Re: routing

To: debian-user@lists.debian.org
Subject: Re: routing
From: "Jesús M. Navarro" <jesus.navarro@undominio.net>
Date: Wed, 15 Dec 2010 03:53:44 +0100
Message-id: <[🔎] 201012150353.45048.jesus.navarro@undominio.net>
In-reply-to: <4ce3a255.ce7c0e0a.03ad.7972@mx.google.com>
References: <4cc82c7b.147c0e0a.2eba.18c6@mx.google.com> <201011050024.52354.jesus.navarro@undominio.net> <4ce3a255.ce7c0e0a.03ad.7972@mx.google.com>

Hi again, Sthu:

On Wednesday 17 November 2010 10:37:09 Sthu Deus wrote:
> Thank You for Your time and answer, Jesús:

Sorry for the long delay.

> Excuse me for long respond, please.
>
> > Regarding the questions, you *can* answer most of them, if not all.
> > Here they come again:
> >
> > 0) Just so we both can stablish to be working on known field.  Use
> > these routing/firewalling rules:
> >         /sbin/iptables -F
> >         /sbin/iptables -t nat -F
> >         /sbin/iptables -t mangle -F
> >
> >         /sbin/iptables -X
> >         /sbin/iptables -t nat -X
> >         /sbin/iptables -t mangle -X
> >
> >         /sbin/iptables -P INPUT ACCEPT
> >         /sbin/iptables -P OUTPUT ACCEPT
> >         /sbin/iptables -P FORWARD ACCEPT
> >
> >         echo "1" > /proc/sys/net/ipv4/ip_forward
> > 1) What does sit at 10.10.10.10?
>
> Sorry, I do not understand what You mean under "sit".

What's the machine that holds the 10.10.10.10 IP address? My bet is that it's 
some kind of router owned by your ISP; I don't know if located on your 
premises or those of your ISP.  Am I right?

> > 2) Can you ping 10.10.10.10 from host2?
>
> Yes.

If I don't recall wrongly, host2 is your routing one, sitting in between your 
internal network and your Internet connection.  Is this right?

> > 3) Can you ping 152.46.7.81 from host2?
>
> No.

That's a known server on Internet; the one hosting www.tldp.org and it does 
return pings.  That means that your routing host is unable to reach Internet.  
Is that true?  Are you sure your only defined interfaces on host2 are lo, 
eth0 and eth1 and that the only firewall rules applied were the ones I 
provided?

> > 4) Can you ping 192.168.0.3 from host2?
>
> Not ping but connect by ssh.

Is there any firewall on host1? Are you sure your only defined interfaces on 
host2 are lo eth0 and eth1 and that the only firewall rules applied were the 
ones I provided?  No ping but ssh ability smells strongly like a firewall 
problem, not one about routing.

> > 5) Can you ping 192.168.0.125 from host1?
>
> Yes.

Definetly there's some firewall-related problem hidden somewhere here.

> > 6) Can you ping 20.20.20.20 from host1?
>
> No. - How it can if now masquerading on host2?

Do you really mean "now masquerading" or "no masquerading"?  If the former, 
there should be no masquerading, if the latter, that was expected.  First I 
tried to diagnose the situation from a known config.  While it doesn't work 
as expected (and it still doesn't, I expected different answers for 3 and 4) 
is moot to move forward.

> > 7) Can you ping 152.46.7.81 from host1?
>
> No.

This was expected as this time.

If you are still working out this problem, can you please start a thread anew 
providing topology/IP address space again?  I already deleted these posts 
from my local spool and I'm having problems finding this thread on Debian's 
list servers.

Cheers.

Reply to:

Follow-Ups:
- Re: routing
  - From: Sthu Deus <sthu.deus@gmail.com>

Prev by Date: Re: compare two directory trees
Next by Date: Tracker status:debian.org:Error Requested download is not authorized for use with this tracker.
Previous by thread: Re: Postfix SASL SMTP AUTH help, please. [re-post from comp.mail.misc]
Next by thread: Re: routing
Index(es):
- Date
- Thread