On Sun, 2005-03-06 at 23:53 -0600, Cris Rhea wrote: > On Sun, Mar 06, 2005 at 11:09:46PM -0600, Les Mikesell wrote: > > On Sun, 2005-03-06 at 22:06, Todd Wohlwend wrote: > > > This silly routing thing is driving me buzzonkers. I did have a typo in my > > > first email concerning the gateway address of the LAN PC. The PC was > > > configured correctly. Here are the correct stats and output. > > > > > > FC3 Soon to be Router Box : (dns-172.16.176.72) > > > eth1 - ip-172.16.176.153, snm-255.255.240.0, gw-172.16.176.1 > > > eth0 - ip-192.168.213.254, snm-255.255.255.0, gw-blank > > > > > > PC tied to FC3 eth0 NIC via crossover cable : (dns-172.16.176.72) > > > eth0 - ip-192.168.213.253, snm-255.255.255.0, gw-192.168.213.254 > > > > > > Router box route command. > > > [root@FC3-dt ~]# route > > > Kernel IP routing table > > > Destination Gateway Genmask Flags Metric Ref Use > > > Iface > > > 192.168.213.0 * 255.255.255.0 U 0 0 0 eth0 > > > 172.16.176.0 * 255.255.240.0 U 0 0 0 eth1 > > > 169.254.0.0 * 255.255.0.0 U 0 0 0 eth1 > > > default 172.16.176.1 0.0.0.0 UG 0 0 0 eth1 > > > > > > /etc/sysctl.conf routing section > > > # Controls IP packet forwarding > > > net.ipv4.ip_forward = 1 > > > > > > >From the PC, I can ping itself of course, 192.168.213.254, and > > > 172.16.176.153. I cannot ping anything else on the 172 network. (Note : > > > The Router Box can ping all devices in the 172 network) > > > > If you don't NAT, the boxes on the 172 net must have a reason to route > > the 192.168.213.x addresses back to your router box. If it isn't > > their default gateway you need to add a route back in the router that > > is their default gateway. If this isn't possible, you should add > > NAT on the router box you are describing so all of the 192.168.213.x net > > will appear on the other side as 172.16.178.153. > > > > -- > > Les Mikesell > > les@xxxxxxxxxxxxxxxx > > IMHO, this isn't about (or related to NAT). This is simple IP routing between > two private networks. > > The information above looks fine... There's something missing... > > Do a "cat /proc/sys/net/ipv4/ip_forward" and see what it returns... > Do an "iptables --list" and see what it returns. > > What Todd is describing above I've done bunches of times. There should be no > magic in doing this in FC2/3 (or any other Linux/RH version). Running a routing daemon would probably fix this. IIRC, zebra is the daemon. It used to be routed or gated. I don't know whether zebra will route private addresses. If you want to go beyond you local LANs then NAT will be required. Bob...
