On Tue, 25 Jan 2005 09:19:02 +0100, Roger Grosswiler <roger@xxxxxxxx> wrote: > I have a small linux-router with 3 nics builtin (eth2 has been built-in > additionally 2 days before): > > eth0 Link encap:Ethernet HWaddr 00:04:5A:65:F8:B7 > inet addr:10.0.0.2 Bcast:10.255.255.255 Mask:255.0.0.0 > eth1 Link encap:Ethernet HWaddr 00:08:A1:6F:26:D7 > inet addr:192.168.0.100 Bcast:192.168.0.255 Mask:255.255.255.0 > eth2 Link encap:Ethernet HWaddr 00:40:F4:76:BF:89 > inet addr:192.168.2.101 Bcast:192.168.2.255 Mask:255.255.255.0 > > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > 192.168.2.0 * 255.255.255.0 U 0 0 0 eth2 > 192.168.0.0 * 255.255.255.0 U 0 0 0 eth1 > 10.0.0.0 * 255.0.0.0 U 0 0 0 eth0 > default 192.168.0.1 0.0.0.0 UG 0 0 0 eth1 You're confusing me a little bit about your setup. I assume all these network parameters are from your 3-way router. > Traceroute from 10.0.0.1 to 10.0.0.2 is even not working (* * *). Ping > -b 10.0.0.0 from 10.0.0.1 even doesn't show up 10.0.0.2.... If you can't ping the local router interface (with iptables disabled), then you need to solve this first before you think about routing. The most likely problem is actually that you have your interfaces physically misidentified...it's easy to do with a multi-NIC system. Try giving all three of your interfaces addresses out of the 10/8 network and retry your broadcast ping. If you get something back then you can also examine your arp table to see which NIC responded. Another way to figure this out is to just enable IPv6 and then do a multicast ping on the all-hosts IP, like /bin/ping6 -I eth0 ff02::1 A quick peek at the neighbor (arp) table afterwards will let you more accurately identify what's what, ip route list And, depending on the ethernet chipset and hardware, you can also use ethtool to blink the LEDs on any specific NIC, as in ethtool -p eth0 Once you get your interfaces straight, then you can check the routing. As you noted you need the ip_forward option set. Technically you can set this up on a per-interface, but unless you manually do this the single default setting will change all the interfaces at once. You also need to set up appropriate routing table entries on BOTH computers on either side of the router. Say you have PC-A <---- Net 10/8 -----> ROUTER <---- Net 192.168.2/24 ----> PC-B Then on PC-A you'll need an entry, ip route add 192.168.2.0/24 via 10.0.0.2 metric 1 AND on PC-B you'll need, ip route add 10.0.0.0/8 via 192.168.2.101 metric 1 or if your ROUTER is the gateway to the Internet then set the other boxes to point their default (0.0.0.0/0) route entries to point to the router box. Also, I always try to avoid IP addresses with zero-octets in them. For example, instead of 192.168.0.0/24 try 192.168.1.0/24. Some (especially older) network equipment can't deal with 0-subnets. -- Deron Meranda
