subject:"IP forwarding problem"

Re: IP forwarding problem

2006-01-31 Thread Oliver Elphick

On Fri, 2006-01-27 at 14:52 +, Oliver Elphick wrote:
> Can anyone help with this network problem, please?
> 
> This machine is an internal router, with two network cards.  iptables is
> not configured in the kernel, since masquerading and filtering is not
> required.  (There is a separate firewall machine.)
> 
> 192.168.2 (eth0) is a network with Windows machines.  Packets to and
> from that network are no longer being forwarded.  The routing table
> appears to be correct and IP forwarding is turned on.
> 
> Machines on 192.168.2.* are able to ping 192.168.1.18 (the other network
> card on the routing machine) but they cannot ping any other machine on
> the 192.168.1 network.  Similarly, the router can ping 192.168.2.* but
> no other machine on 192.168.1 can do so.
> 
> This set up was working until it was shut down and rebooted :-(

To close this thread for the benefit of readers of the archives, the
problem was that the routing table on the main gateway did not have an
entry for the 192.168.2.0 network.

All the server machines had been shut down and rebooted together because
the UPS batteries had to be replaced.  It seems that the gateway machine
came up before the internal router and was unable to add a route for
192.168.2.0 because the router was not yet responding.

Oliver Elphick

-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: IP forwarding problem

2006-01-27 Thread Matt Zagrabelny

On Fri, 2006-01-27 at 21:01 +, Oliver Elphick wrote:
> On Fri, 2006-01-27 at 12:31 -0600, Matt Zagrabelny wrote:
> > On Fri, 2006-01-27 at 14:52 +, Oliver Elphick wrote:
> > > Can anyone help with this network problem, please?
> > > 
> > > This machine is an internal router, with two network cards.  iptables is
> > > not configured in the kernel, since masquerading and filtering is not
> > > required.  (There is a separate firewall machine.)
> > > 
> > > 192.168.2 (eth0) is a network with Windows machines.  Packets to and
> > > from that network are no longer being forwarded.  The routing table
> > > appears to be correct and IP forwarding is turned on.
> > 
> > how are you turning forwarding on?
> 
> $ cat /etc/network/options
> ip_forward=yes
> spoofprotect=yes
> syncookies=no

i guess that method is deprecated: see bug #338235
but that is splitting hairs, it obviously is setting your sysctl
options.

well, take a look at your the FORWARD chain in your filter table:

# iptables -v -n -t filter -L FORWARD

and report that result.

also you could do some tcpdump'ing.

-matt zagrabelny


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: IP forwarding problem

2006-01-27 Thread Oliver Elphick

On Fri, 2006-01-27 at 12:31 -0600, Matt Zagrabelny wrote:
> On Fri, 2006-01-27 at 14:52 +, Oliver Elphick wrote:
> > Can anyone help with this network problem, please?
> > 
> > This machine is an internal router, with two network cards.  iptables is
> > not configured in the kernel, since masquerading and filtering is not
> > required.  (There is a separate firewall machine.)
> > 
> > 192.168.2 (eth0) is a network with Windows machines.  Packets to and
> > from that network are no longer being forwarded.  The routing table
> > appears to be correct and IP forwarding is turned on.
> 
> how are you turning forwarding on?

$ cat /etc/network/options
ip_forward=yes
spoofprotect=yes
syncookies=no


> what does:
> 
> # sysctl -a | grep forward
> 
> list?
> 
> ie:
> 
> # sysctl -a | grep forward
> net.ipv4.conf.eth1.mc_forwarding = 0
...

net.ipv4.conf.eth0.mc_forwarding = 0
net.ipv4.conf.eth0.forwarding = 1
net.ipv4.conf.eth1.mc_forwarding = 0
net.ipv4.conf.eth1.forwarding = 1
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.all.forwarding = 1
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.lo.forwarding = 1
net.ipv4.ip_forward = 1

That's the same as yours, bar sorting.

> 
> > 
> > Machines on 192.168.2.* are able to ping 192.168.1.18 (the other network
> > card on the routing machine) but they cannot ping any other machine on
> > the 192.168.1 network.  Similarly, the router can ping 192.168.2.* but
> > no other machine on 192.168.1 can do so.
> > 
> > This set up was working until it was shut down and rebooted :-(
> 
> sometimes after a kernel upgrade or a reboot physical interfaces will be
> renamed by the kernel. that will screw things up, but if you can ping
> interfaces from the clients that doesnt sound like the problem, just
> thought i would mention it.

I can't see that that is a factor here.

-- 
Oliver Elphick  olly@lfix.co.uk
Isle of Wight  http://www.lfix.co.uk/oliver
GPG: 1024D/A54310EA  92C8 39E7 280E 3631 3F0E  1EC0 5664 7A2F A543 10EA
 
   Do you want to know God?   http://www.lfix.co.uk/knowing_god.html


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: IP forwarding problem

2006-01-27 Thread Matt Zagrabelny

On Fri, 2006-01-27 at 14:52 +, Oliver Elphick wrote:
> Can anyone help with this network problem, please?
> 
> This machine is an internal router, with two network cards.  iptables is
> not configured in the kernel, since masquerading and filtering is not
> required.  (There is a separate firewall machine.)
> 
> 192.168.2 (eth0) is a network with Windows machines.  Packets to and
> from that network are no longer being forwarded.  The routing table
> appears to be correct and IP forwarding is turned on.

how are you turning forwarding on?

what does:

# sysctl -a | grep forward

list?

ie:

# sysctl -a | grep forward
net.ipv4.conf.eth1.mc_forwarding = 0
net.ipv4.conf.eth1.forwarding = 1
net.ipv4.conf.eth0.mc_forwarding = 0
net.ipv4.conf.eth0.forwarding = 1
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.lo.forwarding = 1
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.all.forwarding = 1
net.ipv4.ip_forward = 1

> 
> Machines on 192.168.2.* are able to ping 192.168.1.18 (the other network
> card on the routing machine) but they cannot ping any other machine on
> the 192.168.1 network.  Similarly, the router can ping 192.168.2.* but
> no other machine on 192.168.1 can do so.
> 
> This set up was working until it was shut down and rebooted :-(

sometimes after a kernel upgrade or a reboot physical interfaces will be
renamed by the kernel. that will screw things up, but if you can ping
interfaces from the clients that doesnt sound like the problem, just
thought i would mention it.


-matt zagrabelny


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

IP forwarding problem

2006-01-27 Thread Oliver Elphick

Can anyone help with this network problem, please?

This machine is an internal router, with two network cards.  iptables is
not configured in the kernel, since masquerading and filtering is not
required.  (There is a separate firewall machine.)

192.168.2 (eth0) is a network with Windows machines.  Packets to and
from that network are no longer being forwarded.  The routing table
appears to be correct and IP forwarding is turned on.

Machines on 192.168.2.* are able to ping 192.168.1.18 (the other network
card on the routing machine) but they cannot ping any other machine on
the 192.168.1 network.  Similarly, the router can ping 192.168.2.* but
no other machine on 192.168.1 can do so.

This set up was working until it was shut down and rebooted :-(



Kernel 2.6.13

[EMAIL PROTECTED] netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags   MSS Window  irtt Iface
192.168.2.0 0.0.0.0 255.255.255.0   U 0 0  0 eth0
192.168.1.0 0.0.0.0 255.255.255.0   U 0 0  0 eth1
0.0.0.0 192.168.1.140.0.0.0 UG0 0  0 eth1

[EMAIL PROTECTED] cat /proc/sys/net/ipv4/ip_forward
1

[EMAIL PROTECTED] sudo ifconfig
eth0  Link encap:Ethernet  HWaddr 00:E0:81:2E:17:30
  inet addr:192.168.2.1  Bcast:192.168.2.255  Mask:255.255.255.0
  inet6 addr: fe80::2e0:81ff:fe2e:1730/64 Scope:Link
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:29786 errors:0 dropped:0 overruns:0 frame:0
  TX packets:17333 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:1000
  RX bytes:3292835 (3.1 MiB)  TX bytes:3704290 (3.5 MiB)
  Interrupt:153

eth1  Link encap:Ethernet  HWaddr 00:E0:81:2E:17:31
  inet addr:192.168.1.18  Bcast:192.168.1.255  Mask:255.255.255.0
  inet6 addr: fe80::2e0:81ff:fe2e:1731/64 Scope:Link
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:2202383 errors:0 dropped:0 overruns:0 frame:0
  TX packets:1480881 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:1000
  RX bytes:524809613 (500.4 MiB)  TX bytes:358879507 (342.2 MiB)
  Interrupt:161



Oliver Elphick


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: PPP server / IP forwarding problem?

1997-07-17 Thread Lindsay Allen

I sent you a reply via email, but it bounced.  It is a bit long to post
here, so please contact me with a valid address.

Lindsay

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Lindsay Allen   <[EMAIL PROTECTED]>  Perth, Western Australia
voice +61 8 9316 2486modem +61 8 9364-9832  32S, 116E
http:  http://rolf.ece.curtin.edu.au/~lindsay   debian linux
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] . 
Trouble?  e-mail to [EMAIL PROTECTED] .

PPP server / IP forwarding problem?

1997-07-16 Thread Christopher Wong

I'm trying to setup a ppp dialup server on Linux (2.0.29)/
Debian 1.3 and am having problems.

I want a Win95 machine to be able to dialup into my linux box and
access the Internet through the linux box which is connected to a
router (internet).

I am able to get the modems to connect and I can ping the win95
machine from linux and the Win95 machine can ping my ethernet port. 
However, I can't get the win95 machine to ping the router.  So, the
Win95 machine cannot access the Internet (web,etc.), or anything
beyond the Linux machine.

Is this an IP forwarding problem?  I'm not sure if I have IP
forwarding turned on or not.  How can I tell?  What does IP forwarding
do anyway?  I know I can access the Internet from the Linux box w/ no
problems. I used debian to install everything so I can't find any
source files around for the kernel to see if IP forwarding was turned
on or not.  Does this mean I have to use "kernel-package_VVV_all.deb" 
to build a custom kernel???  I'm confused.


Here's my setup:

--
Internet |
--
 |
 |
 |
---
Router: 208.128.204.1 |
---
 |
 |
 |

eth0: 208.128.204.2|
   |
Linux Box  |
   |
ttyS1 serial port: |
208.128.204.3??|

  |
  |
-
208.128.204.4   |
Win95 machine   |
-

Does the serial port need its own ip?  Does it have to be a real IP or
can it be a private one?

In my options.ttyS1 (setup for dynamic IP addressing) file I have:  

208.128.204.3:208.128.204.4

Is this right?  Or, should it be the ethernet (.2) or router (.1)
address instead of (.3 serial port).  I've tried all three, and it
doesn't seem to matter.  When I used .1 (router) address I think my
linux box got locked out of the router (couldn't ping the router from
linux). I still can't access the Internet via the WIn95 machine.


Any help would be greatly appreciated.  Everything's been pretty much
setup based on reading the PPP howto, mgetty stuff, and serial howtos.

Going Bonkers,
Chris

[EMAIL PROTECTED]


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] . 
Trouble?  e-mail to [EMAIL PROTECTED] .

Re: IP forwarding problem

Re: IP forwarding problem

Re: IP forwarding problem

Re: IP forwarding problem

IP forwarding problem

Re: PPP server / IP forwarding problem?

PPP server / IP forwarding problem?

7 matches

Site Navigation

Mail list logo

Footer information