aliasing/routing trouble

To: debian-firewall@lists.debian.org, euglug <eug-lug@efn.org>
Subject: aliasing/routing trouble
From: Cory Petkovsek <coryp@petersen-arne.com>
Date: Mon, 22 Jan 2001 16:57:53 -0800
Message-id: <[🔎] 20010122165753.F27678@cory-l.petersen-arne.com>
Hello all,

I'm having trouble getting ip aliasing to work.  I have tried a few different kernels, 2.2.18-1 and 2.2.17pre6-1.  

On my firewall, I have two nics, eth0 - private lan, eth1 - internet.  I want to setup two private networks on eth0. Once it's setup the way I think it should be, I can ping the outside world, I can ping my privat lan #1, but I cannot ping lan #2. Ping reports 'operation not permitted'.

On my laptop (running 2.4) this works just fine.  I add in the alias, don't even mess with the routing table, and can ping either lan.  

The two private lans are on the same physical network. 

Anyone have any suggestions or help for me?

Thanks!
Cory


Starting with a configured masquerading eth0/eth1 system, I type the following:

# ifconfig eth0:1 192.168.1.1 netmask 255.255.255.0
# ifconfig 

eth0      Link encap:Ethernet  HWaddr 00:01:02:72:FB:E4  
          inet addr:10.0.0.1  Bcast:10.255.255.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4770 errors:0 dropped:0 overruns:1 frame:0
          TX packets:1899 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          Interrupt:9 Base address:0xf800 

eth0:1    Link encap:Ethernet  HWaddr 00:01:02:72:FB:E4  
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:9 Base address:0xf800 

eth1      Link encap:Ethernet  HWaddr 00:50:04:13:33:89  
          inet addr:123.456.789.33 Bcast:208.130.234.35  Mask:255.255.255.252
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:211 errors:0 dropped:0 overruns:0 frame:0
          TX packets:230 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          Interrupt:10 Base address:0xf880 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:56 errors:0 dropped:0 overruns:0 frame:0
          TX packets:56 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
123.456.789.32  0.0.0.0         255.255.255.252 U     0      0        0 eth1
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         123.456.789.34  0.0.0.0         UG    0      0        0 eth1

# ping google.com -c 1
PING google.com (64.208.32.100): 56 data bytes
64 bytes from 64.208.32.100: icmp_seq=0 ttl=50 time=39.2 ms

# ping 10.0.0.5 -c 1
PING 10.0.0.5 (10.0.0.5): 56 data bytes
64 bytes from 10.0.0.5: icmp_seq=0 ttl=128 time=0.9 ms

# ping 192.168.1.6
PING 192.168.1.6 (192.168.1.6): 56 data bytes
ping: sendto: Operation not permitted
ping: wrote 192.168.1.6 64 chars, ret=-1
ping: sendto: Operation not permitted
ping: wrote 192.168.1.6 64 chars, ret=-1
ping: sendto: Operation not permitted
ping: wrote 192.168.1.6 64 chars, ret=-1

--- 192.168.1.6 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
#

------- On my laptop:
# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:D0:59:18:02:C2  
          inet addr:10.0.0.20  Bcast:10.255.255.255  Mask:255.255.255.0
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:1944522 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1874197 errors:0 dropped:0 overruns:0 carrier:0
          collisions:91 txqueuelen:100 
          Interrupt:5 

eth0:1    Link encap:Ethernet  HWaddr 00:D0:59:18:02:C2  
          inet addr:192.168.1.5  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          Interrupt:5 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16192  Metric:1
          RX packets:6266 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6266 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 

# ping 192.168.1.6
PING 192.168.1.6 (192.168.1.6): 56 data bytes
64 bytes from 192.168.1.6: icmp_seq=0 ttl=255 time=1.7 ms
64 bytes from 192.168.1.6: icmp_seq=1 ttl=255 time=0.1 ms
64 bytes from 192.168.1.6: icmp_seq=2 ttl=255 time=0.1 ms

--- 192.168.1.6 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.1/0.6/1.7 ms

# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1): 56 data bytes

--- 192.168.1.1 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss

# ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1): 56 data bytes
64 bytes from 10.0.0.1: icmp_seq=0 ttl=255 time=0.4 ms
64 bytes from 10.0.0.1: icmp_seq=1 ttl=255 time=0.3 ms
64 bytes from 10.0.0.1: icmp_seq=2 ttl=255 time=0.3 ms
64 bytes from 10.0.0.1: icmp_seq=3 ttl=255 time=0.3 ms

--- 10.0.0.1 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.3/0.3/0.4 ms
Reply to:
Prev by Date: Re: LIDS and debian
Next by Date: mppe kernel compilation doesn't work
Previous by thread: New debian package: firestarter
Next by thread: Re: aliasing/routing trouble
Index(es):
- Date
- Thread