> ip rule list ip rule list 0: from all lookup local 32766: from all lookup main 32767: from all lookup default ======================== > ip route list table local > ip route list table main > ip route list table default ip route list table local local 195.39.130.92 dev eth0 proto kernel scope host src 195.39.130.92 broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1 local 192.168.180.100 dev eth3 proto kernel scope host src 192.168.180.100 broadcast 10.255.250.255 dev eth2 proto kernel scope link src 10.255.250.37 broadcast 192.168.180.0 dev eth3 proto kernel scope link src 192.168.180.100 broadcast 195.39.130.255 dev eth0 proto kernel scope link src 195.39.130.92 broadcast 10.255.250.0 dev eth2 proto kernel scope link src 10.255.250.37 broadcast 192.168.180.255 dev eth3 proto kernel scope link src 192.168.180.100 broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1 broadcast 195.39.130.0 dev eth0 proto kernel scope link src 195.39.130.92 local 10.255.250.37 dev eth2 proto kernel scope host src 10.255.250.37 local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1 local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1 ip route list table main 192.168.180.0/24 dev eth3 proto kernel scope link src 192.168.180.100 10.200.1.0/24 via 10.255.250.250 dev eth2 195.39.130.0/24 dev eth0 proto kernel scope link src 195.39.130.92 10.1.1.0/24 via 10.255.250.250 dev eth2 10.201.1.0/24 via 10.255.250.250 dev eth2 172.17.1.0/24 via 192.168.180.100 dev eth3 10.255.250.0/24 dev eth2 proto kernel scope link src 10.255.250.37 169.254.0.0/16 dev eth0 scope link metric 1003 169.254.0.0/16 dev eth2 scope link metric 1004 169.254.0.0/16 dev eth3 scope link metric 1005 192.168.0.0/16 via 192.168.180.100 dev eth3 default via 195.39.130.89 dev eth0 ip route list table default My comment: Table is empty ====================== I can't see any fault. Packets to 172.17.1.50 should match 172.17.1.0/24 via 192.168.180.100 dev eth3 and go to eth3. But it doesn't and goes by default to eth0 (Internet) Don't you know any way of debugging routing decisions (to see why do packets match or not)? Thank you again. :) jh > ------------ Původní zpráva ------------ > Od: Rick Sewill <rsewill@xxxxxxxxx> > Předmět: Re: Routing problems > Datum: 19.2.2010 05:54:39 > ---------------------------------------- > On Fri, 2010-02-19 at 04:31 +0100, j.halifax . wrote: > > > What happens if you try to "ping" from the eth2 interface of the router? > > > ping -I 10.255.250.37 172.17.1.50 > > > > Commands issued in 10.255.l250.37 (via ssh 195.39.130.92): > > ============================================= > > ping -I 10.255.250.37 172.17.1.50 > > PING 172.17.1.50 (172.17.1.50) from 10.255.250.37 : 56(84) bytes of data. > > >From 195.39.130.92 icmp_seq=2 Destination Host Unreachable > > :( > > ping -I eth2 182.15.1.50 > > PING 182.15.1.50 (182.15.1.50) from 10.255.250.37 eth2: 56(84) bytes of data. > > >From 195.39.130.92 icmp_seq=1 Destination Host Unreachable > > :( > > ping 172.17.1.50 > > PING 172.17.1.50 (172.17.1.50) 56(84) bytes of data. > > 64 bytes from 172.17.1.50: icmp_seq=1 ttl=253 time=8.65 ms > > :) > > > > ========================================== > > iptables -L -v > > Chain INPUT (policy ACCEPT 3325K packets, 706M bytes) > > pkts bytes target prot opt in out source > destination > > > > Chain FORWARD (policy ACCEPT 2152K packets, 964M bytes) > > pkts bytes target prot opt in out source > destination > > 534 40008 ACCEPT all -- any eth3 anywhere > 172.17.0.0/16 > > > > Chain OUTPUT (policy ACCEPT 1080K packets, 160M bytes) > > pkts bytes target prot opt in out source > destination > > ==================================== > > ping -I eth2 172.17.1.50 > > PING 172.17.1.50 (172.17.1.50) from 10.255.250.37 eth2: 56(84) bytes of data. > > >From 195.39.130.92 icmp_seq=2 Destination Host Unreachable > > ==================================== > > iptables -L -v > > Chain INPUT (policy ACCEPT 3325K packets, 706M bytes) > > pkts bytes target prot opt in out source > destination > > > > Chain FORWARD (policy ACCEPT 2153K packets, 964M bytes) > > pkts bytes target prot opt in out source > destination > > 534 40008 ACCEPT all -- any eth3 anywhere > 172.17.0.0/16 > > > > Chain OUTPUT (policy ACCEPT 1080K packets, 160M bytes) > > pkts bytes target prot opt in out source > destination > > ===================================== > > > > Thank you.. > > jh > > > You convinced me my gut instinct is wrong about iptables being involved. > > I have another line of thought. > > I believe, with iproute2, there are additional routing tables. > > With a note of caution as I am reading documentation as I go, > and you may find you have more experience with this than me, > please do: > ip rule list > > I expect there to be at least 3 tables listed, local, main, default > > For each table, please do ip route list table <table name> > For example, > ip route list table local > ip route list table main > ip route list table default > ...and ip route list table xxx for any other tables in the rule list. > > I am going to make a wild guess the local table has higher priority > than the main table and has something adversely affecting your routing. > > I believe we normally only look at the main table. > > I think the files for iproute2 are kept in the /etc/iproute2 directory. > > Again, this is only a guess on my part. > > The documentation I was reading was found using google at URL: > http://www.linuxdocs.org/HOWTOs/Adv-Routing-HOWTO-4.html > > > > -- > users mailing list > users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > > > -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
