Solved

Network - Redhat Linux

Posted on 2012-12-25
10
551 Views
Last Modified: 2013-01-08
I have two network

10.10.10.0/24 and 10.10.20.0/24

10.10.10.0 - two systems
10.10.10.33
10.10.10.37

10.10.20.0 - two system
10.10.20.2
10.10.20.3

I have another system which is connected 10.10.10.0/24 and 10.10.20.0/24 network


I want to be able to ping 10.10.20.2 maching from 10.10.10.0/24 network.

How do i setup static route. Please provide me the steps.
0
Comment
Question by:ittechlab
  • 5
  • 4
10 Comments
 

Author Comment

by:ittechlab
Comment Utility
from system(10.10.10.37)  i did use this command
 
route add -net 10.10.20.0 netmask 255.255.255.0 gw 10.10.10.6 dev eth0

still not working. what is wrong here.
0
 

Author Comment

by:ittechlab
Comment Utility
[root@smtp ~]# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:0C:29:09:87:50
          inet addr:10.10.10.37  Bcast:10.10.10.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe09:8750/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:151297 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5008 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:649322 (634.1 KiB)  TX bytes:360510 (352.0 KiB)

[root@smtp ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.10.20.0      10.10.10.6      255.255.255.0   UG    0      0        0 eth0
10.10.10.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0

[root@smtp ~]# ping 10.10.20.4
PING 10.10.20.4 (10.10.20.4) 56(84) bytes of data.
64 bytes from 10.10.20.4: icmp_seq=1 ttl=64 time=0.335 ms
64 bytes from 10.10.20.4: icmp_seq=2 ttl=64 time=0.259 ms

But I am unable to ping 10.10.20.2.  

From 10.10.20.4 system i can ping 10.10.20.2.

[root@smtp ~]# ping 10.10.20.2
PING 10.10.20.2 (10.10.20.2) 56(84) bytes of data.
0
 
LVL 1

Expert Comment

by:odintsov
Comment Utility
Hello,

Simpliest (but not dirty) way for your problem - set netmask to /16 255.255.0.0 and all systems can be in one subnet.
0
 

Author Comment

by:ittechlab
Comment Utility
I have many devices manually configured which i don't want to change. Is there any other better way. Why static route won' t work?

Network one - 10.10.10.0/24
Network two - 10.10.20.0/24
0
 
LVL 1

Expert Comment

by:odintsov
Comment Utility
U can show this command output from both devices?
ip route show
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:ittechlab
Comment Utility
[root@smtp ~]# ifconfig eth0 | grep inet
          inet addr:10.10.10.37  Bcast:10.10.10.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe09:8750/64 Scope:Link
[root@smtp ~]# ip route show
10.10.20.0/24 via 10.10.10.6 dev eth0
10.10.10.0/24 dev eth0  proto kernel  scope link  src 10.10.10.37
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1
169.254.0.0/16 dev eth0  scope link  metric 1002





[root@ns ~]# ifconfig eth0 | grep inet
          inet addr:10.10.20.4  Bcast:10.10.20.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:febb:a670/64 Scope:Link
[root@ns ~]# ifconfig eth2 | grep inet
          inet addr:10.10.10.6  Bcast:10.10.10.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:febb:a684/64 Scope:Link
[root@ns ~]# ip route show
10.10.20.0/24 dev eth0  proto kernel  scope link  src 10.10.20.4
192.168.0.0/24 dev eth1  proto kernel  scope link  src 192.168.0.18
10.10.10.0/24 dev eth2  proto kernel  scope link  src 10.10.10.6
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1
169.254.0.0/16 dev eth0  scope link  metric 1002
169.254.0.0/16 dev eth1  scope link  metric 1003
169.254.0.0/16 dev eth2  scope link  metric 1004
default via 192.168.0.254 dev eth1







[root@mail ~]# ifconfig eth0 | grep inet
          inet addr:10.10.20.2  Bcast:10.10.20.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:feaf:56f7/64 Scope:Link
[root@mail ~]# ip route show
10.10.20.0/24 dev eth0  proto kernel  scope link  src 10.10.20.2
10.10.10.0/24 via 10.10.20.4 dev eth0
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1
169.254.0.0/16 dev eth0  scope link  metric 1002
default via 10.10.20.1 dev eth0


I want able to ping from 10.10.10.37 to 10.10.20.2 AND
from 10.20.10.2 to 10.10.10.37 vice versa.


I am using  ns system as router which have access to both network.
0
 
LVL 1

Expert Comment

by:odintsov
Comment Utility
All routing configuration fine (mail:  10.10.10.0/24 via 10.10.20.4   smtp:  10.10.20.0/24 via 10.10.10.6).

May u need enable forwarding on ns node:
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
sysctl -p

Can u see forwarded packet in iptables (iptables -nvL FORWARD)?
0
 

Author Comment

by:ittechlab
Comment Utility
route add -net 10.10.20.0 netmask 255.255.255.0 gw 10.10.10.6 dev eth0

How do i make this permanent.
0
 
LVL 1

Expert Comment

by:odintsov
Comment Utility
Hello,

U need create files: /etc/sysconfig/network-scripts/route-eth0 on both servers with following contents:
10.10.20.0/24 via 10.10.10.6 dev eth0
and
10.10.10.0/24 via 10.10.20.4 dev eth0
0
 
LVL 30

Accepted Solution

by:
Kerem ERSOY earned 500 total points
Comment Utility
Hi,

First of all your machine with 2 interfaces should must be enabled for routing. (it is off by default). To enable routing use this procedure:

edit your /etc/sysctl.conf file to include 
net.ipv4.ip_forward = 1

Open in new window


Then all your systems at both sides should use your router (RedHat with 2 interfaces) either as default gateway so the traffic for the other network should go to your router or you need to create static route setting on each system to point to the router (at both interfaces)

Cheers,
K.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now