Re: Routing problems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> What happens if you try to "ping" from the eth2 interface of the router?
> ping -I 10.255.250.37 172.17.1.50

Commands issued in 10.255.l250.37 (via ssh 195.39.130.92):
=============================================
ping -I 10.255.250.37 172.17.1.50
PING 172.17.1.50 (172.17.1.50) from 10.255.250.37 : 56(84) bytes of data.
>From 195.39.130.92 icmp_seq=2 Destination Host Unreachable
:(
ping -I eth2 182.15.1.50
PING 182.15.1.50 (182.15.1.50) from 10.255.250.37 eth2: 56(84) bytes of data.
>From 195.39.130.92 icmp_seq=1 Destination Host Unreachable
:(
ping 172.17.1.50
PING 172.17.1.50 (172.17.1.50) 56(84) bytes of data.
64 bytes from 172.17.1.50: icmp_seq=1 ttl=253 time=8.65 ms
:)

==========================================
iptables -L -v
Chain INPUT (policy ACCEPT 3325K packets, 706M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 2152K packets, 964M bytes)
 pkts bytes target     prot opt in     out     source               destination
  534 40008 ACCEPT     all  --  any    eth3    anywhere             172.17.0.0/16

Chain OUTPUT (policy ACCEPT 1080K packets, 160M bytes)
 pkts bytes target     prot opt in     out     source               destination
====================================
ping -I eth2 172.17.1.50
PING 172.17.1.50 (172.17.1.50) from 10.255.250.37 eth2: 56(84) bytes of data.
>From 195.39.130.92 icmp_seq=2 Destination Host Unreachable
====================================
iptables -L -v
Chain INPUT (policy ACCEPT 3325K packets, 706M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 2153K packets, 964M bytes)
 pkts bytes target     prot opt in     out     source               destination
  534 40008 ACCEPT     all  --  any    eth3    anywhere             172.17.0.0/16

Chain OUTPUT (policy ACCEPT 1080K packets, 160M bytes)
 pkts bytes target     prot opt in     out     source               destination
=====================================

Thank you..
jh


> ------------ Původní zpráva ------------
> Od: Rick Sewill <rsewill@xxxxxxxxx>
> Předmět: Re: Routing problems
> Datum: 18.2.2010 20:10:40
> ----------------------------------------
> On Thu, 2010-02-18 at 13:48 +0100, j.halifax . wrote: 
> > > I think the problem is probably the routing tables in the other boxes
> > > in the same LAN (e.g. 10.255.250.38)
> > 
> > route in 10.255.250.38:
> > Destination  Gateway   Genmask    Flags Metric Ref    Use Iface
> > 192.168.122.0   *      255.255.255.0   U     0      0        0 virbr0
> > 10.255.250.0    *      255.255.255.0   U     0      0        0 eth0
> > link-local          *      255.255.0.0       U     0      0        0 eth0
> > default   10.255.250.37  0.0.0.0         UG    0      0        0 eth0
> > 
> > traceroute -n 172.17.1.50 (from 10.255.250.38):
> > traceroute to 172.17.1.50 (172.17.1.50), 30 hops max, 40 byte packets
> >  1  10.255.250.37  0.194 ms  0.124 ms  0.120 ms
> >  2  195.39.130.92  3000.438 ms !H  3000.449 ms !H  3000.427 ms !H
> > 
> > The request comes to the LAN default GW and fells through to
> > its default GW eth0 leading to Internet, instead of going to eth3
> > 
> > :((
> > Thank you...
> > jh
> > 
> > 
> 
> I'm still stumped.
> 
> What happens if you try to "ping" from the eth2 interface of the router?
> 
> ping -I 10.255.250.37 172.17.1.50
> 
> I guess the following is equivalent:
> ping -I eth2 172.17.1.50
> 
> I expect this ping to fail.
> 
> I am still suspicious iptables is involved.  
> 
> If your router had periods of time when there was no traffic,
> I would do 
> iptables -L -v 
> to get the packet counts for every iptables rule,
> do the ping from the PC that fails, and do
> iptables -L -v
> again and compare the packet counts for every iptables rule,
> to determine which iptables rules were being used for the ping packets.
> 
> 
> 
> 
> -- 
> users mailing list
> users@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> 
> 
> 
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux