Re: strange non-trivial routing problem

[Rainer Clasen <bj@ncc.cicely.de>]

Hallo erstmal!

Jeff Katcher (Jeff_Katcher@canamera.com):
> 
> 
> Rainer Clasen wrote:
> > 
> > Hi!
> > 
> > This may be offtopic - its not debian-specific. But I'm not sure where to
> > ask at all (linux-net is announced as "development" list ...). I appreciate
> > pointers to the correct forum.
> > 
> > Ok, first some ASCII-art to confuse the reader ;-)
> > 
> >                     10base2
> >                       |
> >                       V
> >               NET_A
> >  |--------------------------------------------- .... ---|
> >       |                             |        |
> >       |            NET_B            |        |
> >     BOX_A ----------------------- BOX_B     BOX_C
> >       |
> >       |NET_C       ^
> >       |            |
> >       |     <-- 100baseTX crosslink
> >       |
> >     BOX_D
> > 
> > As you can see BOX_A is my 100mbit router running 2.1.125. BOX_B is 2.0.35
> > with masquerading stuff turned on. BOX_B has a route to NET_C via BOX_A's IP
> > in NET_B. BOX_C's default route points to BOX_B.
> > 
> > But: BOX_D can't connect/ping whatever to any IP on NET_A!! I traced a ping
> > to BOX_C by adding logged ACCEPT rules to BOX_A's and BOX_B's firewall: Ping
> > gets in to BOX_A, BOX_A sends it out to NET_A, BOX_C replies, BOX_B gets it,
> > and sends it out through NET_B - BUT BOX_A doesn't see it
> > 
> > If I telnet from BOX_D to BOX_B, I get those <unknown> syslog entries known
> > from half-port scanning.
> > 
> > Rainer
> 
> Have you set up Firewalling through ipfwadm for BOX_B (or is it packet
> forewarding)?

No. 



Rainer

-- 
KeyID=58341901 fingerprint=A5 57 04 B3 69 88 A1 FB  78 1D B5 64 E0 BF 72 EB