On Fri, 2010-02-19 at 04:31 +0100, j.halifax . wrote: > > What happens if you try to "ping" from the eth2 interface of the router? > > ping -I 10.255.250.37 172.17.1.50 > > Commands issued in 10.255.l250.37 (via ssh 195.39.130.92): > ============================================= > ping -I 10.255.250.37 172.17.1.50 > PING 172.17.1.50 (172.17.1.50) from 10.255.250.37 : 56(84) bytes of data. > >From 195.39.130.92 icmp_seq=2 Destination Host Unreachable > :( > ping -I eth2 182.15.1.50 > PING 182.15.1.50 (182.15.1.50) from 10.255.250.37 eth2: 56(84) bytes of data. > >From 195.39.130.92 icmp_seq=1 Destination Host Unreachable > :( > ping 172.17.1.50 > PING 172.17.1.50 (172.17.1.50) 56(84) bytes of data. > 64 bytes from 172.17.1.50: icmp_seq=1 ttl=253 time=8.65 ms > :) > > ========================================== > iptables -L -v > Chain INPUT (policy ACCEPT 3325K packets, 706M bytes) > pkts bytes target prot opt in out source destination > > Chain FORWARD (policy ACCEPT 2152K packets, 964M bytes) > pkts bytes target prot opt in out source destination > 534 40008 ACCEPT all -- any eth3 anywhere 172.17.0.0/16 > > Chain OUTPUT (policy ACCEPT 1080K packets, 160M bytes) > pkts bytes target prot opt in out source destination > ==================================== > ping -I eth2 172.17.1.50 > PING 172.17.1.50 (172.17.1.50) from 10.255.250.37 eth2: 56(84) bytes of data. > >From 195.39.130.92 icmp_seq=2 Destination Host Unreachable > ==================================== > iptables -L -v > Chain INPUT (policy ACCEPT 3325K packets, 706M bytes) > pkts bytes target prot opt in out source destination > > Chain FORWARD (policy ACCEPT 2153K packets, 964M bytes) > pkts bytes target prot opt in out source destination > 534 40008 ACCEPT all -- any eth3 anywhere 172.17.0.0/16 > > Chain OUTPUT (policy ACCEPT 1080K packets, 160M bytes) > pkts bytes target prot opt in out source destination > ===================================== > > Thank you.. > jh You convinced me my gut instinct is wrong about iptables being involved. I have another line of thought. I believe, with iproute2, there are additional routing tables. With a note of caution as I am reading documentation as I go, and you may find you have more experience with this than me, please do: ip rule list I expect there to be at least 3 tables listed, local, main, default For each table, please do ip route list table <table name> For example, ip route list table local ip route list table main ip route list table default ...and ip route list table xxx for any other tables in the rule list. I am going to make a wild guess the local table has higher priority than the main table and has something adversely affecting your routing. I believe we normally only look at the main table. I think the files for iproute2 are kept in the /etc/iproute2 directory. Again, this is only a guess on my part. The documentation I was reading was found using google at URL: http://www.linuxdocs.org/HOWTOs/Adv-Routing-HOWTO-4.html -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines