[LARTC] simple routing problem... (what am I missing?)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Andrew andrewd@uccsda.org
To: lartc@vger.kernel.org
Subject: [LARTC] simple routing problem... (what am I missing?)
Date: Tue, 05 Dec 2000 00:40:18 +0000	[thread overview]
Message-ID: <marc-lartc-98373938216996@msgid-missing> (raw)

<PRE>Greetings:

I'm working with the following configuration:

                                 Box C
                              +--------+            _/\__/\_
                              |        |(63..a)    /        \
                              | Router/+----------( Internet )
                              |Firewall|aps0       \_  __  _/
                              +----+---+             \/  \/   
                               eth1|(204..a)              |
                                   |                   +--+----+   
                                   |                   | Linux | Box A
                    DMZ------------+----------+--      +-------+
                                              |    
                                              |
                                          +---+---+ 63..b
                                          | Linux | 63..c
                                          +-------+ 
                                             Box B 

Box C is supposed to be a router/firewall for devices on the
internal &quot;DMZ&quot; network. Right now I'm just trying to get the
routing working before I do the rest. I've started a simple
configuration script which does the following:

  # Add routing rules
  #
  ip rule add iif aps0 to 63..a/32 lookup main priority 190
  ip rule add iif aps0 to 63..0/29 lookup isdn-dmz priority 200
  ip rule add iif eth1 to 204..a/32 lookup main priority 210
  ip rule add iif eth1 lookup dmz-isdn priority 220

  # Create routing tables  
  #

  #dmz-isdn table routes
  ip route add default dev aps0 table dmz-isdn
  #isdn-dmz table routes
  ip route add default dev eth1 table isdn-dmz

  # Make rules/routes active
  ip route flush cache
  echo &quot;1&quot; &gt; /proc/sys/net/ipv4/ip_forward
  echo &quot;1&quot; &gt; /proc/sys/net/ipv4/ip_always_defrag

&gt;<i>From my understanding of things, the above should be sufficient to 
</I>allow me to ping box B from box A. However I am unable to do so. I know
the problem is my router because a) I can ping the router (63..a) from Box
A, b) tracerout of box B's ip address shows a complete path to the router where
it dies.

what am I missing?
-- 
<A HREF="mailto:depaan@bibleinfo.com">depaan@bibleinfo.com</A>
--------------------------------------------------------------
Want answers to life's big questions? Visit www.bibleinfo.com.

</PRE>

                 reply	other threads:[~2000-12-05  0:40 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=marc-lartc-98373938216996@msgid-missing \
    --to=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.