* Re: [LARTC] ABout Routing..again
@ 2003-03-12 22:02 Dhirendra Pal Singh
2003-03-13 1:09 ` Martin A. Brown
2003-03-13 1:36 ` Dhirendra Pal Singh
0 siblings, 2 replies; 3+ messages in thread
From: Dhirendra Pal Singh @ 2003-03-12 22:02 UTC (permalink / raw)
To: lartc
Hi All..
I think the image got screwed up...
I am giving the description again..
Dsl feed goes to gateway 1. Its internal ip address is of 192.168.1.XXX.
Now from here goes the feed to another gateway which eth0 ip address is
192,168.1.50. It has 2 more eth - eth1 and eth2. Their ip address are
192.168.2.51 and 192.168.3.XXX respectively.
Now my problem is that all the computers connect to 192.168.2.XXX are
unable to point to the computers of 192.168.1.XXX. Though strangely I
can ping to 192.168.1.1 wich is the internal ip address of the gateway 1.
Can someone help me whith this configuration...?
rest question are below..
Thanks in advance ..
dp
Dhirendra Pal Singh wrote:
> Hi All,
> I have the following setup on redhat linux 8.0 ...
>
> eth 0
> 192.168.1.50
> \
> |--------------| \
> |--------------|
> -----------------| gateway 1|-------------------------|gateway2 |
> /|_______ |\
> |--------------|
> / \
> / \
> eth0 eth1 -
> / \
> 61.X.X.X 192.168.1.1 eth1
> eth2
> (public) |
> 192.168.2.51 192.168.3.52
> |
> |
> ------------
> |
> | BOX 1
> |
> ----------------
> -------------
> | Box
> BOX 3 |
> 192.168.1.101
> ---------------
>
> 192.168.3.101
>
> My Problem is
>
> A) I am unable to ping from Box 3 (192.168.3.101) to Box 1. Any
> comments or reasons why?
> B) I have figured out that if I enable Masquerading then problem A is
> solved. Can someone explain why?
> C) Is it possible without Masquerading ?
>
> I am in a fix and any Help would be very much appreciated...??
>
> Thanks and Regards
> Dp
>
>
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] ABout Routing..again
2003-03-12 22:02 [LARTC] ABout Routing..again Dhirendra Pal Singh
@ 2003-03-13 1:09 ` Martin A. Brown
2003-03-13 1:36 ` Dhirendra Pal Singh
1 sibling, 0 replies; 3+ messages in thread
From: Martin A. Brown @ 2003-03-13 1:09 UTC (permalink / raw)
To: lartc
Dhirendra,
: Dsl feed goes to gateway 1. Its internal ip address is of 192.168.1.XXX.
: Now from here goes the feed to another gateway which eth0 ip address is
: 192,168.1.50. It has 2 more eth - eth1 and eth2. Their ip address are
: 192.168.2.51 and 192.168.3.XXX respectively.
: Now my problem is that all the computers connect to 192.168.2.XXX are
: unable to point to the computers of 192.168.1.XXX. Though strangely I
: can ping to 192.168.1.1 wich is the internal ip address of the gateway 1.
Is this your network, or did I mangle it in reconstruction?
eth0
192.168.1.50
\
|----------| |----------|
| gateway 1|-------------------------| gateway2 |
/|__________|\ | |----------|
/ \ | / \
eth0 eth1 | / \
61.X.X.X 192.168.1.1 | eth1 eth2
(public) | 192.168.2.51 192.168.3.52
| |
------------ |
| BOX 1 | -------------
------------ | Box 3 |
192.168.1.101 -------------
192.168.3.101
You can ping 192.168.1.1 because it is a locally hosted IP on the default
gateway of the machines in the 192.168.2.0/24 network.
: I have the following setup on redhat linux 8.0 ...
:
: A) I am unable to ping from Box 3 (192.168.3.101) to Box 1. Any
: comments or reasons why?
It looks like you have a common routing problem. If you examine the
routing tables on gateway 1 and box 1, they are probably missing routes
to 192.168.3.0/24 and 192.168.2.0/24 via 192.168.1.50. Host 1 probably
has a default route to 192.168.1.1 and gateway 1 certainly doesn't have a
default route pointing *into* your network.
<gripe>
This is not really a LAR (and certainly not a TC) question. This is a
basic routing question. Let's try to keep these questions off the LARTC
list....this is probably better for a forum like comp.os.linux.networking
or a LUG.
</gripe>
<helpful-hat>
You may find some of my documentation useful in conceptualizing static
routing:
http://linux-ip.net/
http://linux-ip.net/html/ch-routing.html
For others who are following along with questions like this, I would
recommend using a network analyzer of some kind to look at the packets on
each of the machines involved.
- use tcpdump or ethereal on each affected router and end-host
- generate regular traffic (ping, nc, socat, etc.) while trying to
determine where the packets are getting dropped or misrouted
</helpful-hat>
So, Dhirendra:
Remove the masquerading from gateway2
[root@box1]# ip route add 192.168.3.0/24 via 192.168.1.50
[root@box1]# ip route add 192.168.2.0/24 via 192.168.1.50
[user@box3]$ ping -n 192.168.1.101
You should get a response.
[root@box2]# ip route add 192.168.3.0/24 via 192.168.1.50
[root@box2]# ip route add 192.168.2.0/24 via 192.168.1.50
: B) I have figured out that if I enable Masquerading then problem A is
: solved. Can someone explain why?
Because you are changing the source IP on the packets to a 192.168.1.0/24.
When you do this, the other hosts in 192.168.1.0/24 have a direct route
for reply packets.
: C) Is it possible without Masquerading ?
Yes.
-Martin
Anybody think a LARTC FAQ is a good idea?
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] ABout Routing..again
2003-03-12 22:02 [LARTC] ABout Routing..again Dhirendra Pal Singh
2003-03-13 1:09 ` Martin A. Brown
@ 2003-03-13 1:36 ` Dhirendra Pal Singh
1 sibling, 0 replies; 3+ messages in thread
From: Dhirendra Pal Singh @ 2003-03-13 1:36 UTC (permalink / raw)
To: lartc
Thanks a lot once again Martin.
Yes this is the correct diagra.
Mean while I have agian posted my question with the diagram fixed.
Please ignore it.
Got your point Martin about why its not working. I will try it later again.
I apologise for posting the wrong question.. and thank once again to
Martin for taking the pains to correct the diagram and sending and
answer. I was in a fix and didnt knew where to send the question. I
paniced.. sorry..
I will take care of this in future..
Thanks
Dp
Martin A. Brown wrote:
>Dhirendra,
>
> : Dsl feed goes to gateway 1. Its internal ip address is of 192.168.1.XXX.
> : Now from here goes the feed to another gateway which eth0 ip address is
> : 192,168.1.50. It has 2 more eth - eth1 and eth2. Their ip address are
> : 192.168.2.51 and 192.168.3.XXX respectively.
> : Now my problem is that all the computers connect to 192.168.2.XXX are
> : unable to point to the computers of 192.168.1.XXX. Though strangely I
> : can ping to 192.168.1.1 wich is the internal ip address of the gateway 1.
>
>Is this your network, or did I mangle it in reconstruction?
>
>
> eth0
> 192.168.1.50
> \
> |----------| |----------|
> | gateway 1|-------------------------| gateway2 |
> /|__________|\ | |----------|
> / \ | / \
> eth0 eth1 | / \
> 61.X.X.X 192.168.1.1 | eth1 eth2
>(public) | 192.168.2.51 192.168.3.52
> | |
> ------------ |
> | BOX 1 | -------------
> ------------ | Box 3 |
> 192.168.1.101 -------------
> 192.168.3.101
>
>
>You can ping 192.168.1.1 because it is a locally hosted IP on the default
>gateway of the machines in the 192.168.2.0/24 network.
>
> : I have the following setup on redhat linux 8.0 ...
> :
> : A) I am unable to ping from Box 3 (192.168.3.101) to Box 1. Any
> : comments or reasons why?
>
>It looks like you have a common routing problem. If you examine the
>routing tables on gateway 1 and box 1, they are probably missing routes
>to 192.168.3.0/24 and 192.168.2.0/24 via 192.168.1.50. Host 1 probably
>has a default route to 192.168.1.1 and gateway 1 certainly doesn't have a
>default route pointing *into* your network.
>
><gripe>
>This is not really a LAR (and certainly not a TC) question. This is a
>basic routing question. Let's try to keep these questions off the LARTC
>list....this is probably better for a forum like comp.os.linux.networking
>or a LUG.
></gripe>
>
><helpful-hat>
>You may find some of my documentation useful in conceptualizing static
>routing:
>
> http://linux-ip.net/
> http://linux-ip.net/html/ch-routing.html
>
>For others who are following along with questions like this, I would
>recommend using a network analyzer of some kind to look at the packets on
>each of the machines involved.
>
> - use tcpdump or ethereal on each affected router and end-host
> - generate regular traffic (ping, nc, socat, etc.) while trying to
> determine where the packets are getting dropped or misrouted
></helpful-hat>
>
>So, Dhirendra:
>
>Remove the masquerading from gateway2
>
>[root@box1]# ip route add 192.168.3.0/24 via 192.168.1.50
>[root@box1]# ip route add 192.168.2.0/24 via 192.168.1.50
>[user@box3]$ ping -n 192.168.1.101
>
>You should get a response.
>
>[root@box2]# ip route add 192.168.3.0/24 via 192.168.1.50
>[root@box2]# ip route add 192.168.2.0/24 via 192.168.1.50
>
> : B) I have figured out that if I enable Masquerading then problem A is
> : solved. Can someone explain why?
>
>Because you are changing the source IP on the packets to a 192.168.1.0/24.
>When you do this, the other hosts in 192.168.1.0/24 have a direct route
>for reply packets.
>
> : C) Is it possible without Masquerading ?
>
>Yes.
>
>-Martin
>
>Anybody think a LARTC FAQ is a good idea?
>
>
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-03-13 1:36 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-03-12 22:02 [LARTC] ABout Routing..again Dhirendra Pal Singh
2003-03-13 1:09 ` Martin A. Brown
2003-03-13 1:36 ` Dhirendra Pal Singh
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.