Re: ip-forwarding doesn't work

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Christopher Penrose wrote:

> I am trying to create a 16 node (netmask 255.255.240.0) subnet with a 
> linux box as a router.
> 
> I have a i586 running the linux kernel 2.4.13.  My distribution is 
> Redhat 7.0.  I have two EtherExpressPro cards in my machine.  I have had 
> the same difficulty with a 2.4.5 and a 2.2.x kernel.

[snip]

> When I turn on forwarding as I have above, I can ping the router 
> (133.27.179.224 or 133.27.16.221) from a host (133.27.179.226) on the 
> eth1 subnet.  However, pings are never returned to this subnet host 
> (133.27.179.226) if they are bound for hosts on the eth0 network 
> (133.27.16.x) or beyond.  Furthermore, pings from the linux router 
> (133.27.179.224 and 133.27.16.221) to the subnet host (133.27.179.226) 
> are never returned.

Sorry, but I didn't really pay attention to this part before.

So you have something like this:

                 ^
                 |
                 |
            +----+----+        +------+ +------+
            | Gateway |        | Host | | Host | (existing hosts)
            +----+----+        +--+---+ +--+---+
                 | 133.27.16.1    |        |
                 |                |        |
    ------+------+----------------+--------+----- 133.27.16.0/22
          |
          | 133.27.16.221 (eth0)
     +----+----+
     |  Linux  |
     +----+----+
          | 133.27.179.225 (eth1)
          |
    ------+--------+--------+----------- 133.27.179.224/28
                   |        |
                   |        |
                +--+---+ +--+---+
                | Host | | Host | (new hosts)
                +------+ +------+

> Is there something obvious that I am missing?

Does the gateway (133.27.16.1) have the equivalent of:

    route add -net 133.27.179.224 mask 255.255.255.240 gw 133.27.16.221

?

If not, you need to add it somehow. "somehow" could either be by
configuring a static route, or by running a routing daemon (provided
that the gateway is configured appropriately).

The hosts on the 133.27.179.224/28 subnet need the equivalent of:

    route add -net 133.27.179.224 mask 255.255.255.240 gw 133.27.179.225
    route add default gw 133.27.179.225

The existing hosts on the 133.27.16.0/22 subnet shouldn't need any
changes. Provided that the gateway has the correct routing table,
those hosts should have their routing tables updated by ICMP redirects
from the gateway.

-- 
Glynn Clements <glynn.clements@virgin.net>
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux