Re: strange non-trivial routing problem
Rainer Clasen wrote:
>
> Hi!
>
> This may be offtopic - its not debian-specific. But I'm not sure where to
> ask at all (linux-net is announced as "development" list ...). I appreciate
> pointers to the correct forum.
>
> Ok, first some ASCII-art to confuse the reader ;-)
>
> 10base2
> |
> V
> NET_A
> |--------------------------------------------- .... ---|
> | | |
> | NET_B | |
> BOX_A ----------------------- BOX_B BOX_C
> |
> |NET_C ^
> | |
> | <-- 100baseTX crosslink
> |
> BOX_D
>
> As you can see BOX_A is my 100mbit router running 2.1.125. BOX_B is 2.0.35
> with masquerading stuff turned on. BOX_B has a route to NET_C via BOX_A's IP
> in NET_B. BOX_C's default route points to BOX_B.
>
> But: BOX_D can't connect/ping whatever to any IP on NET_A!! I traced a ping
> to BOX_C by adding logged ACCEPT rules to BOX_A's and BOX_B's firewall: Ping
> gets in to BOX_A, BOX_A sends it out to NET_A, BOX_C replies, BOX_B gets it,
> and sends it out through NET_B - BUT BOX_A doesn't see it
>
> If I telnet from BOX_D to BOX_B, I get those <unknown> syslog entries known
> from half-port scanning.
>
> Rainer
Have you set up Firewalling through ipfwadm for BOX_B (or is it packet
forewarding)?
Reply to: