why should you need a default-route set MANUALLY? configure the standrad-gateway which is your router in the network-configuration and you are done nobody on this world ever needed the route-command on a ordinary client and if the client si using DHCP it would even get the standard-gateway [root@buildserver:~]$ cat /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 ONBOOT=yes BOOTPROTO=static TYPE=Ethernet MODE=Managed IPADDR=10.0.0.103 NM_CONTROLLED=no IPV6INIT=no NETMASK=255.255.255.0 GATEWAY=10.0.0.1 USERCTL=no MTU=1472 nobody needed to add this route at all [root@buildserver:~]$ LANG=C; route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth0 10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 Am 12.03.2013 05:11, schrieb Gary Artim: > not sure what you're saying...I just have a default route defined on > the machine I'd like routed. The router has all the iptables stuff. > When I type route on the non router it hangs, then after some time > comes back with the default route to the router and canNOT get beyond > the subnet. To my knowledge you need to define a default route on > every machine in the subnet that is using the router, at least that is > how I've had them setup for the last 15 years and it worked fine. > > to summerize I have 2 machine linked by a single patch cable, one of > the machine (the linux router) has a second interface to a bigger lan > on campus. > the ips: router 192.168.0.1 othermachine 192.168.0.11 (default route > to 192.168.0.1) > iptables: router has natted/masq 192.168.0.0 net, othermachine is wide > open, all iptable rules flushed and accepting everything > > This should work and worked in the passed, must be something I did or > the router or othermachine is missing some software. Tomorrow I'll try > tracing the route. > > On Mon, Mar 11, 2013 at 8:31 PM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote: >>> client hang on route command >> >> what the hell are you doing? >> >> the client does not need anything to know about routing >> your router is the standard-gateway of the clients and >> has to do anyhting with affeactes NAT/masquerading/routing >> because that is why it is called router >> >> Am 12.03.2013 04:20, schrieb Gary Artim: >>> I tried postrouting/masquerade in iptables on the router and still the >>> client hang on route command. Its like the client cant see the router. >>> But ping works fine in both directions. If I try and ping a known >>> address on the greater internet, nothing. So there is no route beyond >>> the subnet of 192.168.0.0. I know its something dumb cause I've done >>> this 10..12 times before and it aways worked or is working now on some >>> servers. >>> >>> On Mon, Mar 11, 2013 at 7:12 PM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote: >>>> you do NOT need this on the client. >>>> and it is NOT enough if your machine works as NAT-router >>>> >>>> postrouting/masquerade is at least needed >>>> >>>> Chain POSTROUTING (policy ACCEPT 19602 packets, 1625K bytes) >>>> pkts bytes target prot opt in out source destination >>>> 80 7964 MASQUERADE all -- * eth1 192.168.2.0/24 0.0.0.0/0 >>>> >>>> Chain FORWARD (policy DROP 0 packets, 0 bytes) >>>> pkts bytes target prot opt in out source destination >>>> 48 2820 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS >>>> clamp to PMTU >>>> 0 0 DROP all -- eth1 * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:0 >>>> 0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:0 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x17 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x01 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 >>>> ctstate NEW >>>> 0 0 DROP all -- eth1 * 127.0.0.0/8 0.0.0.0/0 >>>> 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 TTL match TTL < 5 >>>> 0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 TTL match TTL < 5 >>>> 0 0 DROP all -- eth1 * 84.113.45.179 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 0.0.0.0/8 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 10.0.0.0/8 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 127.0.0.0/8 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 169.254.0.0/16 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 172.16.0.0/12 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 192.0.0.0/24 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 192.0.2.0/24 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 192.88.99.0/24 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 192.168.0.0/16 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 198.18.0.0/15 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 198.51.100.0/24 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 203.0.113.0/24 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 224.0.0.0/4 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 240.0.0.0/4 0.0.0.0/0 >>>> 0 0 DROP all -- eth1 * 255.255.255.255 0.0.0.0/0 >>>> 8734 4397K ACCEPT all -- eth1 br0 0.0.0.0/0 192.168.2.0/24 ctstate RELATED,ESTABLISHED >>>> 8698 3215K ACCEPT all -- br0 eth1 192.168.2.0/24 0.0.0.0/0 >>>> 4 2304 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 >>>> >>>> Am 12.03.2013 03:07, schrieb Gary Artim: >>>>> thanks, I forgot to mention I do have this set on both the client and >>>>> router, still doesnt work. something is fishie, I went home frustrated >>>>> and used my 2 laptops, one running mint linux, wirelessly, with a >>>>> ethernet port (as the router) and one running fedora 18 as the client >>>>> and got it to route -- ie ping yahoo.com. Go figure. >>>>> >>>>> On Mon, Mar 11, 2013 at 5:55 PM, zoom itman <rummymobile@xxxxxxxxx> wrote: >>>>>> On Tue, Mar 12, 2013 at 10:25 AM, Gary Artim <gartim@xxxxxxxxx> wrote: >>>>>>> I have a problems using a patch cable and trying to route though >>>>>>> another machine >>>>>> >>>>>> >>>>>> This might help, on the machine doing the forwarding: >>>>>> >>>>>> echo 1 > /proc/sys/net/ipv4/ip_forward >>>>>> >>>>>> Then, set net.ipv4.ip_forward to 1 in /etc/sysctl.conf so it persists >>>>>> over reboots
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
