/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
David Ranch wrote:
>
> >This is what my routing table looks like on my Linux only box with ips
> >on the internal network only after a fresh boot:
> >
> >[sd@sparky sd]$ netstat -rn
> >Kernel IP routing table
> >Destination Gateway Genmask Flags MSS Window irtt
> >Iface
> 1 >24.163.164.1 192.168.173.1 255.255.255.255 UGH 0 0 0
> >eth0
> 2 >192.168.173.6 192.168.173.1 255.255.255.255 UGH 0 0 0
> >eth0
> 3 >192.168.173.6 0.0.0.0 255.255.255.255 UH 0 0 0
> >eth0
> 4 >192.168.173.0 0.0.0.0 255.255.255.0 U 0 0 0
> >eth0
> 5 >127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0
> >lo
> 6 >0.0.0.0 192.168.173.1 0.0.0.0 UG 0 0 0
> >eth0
>
> This is a mess!
>
> Line 6 says that the IP address 24.163.164.1 is on eth0 which is accessable
> via 192.168.173.1. This is impossible to do. At minimum, you would have
> to do IP Aliasing on eth0 to put two IPs on it but it isn't recommended.
>
> Line 2 says that IP 192.168.173.3 is on eth0 and its default gw is
> 192.168.178.1. This is probably a host but isn't required.
>
> Line 3 says the 192.168.178.6 IP is on eth0. Again, a unnecessary host
> route.
>
> Line 4 says that 192.168.178.0 network is on eth0. Good.
>
> Line 5 says that 127.0.0.0 is on the lo0 interface. Good.
>
> Line 6 says that the default route OUT is on eth0 with an IP of 192.168.173.1.
>
> This is probably good buy using the WRONG interface. You really
> need another interface line eth1, ppp0, etc.
>
> >[sd@sparky sd]$ ping citilink.com
> >PING citilink.com (209.98.8.9) from 192.168.173.6 : 56(84) bytes of
> >data.
> >>From 192.168.173.1: Redirect Host(New nexthop:
> >nic-163-c164-001.mn.mediaone.net (24.163.164.1))
> >64 bytes from foshay.citilink.com (209.98.8.9): icmp_seq=0 ttl=236
> >time=142.7 ms
>
> This is happening because your routing is HOSED. Explain to me
> your IP addresses, interface names (eth0, eth1, ppp0, etc), and
> I can help you fix this. What distro is this?
This is RedHat 6.2, to summarize my network with respect to this
machine:
192.168.173.6 is the machine's ip address.
192.168.173.1 is my masq box's internal ip address (a different
computer).
24.163.164.1 is the gateway for my masq box (at the cable company).
There is one and only one interface on this machine with
IP=192.168.173.6 I know my routing is crap, but with those entries there
it works fine. It's only when those entries are NOT present that I have
problems. I added them as an interm method of fixing it. Here's the
layout of the first couple hops:
192.168.173.6 (sparky, eth0) -> 192.168.173.1 (panda eth0:0) -> (masqed
to) 24.163.164.varies (panda eth0) -> 24.163.164.1 (at the cable co) ->
wherever
Now, when I originally set up sparky, I set it up with ip address
192.168.173.6 and to use 192.168.173.1 as its default gateway. The only
entries in my routing table were the last 4 (yes, #3 was not set up by
me, it was done by the install, perhaps it's causing the problem?). Then
I would have problems with only the first packet getting through. Once
the first packet was sent panda would send sparky a redirect host
message telling it that it doesn't need to talk to panda to get packets
to whatever address I just tried to connect to, and that it can in fact,
just send its packets to 24.163.164.1. This doesn't work because sparky
has one interface and one address and it's 192.168.173.6, and
24.168.164.1 is not on the same subnet, so it'd get host unreachable. So
the only way I found to make packets after the first get outside was to
add that extra host route (that you numbered 1). That worked fine most
of the time, except once in a while I'd find that I couldn't contact a
site and when checking the routing cache, I'd see that for some reason
sparky had been set as a gateway, but sparky is not allowed to route
packets (which is good otherwise the same packet would've looped until
its ttl ran out) so packets to those sites wouldn't get out.
To sum it up, the problem is not being caused by hosed routing on
sparky, it's SOLVED by hosed routing on sparky, at least the first two
entries (the third doesn't make sense to me, but like I said I didn't
add it so I leave it). But I don't want to keep my routing hosed that
way so I'm looking for a more elegant solution. If anything it's caused
by something on my masq machine thinking that since both internal and
external interfaces are the same, that they can somehow talk to each
other and it tells my machine that it can do so.
I hope that clarifies what my problem is.
Robin
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
