Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

IP Routing Conifuration Dilemma

Posted on 1998-10-11
7
Medium Priority
?
198 Views
Last Modified: 2010-03-18
I'm trying to set up a linux box as a router.
I have set up zillions of linux boxes as firewalls using IP MASQ but am unable to seem to get plain-old routing setup
I have already tried:
-enabled IP forwarding ( echo 1 > /proc/sys/net/ipv4/ip_forward)
-started a routed (redundant, but...)
-tried adding IP forwarding rules via ipfwadm (i.e. ipfwadm -F -a accept -S LAN/LANMASK -D 0/0 -W worldinterface0)

whats going on?
I have a feeling I'm dong somthing exceedingly stupid.
what is it? any ideas?  things to check?
thanks much.
-Dave
0
Comment
Question by:blundar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 1

Accepted Solution

by:
ghjm earned 200 total points
ID: 1587133
- Forget routed unless you want dynamically changing routes.
- Don't do anything with ipfwadm except to make sure it's not rejecting anything. (I assume you don't want firewall functions here.)
- Add static routes as appropriate using the "route" command
- Make sure the *other* machines on the network are set up correctly

It sounds to me like what you're missing is the routing. There's no magic, routed won't figure it out for you.

-Graham
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 1587134
did netstat -rn show appropriate routes?
0
 

Author Comment

by:blundar
ID: 1587135
Ok....
all routes are ok...
15.10.0.0 netmask 255.255.248.0 (to 15.10.0.1 the NAT cisco...)
15.10.8.0 netmask 255.255.248.0 (to LAN)

I can ping 15.10.0.1
I can ping 15.10.8.anything
I have 15.10.8.anything set up with 15.10.8.1 (my machine, ethernet card 2) as the default gateway.
Whats goin on?
Im confused...
-Dave
(2.0.35)
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 51

Expert Comment

by:ahoffmann
ID: 1587136
Do all the hosts in your net have the same netmask (M$ for example is very picky about it)?
Do you have a default route to the default gateway, or do you believe that som protocol stacks use the first IP address in the net as default gateway (I would not recommend this)?
0
 

Author Comment

by:blundar
ID: 1587137
I'm gonna post the whole routing tables ASAP.
FYI- If I add a ipfwadm -F -a m -S 15.10.8.0/21 -D 15.10.0.0/21 and set the default gateway to the NAT box, it works fine.  go figure...

0
 
LVL 1

Expert Comment

by:ghjm
ID: 1587138
Aha!

The Cisco doesn't know how to route back to your 15.10.8.0 network. That's the problem.

Add a static route on the Cisco that lists 15.10.0.xx (your Linux box's address on the Cisco's network) as the gateway for 15.10.8.0.

Your Cisco is probably either sending 15.10.8.0 packets to its default gateway, or trying to ARP for them on its local Ethernet, neither of which will work.

-Graham
0
 

Author Comment

by:blundar
ID: 1587139
Thanks Graham.  I did that in my test pseudo-Cisco (Linux box w/ Masq) and things worked ok.  Further problems will be posted if any.  Thanks much.
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question