dhcpcd use dhcpcd_eth?
#
#iface_eth0="dhcp"
#dhcpcd_eth0="..."
# For adding aliases to a interface
#
#alias_eth0="192.168.0.3 192.168.0.4"
# NB: The next is only used for aliases.
#
# To add a custom netmask/broadcast address to created aliases,
# uncomment and change accordingly. Leave commented to assign
# defaults for that interface.
#
#broadcast_eth0="192.168.0.255 192.168.0.255"
#netmask_eth0="255.255.255.0 255.255.255.0"
# For setting the default gateway
#
#gateway="eth0/192.168.0.1"
|
Ifconfig says:
| Code: |
mymachine init.d # ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:7D:DF:03:00
inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3877 errors:0 dropped:0 overruns:0 frame:0
TX packets:3623 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:3686156 (3.5 Mb) TX bytes:342757 (334.7 Kb)
Interrupt:17 Base address:0x9000
eth1 Link encap:Ethernet HWaddr 00:20:ED:53:67:7F
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:173 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:14764 (14.4 Kb) TX bytes:960 (960.0 b)
Interrupt:18 Base address:0xb000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:75 errors:0 dropped:0 overruns:0 frame:0
TX packets:75 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:8152 (7.9 Kb) TX bytes:8152 (7.9 Kb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:217.234.244.72 P-t-P:217.5.98.164 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:3722 errors:0 dropped:0 overruns:0 frame:0
TX packets:3167 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:3594168 (3.4 Mb) TX bytes:245647 (239.8 Kb)
|
My ip-tables script:
| Code: |
opts="start stop"
depend() {
need net
}
start() {
ebegin "Starting NAT/MASQ"
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -A FORWARD -t filter -s 192.168.1.0 -j ACCEPT
iptables -A POSTROUTING -t nat -o ppp0 -j MASQUERADE
eend $? "NAT/MASQ started"
}
stop() {
ebegin "Stopping NAT/MASQ"
iptables -F && iptables -X && iptables -t nat -F && iptables -t nat -X
eend $? "NAT/MASQ stopped"
}
|
The myIptables script worked as it is now before. The /etc/conf.d/net is modified and I don't know if its right now.
Here are my laptop settings: It has a normal network card eth0 and a WLAN card eth1 which I use at my university.
The /etc/conf.d/net:
| Code: |
# /etc/conf.d/net:
# $Header: /home/cvsroot/gentoo-src/rc-scripts/etc/conf.d/net,v 1.7 2002/11/18 19:39:22 azarah Exp $
# Global config file for net.* rc-scripts
# This is basically the ifconfig argument without the ifconfig $iface
#
iface_eth0="192.168.1.2 broadcast 192.168.1.255 netmask 255.255.255.0"
#iface_eth1="207.170.82.202 broadcast 207.0.255.255 netmask 255.255.0.0"
# For DHCP set iface_eth? to "dhcp"
# For passing options to dhcpcd use dhcpcd_eth?
#
iface_eth1="dhcp"
#dhcpcd_eth0="..."
# For adding aliases to a interface
#
#alias_eth0="192.168.0.3 192.168.0.4"
# NB: The next is only used for aliases.
#
# To add a custom netmask/broadcast address to created aliases,
# uncomment and change accordingly. Leave commented to assign
# defaults for that interface.
#
#broadcast_eth0="192.168.0.255 192.168.0.255"
#netmask_eth0="255.255.255.0 255.255.255.0"
# For setting the default gateway
#
gateway="eth0/192.168.1.1"
|
Ifconfig says:
| Code: |
eth0 Link encap:Ethernet HWaddr 00:06:5B:B9:9B:55
inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:27 errors:0 dropped:0 overruns:0 frame:0
TX packets:247 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1772 (1.7 Kb) TX bytes:20834 (20.3 Kb)
Interrupt:11 Base address:0xec80
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:300 (300.0 b) TX bytes:300 (300.0 b)
|
And route says:
| Code: |
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
loopback localhost 255.0.0.0 UG 0 0 0 lo
default 192.168.1.1 0.0.0.0 UG 1 0 0 eth0
|
I tried it with deleting the default entry with "route del default" and added "route add default gw 192.168.1.1 netmask 255.255.255.0 eth0" but this didn't help.
When I specifie the device I can ping my laptop with my desktop, but even when I specifie a device my laptop can't ping my desktop.
And, as I told you before, yesterday all worked fine. I updated baselayout, I think, coreutils and 4 or 5 other ebuilds...
I hope anybody can help me. Thanks in advance,
Tassilo |
|
| Back to top |
|
 |
grimshaw
Tux's lil' helper
Joined: 07 Aug 2003
Posts: 101
Location: Greensboro, NC 27403, USA, Earth
|
| Posted: Mon Sep 15, 2003 5:45 pm Post subject: |
|
|
Hmm. Can you show the route table on the desktop? I only saw one for the laptop.
From the look of ifconfig on the desktop, I think two interfaces trying to manage the same IP space will cause some undesired results. You might have to add a static route for the laptop host to avoid confusion.
Alternately, you could just use different network space which will likely solve the current headache and future ones. So, change desktop eth1 to use 192.168.2.1 and the laptop eth0 to use 192.168.2.2. Then edit your iptable rules to forward for the network as well by replacing 192.168.1.0 with 192.168.2.0/24.
- John
_________________
All that is necessary for the triumph of evil is that good men do nothing.
-- Edmund Burke (1729-1797) |
|
| Back to top |
|
|
tassilo80
Guru
Joined: 26 Mar 2003
Posts: 346
Location: Koblenz, Germany
|
| Posted: Mon Sep 15, 2003 8:01 pm Post subject: Hi |
|
|
This is the routing table of my desktop:
| Code: |
mymachine nicre # route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
217.5.98.164 * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
loopback localhost 255.0.0.0 UG 0 0 0 lo
default 217.5.98.164 0.0.0.0 UG 0 0 0 ppp0
|
I'll try what you told me tomorrow. Now I gotta go to bed and later to work.
Thanks,
Tassilo |
|
| Back to top |
|
|
sschlueter
Guru
Joined: 26 Jul 2002
Posts: 578
Location: Dortmund, Germany
|
| Posted: Tue Sep 16, 2003 12:25 am Post subject: |
|
|
Your DSL interface is configured to use a static IP from a private address range... this is surely not what you want. You'll need dhcp or pppoe for DSL.
Two more comments about the iptables script: 192.168.1.0 is not a valid IP for a host and you don't seem to have a ppp0 interface. |
|
| Back to top |
|
|
grimshaw
Tux's lil' helper
Joined: 07 Aug 2003
Posts: 101
Location: Greensboro, NC 27403, USA, Earth
|
| Posted: Tue Sep 16, 2003 12:37 pm Post subject: |
|
|
| sschlueter wrote: | Your DSL interface is configured to use a static IP from a private address range... this is surely not what you want. You'll need dhcp or pppoe for DSL.
Two more comments about the iptables script: 192.168.1.0 is not a valid IP for a host and you don't seem to have a ppp0 interface. |
You are correct that his text description does not match his actual config. However, the config only needs the modifications I mentioned. The ppp interface is listed as the masquerade interface in iptables and the ppp interface also has a legit ip address and the default route. So, he's using the ppp interface from the look of things.
I do not see a default policty listed for INBOUND and OUTBOUND connections so I won't be suprised if the only connections that are permitted are forwarded ones and nothing directly from the box itself.
You probably want something like this right before the line: "iptables -A FORWARD -t filter -s 192.168.1.0 -j ACCEPT"
iptables -P INPUT DROP
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
Perhaps the user can send us a dump of his rules in action (iptables -L -n).
- John
_________________
All that is necessary for the triumph of evil is that good men do nothing.
-- Edmund Burke (1729-1797) |
|
| Back to top |
|
|
tassilo80
Guru
Joined: 26 Mar 2003
Posts: 346
Location: Koblenz, Germany
|
| Posted: Tue Sep 16, 2003 3:09 pm Post subject: Hi |
|
|
Thank you John. Exactly that was the problem. I did what you said above and now everything works fine.
Greets,
Tassilo |
|
| Back to top |
|
|
|
Networking & Security
