Re: Fedora as Router - cannot get past gateway

From: P Gentry (rdgentry1_at_cablelynx.com)
Date: 02/21/04 

Date: 20 Feb 2004 22:56:13 -0800

john@jcrouse.com (John A. Crouse) wrote in message news:<aea9b6ef.0402200807.72309cef@posting.google.com>...
> I have a small block of public IP assigned me, and am connecting to
> the uplink via ADSL.
>
> I have the DSL working, (I am using the linux box right now to write
> this!), and my internal network can see the IP assigned to is for both
> sides of the network (eth0 and ppp0). I can ping and traceroute to
> each of these. They even do DNS resolution on the traceroute.
>
> I cannot get past that point. I have screwed with the "IP ROUTE"
> command so much, I am suprised any routing works at all.

You mean internal net cannot get out of the ppp0 interface and out to
the internet? Double check that ip forwarding is on -- it should be,
but always good to check. Are you using dhcp or is all config manual?

> Here is my setup scenario - I've changed IP #'s to protect the
> innocent!:
>
> ppp0 - 206.201.23.35 (static assigned IP via pppoe)

This is your interface to ISP?

> eth0 - 206.201.44.161 (beginning first usuable of 206.201.44.160/24)

This interface to internal net?

> On the network side, I have workstations configured w/ IP's of
> 206.201.44.162-190, and a gateway of 206.201.44.161
>
> here is my current IP Route list

Output of "route" is a bit easier to work with compared to "ip route"

> 0.0.0.0 via 206.201.44.161 dev eth0

This says that _any_ dst IP not listed below should travel out this
interface.
It is "hiding" the default gw. A similar looking form is used to set
up multiple gws, but not quite like this.

> 209.143.43.1 dev ppp0 proto kernel scope link src 206.201.23.35

Where is this 209.143.43.1 coming from?

> 206.201.23.35 dev eth0 proto kernel scope link src 206.201.44.161
> 206.201.44.161 dev eth0 scope link
The ethernet IP

> 206.201.44.0/24 dev eth0 proto static scope link
The net associated with this interface

> 169.254.0.0/16 dev eth0 scope link

This used to be evidence of a Win or Mac box that couldn't find a dhcp
server -- some Linux distros using it now. See:
http://www.petri.co.il/what's_apipa.htm

> 127.0.0.0/8 dev lo scope link
> default via 209.143.43.1 dev ppp0

This says that for any dst not covered by an entry, use this
interface. But your 0.0.0.0 in first line effectively covers _any_
dst!
 
> I am not even sure how the first line got there, probably some stupid
> attack I had in a vain attempt at making this work.
>
> I obviously do not understand this as much as I had previously
> thought.

Believe me, we all have that feeling when we can't get routing set up.
 It's usually something that makes you feel really dumb when you get
it fixed. Talk about salt in the wounds!

> What gives? What IP routes do I need to add? ...

Well it's not easy to say without some more info or good guessing.
Routing through a gw and maintaining a subnet can depend on every
host/interface being configured correctly.

> ...Or did I not compile
> the kernel correctly to do the advanced IP routing? (I understood it
> to be native to Fedora, but I am probably wrong).

You are correct that the ip commands of iprouteV2 are standard fare.

> Thanks in advance for any help you could give!
>
> John

See Ken's post and make sure you've got dhcp (if you're using it)
configured correctly or confirm with you ISP re: your subnet mask.
I'm assuming it's just a typo when you "hid" your IPs.

BTW -- especially when sending output of commands (very nice of you,
thanks) it also helps if you capture the actual command entered (eg.,
copy the command line if your in an xterm).

To really help if you still have problems, the output of:
[user@pbrain]$ /sbin/ifconfig /dev/[interface]
for each box/interface could be handy.

Be especially careful using ip commands -- they can get subtle and are
subject to "typo mystery effects". I stick with ifconfig and route as
much as possible.

hth,
prg
email above disabled

Relevant Pages

  • Re: Fedora as Router - cannot get past gateway
    ... >> command so much, I am suprised any routing works at all. ... Are you using dhcp or is all config manual? ... > This is your interface to ISP? ... we all have that feeling when we can't get routing set up. ...
    (comp.os.linux.networking)
  • Re: signle network interface with 2 IPs on different subnets
    ... Note that based on your routing table, 10.1.3.1 is not local to any ... Now you've set up a route for 10.1.3.0 as local to the machine ... The net 10.1.3.0 is *local* to your interface after you brought it up. ... The command you've typed makes no sense. ...
    (comp.unix.solaris)
  • Re: Traffic NOT moving through the correct network interface?
    ... Kernel IP routing table ... loopback interface, but that's not part of this problem. ... Everything is done by the kernel. ... Policy based routing requires you ...
    (alt.os.linux)
  • Re: Easiest/quickest method for very simple interfaces?
    ... > Michael speaks truth here wrt vim. ... >> thought on handling the interface. ... fool-proof switches instead of a single command line interface. ... I meant offering choices ...
    (comp.os.linux.misc)
  • Re: Fax routing
    ... the telnet command completed without trouble. ... Open Server Management ... "Enable SMTP Receipts e-mail receipts delivery" is enabled ... E-mail incoming routing method" ...
    (microsoft.public.windows.server.sbs)