Re: Routing problem - was FC9 Linux gateways, VPN working, IP forwarding isn't

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Gary Stainburn wrote:
| On Saturday 24 January 2009 11:19:05 Giany wrote:
|> If you say ip_forward is enabled then either there is a routing problem
|> or some firewall issue.
|>
|
| I've been going round in circles all day and now my head's spinning. I
even
| got it working once, but don't know how and can't repeat it.
|
| Iptables on all four machines set ACCEPT on INPUT, OUTPUT and FORWARD. IP
| forwarding enabled on both gateways.
|
| This only leaves routing.
|
| Both gateways talk to each other.
| Client and Server can talk to their local gateway
| Local gateway can talk to remote server.
| Remote gateway cannot talk to client
| Client cannot talk to remote gateway or server
| server cannot talk to local gateway or client
|
| Layout
|
| Client	eth0		10.6.1.2/16
|
| 		Network	10.6.0.0/16
|
| Local GW	eth0		10.6.1.1/16
| 		eth1		192.168.1.1/24 (internet connection)
| 		ppp0	192.168.127.2/32 P-to-P 192.168.127.1
|
| 		VPN		ppp-over-ssh
|
| Remote	eth0		10.1.1.115/16
| GW		ppp1	192.168.127.1/32 P-to-P 192.168.127.2
|
| 		Network 10.1.0.0/16
|
| Server	eth0		10.1.1.104
|
| route tables
|
| Client
| Kernel IP routing table
| Destination     Gateway         Genmask         Flags Metric Ref
Use Iface
| 192.168.128.1   10.6.1.1        255.255.255.255 UGH   0      0
0 eth0
| 192.168.127.1   10.6.1.1        255.255.255.255 UGH   0      0
0 eth0
| 10.6.0.0        0.0.0.0         255.255.0.0     U     1      0
0 eth0
| 0.0.0.0         10.6.1.1        0.0.0.0         UG    0      0
0 eth0
|
| Local Gateway
| Destination     Gateway         Genmask         Flags Metric Ref
Use Iface
| 192.168.127.1   0.0.0.0         255.255.255.255 UH    0      0
0 ppp0
| 192.168.1.0     0.0.0.0         255.255.255.0   U     0      0
0 eth1
| 10.2.0.0        192.168.127.1   255.255.0.0     UG    0      0
0 ppp0
| 136.0.0.0       192.168.127.1   255.255.0.0     UG    0      0
0 ppp0
| 10.1.0.0        192.168.127.1   255.255.0.0     UG    0      0
0 ppp0
| 10.6.0.0        0.0.0.0         255.255.0.0     U     0      0
0 eth0
| 10.5.0.0        192.168.127.1   255.255.0.0     UG    0      0
0 ppp0
| 172.0.0.0       192.168.127.1   255.255.0.0     UG    0      0
0 ppp0
| 169.254.0.0     0.0.0.0         255.255.0.0     U     0      0
0 eth1
| 0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0
0 eth1
|
| Remote Gateway
| Destination     Gateway         Genmask         Flags Metric Ref
Use Iface
| 192.168.127.2   0.0.0.0         255.255.255.255 UH    0      0
0 ppp1
| 10.2.0.0        10.1.1.1        255.255.0.0     UG    0      0
0 eth0
| 172.24.0.0      10.1.1.16       255.255.0.0     UG    0      0
0 eth0
| 10.1.0.0        0.0.0.0         255.255.0.0     U     0      0
0 eth0
| 10.4.0.0        10.1.1.112      255.255.0.0     UG    0      0
0 eth0
| 10.5.0.0        10.1.1.112      255.255.0.0     UG    0      0
0 eth0
| 136.9.0.0       10.1.1.16       255.255.0.0     UG    0      0
0 eth0
| 169.254.0.0     0.0.0.0         255.255.0.0     U     0      0
0 eth0
| 0.0.0.0         10.1.1.112      0.0.0.0         UG    0      0
0 eth0
|
| Server
| Destination     Gateway         Genmask         Flags Metric Ref
Use Iface
| 192.168.127.2   10.1.1.115      255.255.255.255 UGH   0      0
0 eth0
| 10.2.0.0        10.1.1.1        255.255.0.0     UG    0      0
0 eth0
| 172.24.0.0      10.1.1.16       255.255.0.0     UG    0      0
0 eth0
| 10.1.0.0        0.0.0.0         255.255.0.0     U     0      0
0 eth0
| 10.6.0.0        10.1.1.115      255.255.0.0     UG    0      0
0 eth0
| 10.4.0.0        10.1.1.112      255.255.0.0     UG    0      0
0 eth0
| 10.5.0.0        10.1.1.112      255.255.0.0     UG    0      0
0 eth0
| 136.9.0.0       10.1.1.16       255.255.0.0     UG    0      0
0 eth0
| 169.254.0.0     0.0.0.0         255.255.0.0     U     0      0
0 eth0
| 0.0.0.0         10.1.1.112      0.0.0.0         UG    0      0
0 eth0
|
|
Perhaps I'm overlooking something, but the remote gateway does not
appear to have a route to the 10.6 network via 192.168.127.2. It looks
to me like traffic to 10.6 would go via the default to 10.1.1.112.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEAREIAAYFAkl7WFwACgkQ5LO5Iacp/hGQ7wCfR1Yx+/79iZrzEUAYAwKYS5Uq
+T0An21t/JWjJUJPxrWa7aOeSi5TtSnP
=pRoY
-----END PGP SIGNATURE-----

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux