[ILUG] routing woes

Chris Higgins chris.higgins at darach.ie
Thu Aug 25 21:49:28 IST 2005 

On Thu, 25 Aug 2005 22:33:11 +0200
<bernhard.d.rohrer at accenture.com> wrote:

> 
> I must be missing something blatantly obvious, but my new ubuntu box
> does something very weird when routing.
> 
> I have the following network setup:
> 
> local LAN - eth0 Ubuntu eth1 - DMZ - router - Irish broadband
> 
> local lan is 192.168.1.0
> DMZ is 192.168.2.0
> 
> my /etc/network/interfaces looks like this:
> 
> 
> # This file describes the network interfaces available on your system
> # and how to activate them. For more information, see interfaces(5).
> 
> # The loopback network interface
> auto lo eth0
> iface lo inet loopback
> 
> # This is a list of hotpluggable network interfaces.
> # They will be activated automatically by the hotplug subsystem.
> mapping hotplug
>         script grep
>         map eth1
> 
> # The primary network interface
> iface eth1 inet static
>         address 192.168.2.100
>         netmask 255.255.255.0
>         network 192.168.2.0
>         broadcast 192.168.2.255
>         gateway 192.168.2.1
>         # dns-* options are implemented by the resolvconf package, if
>         installed dns-nameservers localhost
> 
> iface eth0 inet static
>         address 192.168.1.100
>         netmask 255.255.255.0
>         network 192.168.1.0
>         broadcast 192.168.1.255
>         gateway 192.168.2.1 (I have also tried 192.168.2.100 and
>         192.168.1.100 here - same result) dns-nameservers localhost

The gateway keyword here isn't needed

> 
> C:\Documents and Settings\GrayLion>tracert 66.249.87.99
> 
> Tracing route to 66.249.87.99 over a maximum of 30 hops
> 
>   1    <1 ms    <1 ms    <1 ms  192.168.1.100
>   2    <1 ms    <1 ms    <1 ms  192.168.2.1
>   3     *        *        *     Request timed out.
> 
> now, if I connect a client PC to the DMZ then everything is fine and
> dandy.
> 
> I am confused. especially since the very same setup worked just fine
> under suse a few days ago ...

Ok - you've spend loads of efforts getting the machines in the network
to know what to do to deliver traffic out to the world.

Which device is doing address translation ?
What are they configured to do address translation for ?

If the router is doing NAT for 192.168.2.0/24 only those
machines in that network will route correctly.

It looks like devices beyond the router ( 192.168.2.1 ) can't
get the traffic back in - so you need to ask yourself
"what source address are my packets generating"
"how will external devices route back in"


It looks like you've got the config right to send the packets
out. ( unless my very tired eyes have missed something )


> 
> cheers
> 
> Bernhard
> 
> 
> This message is for the designated recipient only and may contain
> privileged, proprietary, or otherwise private information.  If you
> have received it in error, please notify the sender immediately and
> delete the original.  Any other use of the email by you is prohibited.
> --  Irish Linux Users' Group
> http://www.linux.ie/mailman/listinfo/ilug/
> 


-- 
Chris Higgins
Darach Technology Ltd                      tel: +353-1-6204370
email: chris.higgins at darach.ie          fax: +353-1-6204371
http://www.darach.ie

More information about the ILUG mailing list