Re: managing another network route, can't connect to it! Pls see!
Hi, everything is ok now! :)
thanks 2everyone..
--
thanks,
louie miranda
----- Original Message -----
From: "louie miranda" <lmiranda@Chikka.com>
To: <debian-user@lists.debian.org>; "jereme" <jereme@rmcnet.cc>
Sent: Thursday, February 27, 2003 9:32 AM
Subject: Re: managing another network route, can't connect to it! Pls see!
> > For the hosts on the 10.0.0.0/16 network, like your ws, you have to
> > add a route for the 192.168.129.0/24 network via 10.0.0.2, axactly as
> > you have done for the linux gateway.
>
> I already add another route to 192.168.129.x via 10.0.0.2, below are my
> kernel route
>
> - my kernel routing table GW ------------------------------
> panic:~# route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 203.190.72.104 0.0.0.0 255.255.255.248 U 0 0 0
eth0
> 192.168.129.0 10.0.0.2 255.255.255.0 UG 0 0 0
eth1
> 10.0.0.0 0.0.0.0 255.255.0.0 U 0 0 0
eth1
> 0.0.0.0 203.190.72.110 0.0.0.0 UG 0 0 0
eth0
> -----------------------------------------------------------
>
> ===
>
> I did another ip block over 192.168.129.x, ip is 192.168.129.50 - just a
> test of mine.
> Now i can access 192.168.129.50 directly on my workstation, but left is i
> can't access
> still 192.168.129.x block, and yet except for .50.
>
> - i add another ip over 192.168.129.x block ---------------
> eth1:2 Link encap:Ethernet HWaddr 00:60:08:1F:21:5B
> inet addr:192.168.129.50 Bcast:192.168.129.255
> Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> Interrupt:9 Base address:0xb400
> -----------------------------------------------------------
>
> ===
>
> > As it stands now, if the 10.0.0.0/16 hosts have only a local route and
> > a default route, they are sending datagrams bound for the
> > 192.168.129.0/24 network to their default gw. Though this is not as
> > efficient as having those hosts use the 10.0.0.2 router, it does save
> > you the headache of setting static routes on each system. To get this
> > to work, I would suspect the problem lies in the filtering and
> > mangallind rules on the gw. You can post those rules, if you are
> > comfortable with that and you want more help.
>
> Below are my iptables rules (w/ nat). Yes i guess its on filtering on my
gw.
> Anyhow, here are my iptables rules again.
>
> - iptables rules ------------------------------------------
> panic:~# iptables -nL --line-num
> Chain INPUT (policy ACCEPT)
> num target prot opt source destination
>
> Chain FORWARD (policy DROP)
> num target prot opt source destination
> 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED
> 2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
> 3 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags
0
> level 4
>
> Chain OUTPUT (policy ACCEPT)
> num target prot opt source destination
> -----------------------------------------------------------
>
>
> - iptables nat rules --------------------------------------
> panic:~# iptables -nL --line-num -t nat
> Chain PREROUTING (policy ACCEPT)
> num target prot opt source destination
> 1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:80
> redir ports 3128
>
> Chain POSTROUTING (policy ACCEPT)
> num target prot opt source destination
> 1 MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0
>
> Chain OUTPUT (policy ACCEPT)
> num target prot opt source destination
> -----------------------------------------------------------
>
>
> ===
>
> Its only simple rules for iptables, wish someone could give me some light
on
> my problems.
>
>
>
>
>
> --
> thanks,
> louie miranda
>
> ----- Original Message -----
> From: "jereme" <jereme@rmcnet.cc>
> To: <debian-user@lists.debian.org>
> Sent: Wednesday, February 26, 2003 11:04 PM
> Subject: Re: managing another network route, can't connect to it! Pls see!
>
>
> > Hi Louie,
> >
> > "louie miranda" <lmiranda@chikka.com> writes:
> > > Consider the following network: (kindly view the attached txt file for
a
> > > nicer one)
> > >
> > > inet
> > > |
> > > |
> > > |203.190.72.108
> > > *-----------------*
> > > 10.0.0.1| eth0 |none
> > > /----|eth1 eth2|------\ new
> network
> > > block pipe
> > > | | LINUX GW | line cut
*--------*
> > > 192.168.129.x/24 (network)
> > > | *-----------------* |
|
> > > 10.0.0.2, gw for 192.168.129.x/24 block under LINUX GW
> > > | | 192.x
|
> > > | |
|
> > >
*HUB*-----------------------------------------*--------*
> > > | cisco
> 2600
> > > router ip of this router is: 10.0.0.2
> > > |
> > > |
> > > *--* *--* *--*
> > > | | | | | |
> > > | | | | | |
> > > *--* *--* *--*
> > > workstations
> > > 10.0.0.0/16 block
> > >
> > >
> > > interface:
> > > - eth0 = 203.190.72.108, default gw.
> > > - eth1 = 10.0.0.0/16, local area network.
> > > - eth2 = none
> > >
> > >
> > >
> > > ===========
> > >
> > > Right now im inside 10.0.0.0/16 block, my ip is 10.0.0.11 and my
default
> gw
> > > is via 203.190.72.108.
> >
> > I think that you mean your default gateway is 10.0.0.1, if your ws has
> > a /16 netmask, as you say.
> >
> >
> > > I can access ip block 192.168.129.x on my LINUX GW perfectly. But when
> im on
> > > my workstations on
> > > 10.0.0.11 block i cannot even ping 192.168.129.x block. Which could be
> > > possibly be wrong?
> >
> > For the hosts on the 10.0.0.0/16 network, like your ws, you have to
> > add a route for the 192.168.129.0/24 network via 10.0.0.2, axactly as
> > you have done for the linux gateway.
> >
> > As it stands now, if the 10.0.0.0/16 hosts have only a local route and
> > a default route, they are sending datagrams bound for the
> > 192.168.129.0/24 network to their default gw. Though this is not as
> > efficient as having those hosts use the 10.0.0.2 router, it does save
> > you the headache of setting static routes on each system. To get this
> > to work, I would suspect the problem lies in the filtering and
> > mangallind rules on the gw. You can post those rules, if you are
> > comfortable with that and you want more help.
> >
> >
> >
> > hth,
> > jereme
> >
> > --
> > +--------------------------------------------------------------+
> > Jereme Corrado <jereme@restorative-management.com>
> > System Administrator
> > Restorative Management Corp.
> >
> > gpg: 1024D/9C39E1F0
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> >
> >
>
Reply to: