Fedora 4 routing config issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'm overlooking something very simple, I know, but I've been looking at
this mess for so long, there's little hope now of my seeing what's
wrong.

For reference, I've uploaded a diagram of my network at
http://home.bellsouth.net/p/s/community.dll?ep=16&ext=1&groupid=266017&ck= Please refer to it for the discussion below.

I'm preparing to replace a smoothwall box at my border with a
custom-configured Fedora machine (hostname gadwall).  In order to test
the configuration of gadwall in its new role, I've set up a second
subnet inside my home network by putting petrel behind gadwall on the
.2 subnet.  (Yes, I know, there's some serious triple natting at play.)

I added a route on osprey (192.168.1.3) that enables me to ssh in to
petrel (192.168.2.2).  From petrel I can get to anything on the
192.168.1.0 subnet through gadwall.  Unfortunately, from petrel I can't
get to the internet; gadwall isn't forwarding packets to smoothwall.
 From gadwall itself I can get to the internet just fine.

Here's some net config stuff from gadwall.

[root@gadwall ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:B0:D0:82:6D:DB
          inet addr:192.168.1.10  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fec0::2b0:d0ff:fe82:6ddb/64 Scope:Site
          inet6 addr: fe80::2b0:d0ff:fe82:6ddb/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:11416 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8144 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4871805 (4.6 MiB)  TX bytes:1066146 (1.0 MiB)
          Interrupt:5 Base address:0xe880

eth1      Link encap:Ethernet  HWaddr 00:0F:B5:8D:63:D9
          inet addr:192.168.2.1  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::20f:b5ff:fe8d:63d9/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1449 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1223 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:141635 (138.3 KiB)  TX bytes:108304 (105.7 KiB)
          Interrupt:5 Base address:0x4c00

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1129 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1129 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1313920 (1.2 MiB)  TX bytes:1313920 (1.2 MiB)

[root@gadwall ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth1
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0

[root@gadwall ~]# cat /proc/sys/net/ipv4/ip_forward
1

[root@gadwall ~]# iptables -L
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination


Here's a traceroute from petrel (192.168.2.2) to google.com
(72.14.207.99).  Clearly, gadwall isn't forwarding to smoothwall.

[root@petrel ~]# traceroute 72.14.207.99
traceroute to 72.14.207.99 (72.14.207.99), 30 hops max, 38 byte packets
  1  gadwall (192.168.2.1)  0.412 ms  0.144 ms  0.114 ms
  2  * * *

But it works for .1 subnet addresses.

[root@petrel ~]# traceroute 192.168.1.3
traceroute to 192.168.1.3 (192.168.1.3), 30 hops max, 38 byte packets
  1  gadwall (192.168.2.1)  0.412 ms  0.119 ms  0.092 ms
  2  osprey (192.168.1.3)  0.206 ms !<10>  0.160 ms !<10>  0.154 ms !<10>

What route should I add to gadwall to make him forward packets from petrel to smoothwall (and hence, the internet)?

Thanks,
Jay




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux