Re: strange non-trivial routing problem
Hallo erstmal!
Jeff Katcher (Jeff_Katcher@canamera.com):
>
>
> Rainer Clasen wrote:
> >
> > Hi!
> >
> > This may be offtopic - its not debian-specific. But I'm not sure where to
> > ask at all (linux-net is announced as "development" list ...). I appreciate
> > pointers to the correct forum.
> >
> > Ok, first some ASCII-art to confuse the reader ;-)
> >
> > 10base2
> > |
> > V
> > NET_A
> > |--------------------------------------------- .... ---|
> > | | |
> > | NET_B | |
> > BOX_A ----------------------- BOX_B BOX_C
> > |
> > |NET_C ^
> > | |
> > | <-- 100baseTX crosslink
> > |
> > BOX_D
> >
> > As you can see BOX_A is my 100mbit router running 2.1.125. BOX_B is 2.0.35
> > with masquerading stuff turned on. BOX_B has a route to NET_C via BOX_A's IP
> > in NET_B. BOX_C's default route points to BOX_B.
> >
> > But: BOX_D can't connect/ping whatever to any IP on NET_A!! I traced a ping
> > to BOX_C by adding logged ACCEPT rules to BOX_A's and BOX_B's firewall: Ping
> > gets in to BOX_A, BOX_A sends it out to NET_A, BOX_C replies, BOX_B gets it,
> > and sends it out through NET_B - BUT BOX_A doesn't see it
> >
> > If I telnet from BOX_D to BOX_B, I get those <unknown> syslog entries known
> > from half-port scanning.
> >
> > Rainer
>
> Have you set up Firewalling through ipfwadm for BOX_B (or is it packet
> forewarding)?
No.
Rainer
--
KeyID=58341901 fingerprint=A5 57 04 B3 69 88 A1 FB 78 1D B5 64 E0 BF 72 EB
Reply to: