LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] routing woes

[ILUG] routing woes

Paul Jakma paul at clubi.ie
Fri Aug 26 01:48:54 IST 2005 

On Fri, 26 Aug 2005, bernhard.d.rohrer at accenture.com wrote:

>> Which device is doing address translation ?
>> What are they configured to do address translation for ?
>
> 192.168.0.0/16 IIRC
>
>> If the router is doing NAT for 192.168.2.0/24 only those
>> machines in that network will route correctly.
>
> this has worked before with that same router and I didn't change 
> the config. All i changed was the linux box in between.

Is the Linux box doing NAT?

What is output of following commands on the Ubuntu box:

ip address
ip route
ip rules
iptables -t nat -L
iptables -L

> I did a few dumps from the winbox:
>
> this is what it looks like when it fails:
>
> 23:40:06.999157 IP (tos 0x0, ttl 128, id 11368, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.1.90 > 66.102.9.104: IC
> MP echo request, id 1024, seq 26880, length 40

> 23:40:06.999700 IP (tos 0x0, ttl  63, id 14206, offset 0, flags [none], proto: ICMP (1), length: 56) 192.168.2.1 > 192.168.1.90: ICM
> P redirect 66.102.9.104 to host 87.192.244.1, length 36

What is 87.192.244.1? And why does your Ubuntu box think that 
192.168.1.90 is able to reach it?

Let me guess, the ubuntu box has only one interface, right? That 
won't work unless the windows machines also have an interface (or 
alias interface) onto the same logical subnet as your DSL router (ie 
87.192.244.1).

Linux will not forward packets out the same interface the packet was 
received on.

> and this is what it looks like when it works:

This is taken from where?

> 23:43:56.737755 arp who-has 192.168.2.100 tell 192.168.2.90

192.168.2.90? What's that? Your windows machine again, but with it's 
networking reconfigured?

> 23:43:56.737954 IP (tos 0x0, ttl 128, id 11505, offset 0, flags [none], proto: UDP (17), length: 60) 192.168.2.90.1245 > 192.168.2.1

Your windows machine is talking directly to your DSL router here for 
DNS.

> 23:43:56.880054 arp who-has 192.168.2.1 tell 192.168.2.90
> 23:43:56.880355 arp reply 192.168.2.1 is-at 00:04:e2:e0:c8:7d

ARP for your DSL router by 192.168.2.90. Which presumably is your 
windows machine, but reconfigured from the settings you gave in your 
previous mail - which you neglected to mention you had to do to get 
it to work.

> 23:43:56.880363 IP (tos 0x0, ttl 128, id 11506, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.2.90 > 66.102.9.104: IC

192.168.2.90 sends and receives, presumably using 192.168.2.1 as its 
gateway. Your ubuntu box is not involved.

> there is definitely something going wrong, but I dunno enough 
> networkig to figure that one :(

Try anyone of the following:

- if your Ubuntu box has only one interface, then trying to setup a
   'DMZ' is pointless. just put everything on 192.168.2/24 (which is
   is the subnet your DSL router has an interface on)

- If ubuntu box has only one interface, buy a second NIC.
   Connect the DSL router to it via a cross-over cable or a dedicated
   hub.

- When you provide information, try not to neglect informing the
   audience you changed a bunch of settings from those given
   previously in collecting that information. This is not the psychics
   network. ;)

> This message is for the designated recipient only and may contain 
> privileged, proprietary, or otherwise private information.  If you 
> have received it in error, please notify the sender immediately and 
> delete the original.  Any other use of the email by you is 
> prohibited.

Please do not include such a stupid disclaimer in your emails.

I will be very tempted to interpret this literally in further emails 
from you now that I've noticed it. Unless you make it very clear, at 
the *top* of your email:

a) With specificity, who the designated recipient is *exactly*, if to
    ILUG, please explicitly state the scope of this term.
b) A statement clarifying which, if any, information in the mail is
    proprietary, privileged and/or otherwise private.
c) A statement clarifying the last clause does not apply.

regards,
-- 
Paul Jakma	paul at clubi.ie	paul at jakma.org	Key ID: 64A2FF6A
Fortune:
The major sin is the sin of being born.
 		-- Samuel Beckett

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell