Re: routing
Thank You for Your time and answer, Jesús:
> Sorry for the long delay.
Please do not worry - I myself am often very busy. :)
That's why I like mail - reply when at ease.
> What's the machine that holds the 10.10.10.10 IP address? My bet is
> that it's some kind of router owned by your ISP; I don't know if
> located on your premises or those of your ISP. Am I right?
Yes, absolutely.
> > > 2) Can you ping 10.10.10.10 from host2?
> >
> > Yes.
>
> If I don't recall wrongly, host2 is your routing one, sitting in
> between your internal network and your Internet connection. Is this
> right?
Well. That's what we have here - just reminding so that everything was
fresh:
host1 <-> eth <-> host2 <-> ppp <-> Internet.
host1 has eth0 w/ 192.168.0.2
host2 has eth0 w/ 192.168.0.125 and ppp0 w/ 10.10.10.10
Internet 20.20.20.20
> > > 3) Can you ping 152.46.7.81 from host2?
> >
> > No.
>
> That's a known server on Internet; the one hosting www.tldp.org and
> it does return pings. That means that your routing host is unable to
> reach Internet. Is that true? Are you sure your only defined
> interfaces on host2 are lo, eth0 and eth1 and that the only firewall
> rules applied were the ones I provided?
The interfaces are: lo ppp and eth. Yes, I did as You said.
Jesús, we latter w/ another person some time ago, here, has discovered,
that all I needed to have for the host1 access to Internet was the
necessity for host2 to route the packets from Internet back to host1 -
that is masquerading. - Therefore it works. - I thought You have seen
the message. I the reason why we then continued our talk w/ You was that
You said that (or I have understood so) it is possible to make routung
other way than through iptables - as I understand, through routing
tables - the ones we see w/ ip command - is it correct/possible? - Or we
just waste one another's time? :)
> > > 4) Can you ping 192.168.0.3 from host2?
> >
> > Not ping but connect by ssh.
>
> Is there any firewall on host1? Are you sure your only defined
Well. there is another firewall.
> interfaces on host2 are lo eth0 and eth1 and that the only firewall
> rules applied were the ones I provided? No ping but ssh ability
Yes.
> smells strongly like a firewall problem, not one about routing.
Yea - I just ment here that there is traffic between the hosts - just
wanted to be honest w/ You. :) - It is true - the pings are just
blocked. But for the Internet connection it is open - related is in
INPUT chain.
> > > 5) Can you ping 192.168.0.125 from host1?
> >
> > Yes.
>
> Definetly there's some firewall-related problem hidden somewhere here.
Yes - masquerading. :)
> > > 6) Can you ping 20.20.20.20 from host1?
> >
> > No. - How it can if now masquerading on host2?
>
> Do you really mean "now masquerading" or "no masquerading"? If the
"no masquerading" of course - or it becomes illogical.
> > > 7) Can you ping 152.46.7.81 from host1?
> >
> > No.
>
> This was expected as this time.
>
> If you are still working out this problem, can you please start a
> thread anew providing topology/IP address space again? I already
> deleted these posts from my local spool and I'm having problems
> finding this thread on Debian's list servers.
Well. I have said already about solving of the problem And interest if
it is possible to go another way - through ip table routing - that is
not clear to me why it exists while there is iptables, for example -
is it not interchangeable?
As for the list search of the message:
http://lists.debian.org/debian-user/2010/10/msg01704.html
Thank, Jesús, for the attention You have paid to my problem - I do
appreciate it much.
Reply to:
- References:
- Re: routing
- From: "Jesús M. Navarro" <jesus.navarro@undominio.net>