>First off, what is that extra netstat -rn entry for eth6 >(169.254.0.0...looks like some Windows default garbage)? Can't help but >wonder what that's doing to routing to the 192.168.10 network on the >machine. I have tried to eliminate that route with the command route del -net 169.254.0.0 netmask 255.255.0.0 This eliminates the route but on reboot again and lift it I do not know which file to modify to be removed. I think that you really don't need to worry about this route. It's used for default networking when your system is set to DHCP but does not get an address from a DHCP server (NIC self-assigns a 169.254.x.x address to itself). This also happens on Windows. I think that, the route itself will have no effect on your connectivity or networking. >Next, why do you get two different traceroute results when you >traceroute host 192.168.10.20 as shown below (doesn't make any sense)?: In the first tcpdump command, ping from 192.168.10.250 to 192.168.10.20 |firewall |--x-->|switch |----> | host 192.168.10.20 | In de Second tcpdump command ping from 192.168.10.20 to 192.168.5.1 |host 192.168.10.20 |---->|switch |----> | FIRWALL |--x-->| switch |-----> | HOST 192.168.5.1 | In two previous cases, it do not work. The fact is that if any host of any lan to an internal interface of the router, then work. Example 192.168.1.201 (HOST) -> 192.168.1.231 (ROUTER) works!!! 192.168.10.20 (HOST) -> 192.168.5.254 (ROUTER) works!!! 192.168.1.201 (HOST) -> 192.168.10.250 (ROUTER) works!!! >1) there is no default gateway entered in your netstat -nr command. Gateway 0.0.0.0 is >missing in your routing table. So, where do you expect to go your traffic to? >Can't help but wonder what that's doing to routing to the >192.168.10 network on the machine. I think that is not the problem since the gw will only be used when I try to connect to a network from which it is not in my routing table and this is not the case because I only forward packets between the networks directly connected to the router. >2) you need the appropiate entries for accepting connections with iptables. > just setting the ip.forward.v4 param is not that enough (IMHO). I think so!!! >Use system-config-firewall: >- set the NIC you want to accept connection as a trusted device (for test purposes now) >- add a forward rule to the nic, you want to to forward, such as : >iptables -A FORWARD -i [NIC_TO_FORWARD] -j ACCEPT > >Try, then you should see using iptables -L -v some traffic on the NIC and in the FORWARD >state. I have also tried your suggestion but unfortunately it did not work: ( thanks a lot for your help. Best regards -- This is an email sent via the webforum on http://fcp.surfsite.org http://fcp.surfsite.org/modules/newbb/viewtopic.php?post_id=291771&topic_id=61844&forum=10#forumpost291771 If you think, this is spam, please report this to webmaster@xxxxxxxxxxxxxxxxx -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
