GRE tunnel wierdness

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I haveing something wierd going on, can't seem to figure why. I have two
private networks (neta & netb), being masq'ed behind RH 7.3
machines(east & west). I also have iptables running on both machines. I
could ping from west to east anytime with no problem, but when I try to
ping from east to west, it doesn't go through unless I first ping from
west to east (hoepfully this is understandable the way I'm descibing
it). Here is my setup:
       ------   ------------             ------------  ------
neta---|east|---|dsl router|--internet---|dsl router|--|west|--netb
       ------   ------------             ------------  ------

internal infaces on linux boxes eth0 on x.x.x.1neta=192.168.0.0/24
netb=192.168.1.0/24ip rules on east:
# ip tunnel add netb mode gre remote a.b.c.e local f.g.h.i ttl 255
# ip link set netb up arp on
# ip addr add 192.168.0.254/24 dev netb
# ip route add 192.168.1.0/24 dev netb
ip rules on west:
# ip tunnel add neta mode gre remote f.g.h.i local a.b.c.e ttl 255
# ip link set neta up arp on
# ip addr add 192.168.1.254/24 dev neta
# ip route add 192.168.0.0/24 dev neta
[east]# route -n
Kernel IP routing table
Destination    Gateway    Genmask         Flags Metric Ref    Use Iface
a.b.c.w        0.0.0.0    255.255.255.248 U     0      0        0 eth0
192.168.1.0    0.0.0.0    255.255.255.0   U     0      0        0 netb
192.168.0.0    0.0.0.0    255.255.255.0   U     0      0        0 eth1
192.168.0.0    0.0.0.0    255.255.255.0   U     0      0        0 netb
127.0.0.0      0.0.0.0    255.0.0.0       U     0      0        0 lo
0.0.0.0        a.b.c.x    0.0.0.0         UG    0      0        0 eth0
[west]# route -n
Kernel IP routing table
Destination    Gateway    Genmask         Flags Metric Ref    Use Iface
f.g.h.y        0.0.0.0    255.255.255.248 U     0      0        0 eth0
192.168.1.0    0.0.0.0    255.255.255.0   U     0      0        0 eth1
192.168.1.0    0.0.0.0    255.255.255.0   U     0      0        0 neta
192.168.0.0    0.0.0.0    255.255.255.0   U     0      0        0 neta
127.0.0.0      0.0.0.0    255.0.0.0       U     0      0        0 lo
0.0.0.0        f.g.h.z    0.0.0.0         UG    0      0        0 eth0
Iptables are the same on both boxes except on east I open allow ports 25
80 443 and specifically block port 1003.

If I'm listening on west at neta when I first try to ping anyone on
netb, nothing is coming though unless I have just pinged from netb to
neta first.

Hopefully this isn't too confusing or long winded.

TIA

Steve


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux