We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

No Routing

vaughnm
vaughnm asked
on
Medium Priority
320 Views
Last Modified: 2010-05-18
I can't ping the ppp0 port on my linux server.

I have a small LAN with the linux server acting as the S/W router to my ISP. All the hardware is setup and seems to be behaving itself. From within the LAN I can ping all the(legal) PC IP addresses. I can also ping all those addresses from the linux PC. I can also ping the ppp0 port and the rest of the world from the linux PC. What I can't do is ping beyond the ppp0 port from within the LAN from any other PC, other than the linux PC. For example, I can't ping the ISP's gateway from within the LAN.

When I try pinging the internet from within the LAN, there are no Tx or Rx lights flashing on the modem, as there is when pinging from the linux PC.

When I run the debug switch for routed, I get coninuous messages saying that "sendto: Network is unreachable" and "ADD Route: Broken Pipe"

I am running Slackware 2.0.0
Comment
Watch Question

Commented:
Have you recomplied your kernel with IP forwarding turned on???

Commented:
You need IP Forwarding switched on, but also unless you have been assigned more than 1 ip address for your link this wont work with out using masquarding etc...

Commented:
There may be three things going on here:

- I'll assume your ISP has assigned you a series of IP
   addresses and you're not doing IP Masquerading

First, do the obvious and make sure your IP Forwarding option is enabled.  (I'm sure you already did, but it never hurts to check)

Next, obviously, be running routed or gateway to serve as a route broadcast... again, obvious, but let's get these out of the way.

Now some issues.  Some ISPs like to assign your ppp0 (your side) address out of the space you are alloted.  In effect, if you are assigned six addresses, your UNIX machine actually uses two of them.  This is a bad thing and makes Linux cry a lot.  Specifically, it requires that HOST ROUTING work correctly, it doesn't.  ISP's like this because they use less address space for you.  Linux hates it.

What happens in routing:

An interior PC sends a packet to its default gateway.
The linux box receives the packet and asks:

  Is this packet I've received destined for addresses
  within the netmask'ed address space I call my
  local ethernet or myself?

If your ISP assigned your ppp0 side of things an address
outside of "your IP space", the answer is no.  So your
kernel forwards the packet to the default route, down the
ppp0 link to the modem... easy enough.  Even if they assigned in "your space", the packet would still go out...

Here's the catch.  When an IP ACK is sent back in protocol, i9t must find its way BACK to the sending workstation,  It arrives at your PPP link and finds the UNIX box.  (No where else for it to go.)  Unix asks the same question:

   Is this packet destined for an address outside of my
   "owned" address space.  If so route it.

If your ISP assigned space "in your space" for ppp0,
the answer is NO.  Your kernel dutifully forwards the
link into or out of ppp0 again!  This is the host-routing bug.  Proper host routing requires the kernel recognize a point-to-point link and handle it special.

The solution is to ask your ISP to make sure your ppp0 link has addresses on each side that are NOT within your allotted space.  Then any packets into or out of your net will be handled correctly.  

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.