From: Nelson Castillo <nelsoneci@gmail.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] linux ip forwarding problem
Date: Fri, 17 Jun 2005 17:40:57 +0000 [thread overview]
Message-ID: <2accc2ff0506171040569c1724@mail.gmail.com> (raw)
In-Reply-To: <19858.161.114.64.75.1119028463.squirrel@mail.cce.hp.com>
On 6/17/05, Dariusz Dwornikowski <tdi@pozman.pl> wrote:
> On Fri, 17 Jun 2005 13:14:23 -0400 (EDT)
> "Ji Li" <ji.li3@hp.com> wrote:
>
> > Hi,
> > I have three linux machines, and I want to let one of them forward packets
> > betwen the other two. The forwarding node has two ethernet cards,
> > connecting the two two machines respectively. However, when I ping between
> > the two end points, the forwarding node can receive the ping requests at
> > its eth0, but it never forwards them to its eth1. So is the reverse
> > direction.
> >
> > The forwarding node is Redhat 7.2, kernel 2.4.7-10. The two end points are
> > FC3, 2.6.9-1.667smp.
> >
> > What we have done to enable IP forwarding on the RH7.2 node are:
> > (1) In /etc/sysconfig/network, add "FORWARD_IPV4=yes"
> > (2) "echo 1 > /proc/sys/net/ipv4/ip_forward".
> > (3) Change "net.ipv4.ip_forward=1" in /etc/sysctl.conf.
> > (4)
> > "echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter"
> > "echo 0 > /proc/sys/net/ipv4/conf/eth1/rp_filter"
> > (5) We tried "iptables -F" to flush the rules, but ip forwarding still
> > doesn' work, so we add some rules as follows. We run "iptables" to
> > configure firewall to enable IP forwarding.
> > iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
> > iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
> route add net comp1-net gw comp1-ip
> route add net comp2-net gw comp2-ip
The last 2 lines are strange... I think you don't need them.
In comp1, you need:
route add -host comp2-ip gw reachable-router-ip-from-comp1
in comp2, you need
route add -host comp1-ip gw reachable-router-ip-from-comp2
You should also use tcpdump and test with pings. Example:
# tcpdump -n -i eth0 icmp
It will allow you to debug common issues, for instance, when the
icmp echo request reaches its destination, but the host cannot reply
because a route is missing.
I assume the forwarding host is not the default route of
comp1 nor comp2.
Regards,
Nelson.-
--
Homepage : http://geocities.com/arhuaco
The first principle is that you must not fool yourself
and you are the easiest person to fool.
-- Richard Feynman.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next prev parent reply other threads:[~2005-06-17 17:40 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-17 17:14 [LARTC] linux ip forwarding problem Ji Li
2005-06-17 17:28 ` Dariusz Dwornikowski
2005-06-17 17:40 ` Nelson Castillo [this message]
2005-06-19 3:35 ` ji.li3
2005-06-19 5:23 ` Andreas Unterkircher
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2accc2ff0506171040569c1724@mail.gmail.com \
--to=nelsoneci@gmail.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.