[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: communicating between subnets

Dude - your ISP is being an arsehole...

  praveen@neb.rr.com
    SMTP error from remote mailer after MAIL
FROM:<criggie@criggie.dyndns.org>:    host kcmx01.mgw.rr.com
[24.94.163.190]: 550 5.7.1 Mail Refused - 202.0.42 - See
http://security.rr.com/mail_blocks.htm#security - 20030323

-----------------------------------------------------------------------
-------- On Thu, 04 Sep 2003 05:34:42 -0500
"Praveen Kallakuri" <praveen@neb.rr.com> wrote:

So you got this:
INTERNETINTERNETINTERNETINTERNETINTERNET
   |                       |
192.168.1.1           192.168.0.1
   |                       |
192.168.1/24          192.168.0/24

And you added this:
    \                     /
 192.168.1.125-laptop-192.168.0.125

> eth0: (subnet 1) 192.168.1.125
> eth1: (subnet 2) 192.168.0.125
> test client in subnet 1
> route 192.168.0.x requests to 192.168.1.125
> test client in subnet 2
> route 192.168.1.x requests to 192.168.0.125

Thats sounds okay to me - at first glance I thought you'd forgotten to
tell the other workstations about the new gateway.

> having done this, we were still not able to communicate between the
> test clients. both test clients can ping their respective interfaces
> on the laptop and even the interface in the other subnet. but they
> cannot communicate with each other. what are we doing wrong or what
> more do we have to do? 

I think that your new gateway needs to know that its allowed to forward
packets between those interfaces.

Try these commands to see if it all starts working:
/sbin/iptables --flush              empties the old rulesets
/sbin/iptables -P FORWARD ACCEPT    allows packets to be forwarded
/sbin/iptables -P OUTPUT ACCEPT     allows packets to leave the system
/sbin/iptables -P INPUT ACCEPT      allows packets into the system

Each machine will have to learn about the new gateway somehow - either
you configure each, or you tell the two gateways about the new
route/internal gateway available.

At last resort you could nat between these two interfaces with a command
like this...
#Route between eth0 and eth1
/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j SNAT
--to 192.168.0.125
/sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24
-o eth1 -j SNAT --to 192.168.1.125
Reply to: