Discussion:
ip forwarding and ES5
(too old to reply)
Martin Riddle
2009-03-05 00:01:42 UTC
Permalink
I have a ES 5 setup and have problems using it as a router.

network setup
10.0.0.0(eth0) ---- ES5 ---- (eth1)192.168.1.99 <------> LinksysBEFSX41 192.168.1.1

Now I have an identical server setup the same way running ES 3, and it works.

I have ip_forward = 1 and the Nics are set to the same settings as the running system.
No Iptables, and DNS is setup. named is not running.

I can browse the web from ES5,
I can ping 192.168.1.99 from the 10.0.0.0 net.
But I cannot ping 192.168.1.1
IP6 is not used, NETWORK_IPV6=no, and modprobe config has alias net_ip_10 off, alias ipv6 off

It seems like an IP6 issue but ES5 may be behaving differently.

Any ideas?

Thanks

Martin
Scott Lurndal
2009-03-05 00:21:55 UTC
Permalink
This is a multi-part message in MIME format.
------=_NextPart_000_00FF_01C99CFB.A583C350
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
I have a ES 5 setup and have problems using it as a router.
network setup
10.0.0.0(eth0) ---- ES5 ---- (eth1)192.168.1.99 <------> =
LinksysBEFSX41 192.168.1.1
Now I have an identical server setup the same way running ES 3, and it =
works.
I have ip_forward =3D 1 and the Nics are set to the same settings as the =
running system.
No Iptables, and DNS is setup. named is not running.
I can browse the web from ES5,
I can ping 192.168.1.99 from the 10.0.0.0 net.
But I cannot ping 192.168.1.1
IP6 is not used, NETWORK_IPV6=3Dno, and modprobe config has alias =
net_ip_10 off, alias ipv6 off
It seems like an IP6 issue but ES5 may be behaving differently.
Any ideas?
Suggestion number 1: Turn off HTML posting in your news reader application.
Suggestion number 2: Please show ifconfig output for both interfaces
Suggestion number 3: Please show netstat -r output

scott
Jan Gerrit Kootstra
2009-03-05 13:51:10 UTC
Permalink
Post by Scott Lurndal
This is a multi-part message in MIME format.
------=_NextPart_000_00FF_01C99CFB.A583C350
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
I have a ES 5 setup and have problems using it as a router.
network setup
10.0.0.0(eth0) ---- ES5 ---- (eth1)192.168.1.99 <------> =
LinksysBEFSX41 192.168.1.1
Now I have an identical server setup the same way running ES 3, and it =
works.
I have ip_forward =3D 1 and the Nics are set to the same settings as the =
running system.
No Iptables, and DNS is setup. named is not running.
I can browse the web from ES5,
I can ping 192.168.1.99 from the 10.0.0.0 net.
But I cannot ping 192.168.1.1
IP6 is not used, NETWORK_IPV6=3Dno, and modprobe config has alias =
net_ip_10 off, alias ipv6 off
It seems like an IP6 issue but ES5 may be behaving differently.
Any ideas?
Suggestion number 1: Turn off HTML posting in your news reader application.
Suggestion number 2: Please show ifconfig output for both interfaces
Suggestion number 3: Please show netstat -r output
scott
Martin,


Also check your iptables firewall have you setup ip-rules for forwarding
there?


Kind regards,


Jan Gerrit Kootstra
Martin Riddle
2009-03-06 03:52:40 UTC
Permalink
Post by Jan Gerrit Kootstra
Post by Scott Lurndal
This is a multi-part message in MIME format.
------=_NextPart_000_00FF_01C99CFB.A583C350
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
I have a ES 5 setup and have problems using it as a router.
network setup
10.0.0.0(eth0) ---- ES5 ---- (eth1)192.168.1.99 <------> =
LinksysBEFSX41 192.168.1.1
Now I have an identical server setup the same way running ES 3, and it =
works.
I have ip_forward =3D 1 and the Nics are set to the same settings as the =
running system.
No Iptables, and DNS is setup. named is not running.
I can browse the web from ES5,
I can ping 192.168.1.99 from the 10.0.0.0 net.
But I cannot ping 192.168.1.1
IP6 is not used, NETWORK_IPV6=3Dno, and modprobe config has alias =
net_ip_10 off, alias ipv6 off
It seems like an IP6 issue but ES5 may be behaving differently.
Any ideas?
Suggestion number 1: Turn off HTML posting in your news reader application.
Suggestion number 2: Please show ifconfig output for both interfaces
Suggestion number 3: Please show netstat -r output
scott
Martin,
Also check your iptables firewall have you setup ip-rules for
forwarding there?
Kind regards,
Jan Gerrit Kootstra
Thanks for the responses guys. I just figured it out, I do need to use
iptables NAT to masquerade the 10.0.0.0 subnet.
Apparently, the routers old firmware might have been the culprit,
because it happily returned replies to the 198.168.1.x nic
I remember setting up the old box a few years ago with out iptables and
it worked like a charm. Later I added NAT to iptables. Perhaps NAT was
set in the router. But then it shouldn’t have passed the 10.0.0.x
packets. The firmware was updated for a cable connection 6 month or so
ago. And I noticed that with iptables off , it didn’t work, I had
forgotten about this.
And with luck Verizon updated my home router today that’s when things
started coming together. With Centos5, I could see the ping requests
with tcpdump, but no replies.

All I can say is duh.

Cheers

Loading...