> At this point, all I want to do is route between
> these interfaces. So far all I can do is ping the
> linux-router from the devices on the various
> segments. But I cannot reach devices on the other
> side of the linux-router.
>
> i.e., From a host on the inside-net, I can ping
> every interface on the linux-router. But I cannot
> ping a host on the other side of the linux-router.
> And if sourcing from the linux-router, I am able
> to ping everything.
>
> The routes appear to be correct as far as I can
> tell. I've even turned off the firewalling
> (iptables) to see if that was the problem, but it
> was not.
>
>
>
> What am I missing?
Is the default gateway ok? It points to 192.168.1.1 which is on a privat=
e=20
LAN connected to eth2.
And if you want to ping from the lan to internet, you will need to do SNA=
T=20
(masquerading). You need a rule like this :
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
If you do not do that, the host on the internet sees a package from=20
192.168.x. and does not know where it can find that host.
> Is there a way to 'debug' like in a cisco router?
You can use tcpdump. Or an iptables rule with -j LOG and see what appear=
s in=20
the logs.
> [prompt]# ip ro
> 192.168.2.0/24 dev eth1 proto kernel scope link src 192.168.2.150
> 192.168.1.0/24 dev eth2 proto kernel scope link src 192.168.1.150
> 123.4.5.0/22 dev eth0 proto kernel scope link src 123.4.5.6
> default via 192.168.1.1 dev eth2 proto static src 192.168.1.150
Stef
--=20
stef.coene@docum.org
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.openprojects.net
