• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1547
  • Last Modified:

Routing Table / Network Troubleshooting (Vyatta router)

hi, i've set up a Vyatta router on a spare computer in my home office for testing purposes. I can't connect to the internet from inside the router and I can't figure out why as my setup seems to be fine. Can you go over my setup below (IP's and Routing Table) and let me know if you see any errors?

So,  here's my current setup:
Gateway (Buffalo): (this connects to our DSL)
Vyatta Router: eth0=, eth1= (this sits behind my Buffalo gateway router)

Internet --> Buffalo/Gateway --> Vyatta --> Clients in network; can't see the internet or the subnet. Clients behind the Buffalo gateway in the .11 subnet can see the internet fine.

Here's my routing table on the Vyatta:
Routes: 4/4, Paths: 4/4                [static(1)]        > to        via eth0                [connected(0)]        > to                via lo                [connected(0)]        > to        via eth0                [connected(0)]        > to        via eth1

What gives? Anyone have any suggestions why clients behind my Vyatta can't see anything outside the .13 subnet? thanks!
2 Solutions
Looks like your .13 subnet needs to hit the .11 subnet to get to the gateway.  The routes show that your .13 is trying to bypass the eth0 interface.  So, next hop for .13 would be eth0 on the Vyatta, but you have it pointed to the Buffalo router interface, which it cannot see.

Make sense?

it is clear, that your buffalo is unaware about .13 subnet.
please point your buffalo, that 13th subnet is behind 11.1
goldylamontAuthor Commented:
thank you! so, how would i fix this? i thought the third line on the routing table...                [connected(0)]        > to        via eth0
...was saying to clients on .13 "if you need to connect to anything on .11 then use eht0="; but apparently not. what does this line do then?

should i update my static route to point to would i add ANOTHER static route to do this? any help appreciated
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

goldylamontAuthor Commented:
just saw the second comment from "from_exp", how would i make the buffalo "aware" of the .13 network? do i add a static route to the buffalo? if so what would the routing entry look like?
The line:                [connected(0)]        > to        via eth0

is stating that anything on the network use

your static route of is saying for any network, use

You should probably have another statement in there that looks like this:           to                        via eth0
goldylamontAuthor Commented:
ok, i'll try this when i get home. is there anything i need to do on my gateway (buffalo) router?
From what you explained It sounds like eth0 is connected to Buffalo and eth1 (the .13 subnet) is connected elsewhere, so you can't really make the Buffalo router aware of the .13...

Short answer is no in my opinion.
goldylamontAuthor Commented:
so far, nothing has worked. Moorelock, i tried adding an extra static route between .11 and .13 as you suggested and this just stopped the router from working (needed to reboot and revert back to where i was). any ideas on why the router isn't working?
Can the hosts in ping
What do your clients have as their default route?
What do they have as their route to

Can the host in ping
What do the hosts in have as their default route?
What do the hosts in have as their route to

I would verify that the /proc/sys/net/ipv4/ip_forward as a value of 1 in it.
goldylamontAuthor Commented:
I/we fixed it!! The comment from "from_exp" was totally correct. This is what I did:

I added this static route to my Buffalo Gateway:
Destination      Subnet Mask             Gateway                Metric           1

so, I needed to tell the Buffalo router to send any traffic destined for .13 subnet to the Vyatta's eth0/11.1 interface. I'm surfing the net now on .13 subnet!

Also, "giltjr", it was your question "What do they [.11 clients] have as their route to" that made me revisit what "from_exp" was trying to point out.

Moorelock, I appreciate your participation however the answers were incorrect

Thank you everybody!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now