But you didn't say if you could ping the DSL router from the LEAF router
(or anywhere else)
Does the DSL router respond to ping? probably does
You said you can ping anywhere from LEAF so icmp is probably enabled
in proc/sys/net/ipv4.
I assume forwarding is enabled.
FOR ME, that only leaves that your DSL router doesn't have a route to
your internal net. You said you have no firewall, I assumes that means
no NAT, so the DSL router needs a route to you.
Greg R <[EMAIL PROTECTED]> on 02/07/2002 11:12:15 AM
To: [EMAIL PROTECTED]
cc: [EMAIL PROTECTED] (bcc: Phillip Watts/austin/Nlynx)
Subject: [Leaf-user] Re: LEAF routing private IP space
Thank you Matt & David for you replies.
Let me see if I can provide some more information for you.
I do not have any firewall enabled, nor is ipchains installed - the router
is wide open. eth0 is the outside interface - I am sure. From the router I
can ping anything anywhere, by IP and by FQDN.
I have enabled both interfaces to respond to ICMP, and like I said in my
first post I can ping both of the interfaces (eth0 & eth1) from the router
itself, I can ping the external interface (eth0) from the DSL router in
front of it, and I can ping the internal interface (eth1) from the
workstation behind it.
When I say that ping "fails" when I attempt to ping the internal interface
of the DSL router from the workstation behind the LEAF router I mean that
there is 100% packet loss - in other words ping just sits there until I
issue an interrupt at which point is shows the following message:
workstation:/root # ping 192.168.68.1
PING 192.168.68.1 (192.168.68.1): 56 data bytes
--- 192.168.68.1 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
Here is the output of the commands you requested:
# lsmod
Module Size Used by
ip_masq_autofw 2432 0 (unused)
ip_masq_portfw 2416 0 (unused)
smc-ultra 4168 2
8390 6340 0 [smc-ultra]
#which ipmasqadm
/usr/sbin/ipmasqadm
Please let me know if there is more info I can include in the
troubleshooting report and thanks for all your attention so far.
Greg R
--- Matt Schalit <[EMAIL PROTECTED]> wrote:
> Ray Olszewski wrote:
> >
> > <sigh> We need a FAQ answer for this one too (or do we have one?).
> >
> > LEAF basic firewalls by default block ALL private-address traffic on
> the
> > external interface. (At least Dachstein and Eigerstein do, and I think
> > Oxygen is the same in that regard.)
>
> Nope. Oxygen has zero ipchains rules by default.
> In fact, you'd be hard pressed to even find ipchains
> on the boot diskette :)
>
> But then again, it's meant to load from more than
> one diskette, network, cdrom, ftp, tftp, whatever.
> You can squeeze ipchains.lrp on the first diskette
> though. But that's another thread.
>
> As far as Greg's question goes, he's done a good
> job so far and made a good post. But he left
> out a few things like the output of
>
> [ which ipchains ] && ipchains -L -v -n || echo "Doh!"
> lsmod
> which ipmasqadm
>
> I realize that's along the lines of your post, though :)
> We just don't know if he's even has ipchains yet.
>
> (And the arp cache listing from the 192.168.1.50 would help
> along with the exact failed ping output.)
>
> Best,
> Matthew
~
__________________________________________________
Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
http://greetings.yahoo.com
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
