Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
simple routing question [solved]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
dermund
Apprentice
Apprentice


Joined: 28 Aug 2007
Posts: 205
Location: Sprawl

PostPosted: Fri Jan 14, 2011 3:25 pm    Post subject: simple routing question [solved] Reply with quote

Hi,

I have a kind of newbish question:
I gave my window$ laptop the addresses 192.168.5.5 and later 192.168.100.5 (netmask 255.255.255.0 std gw 192.168.0.100) for fun and try to ping other machines in my lan (192.168.0.0 net). This didn't work with the routing table below:

Code:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.64.64.64     0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
192.168.100.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.5.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
127.0.0.0       127.0.0.1       255.0.0.0       UG    0      0        0 lo
0.0.0.0         10.64.64.64     0.0.0.0         UG    0      0        0 ppp0


How can I "link" the the subnets?


Last edited by dermund on Wed Jan 19, 2011 7:25 pm; edited 3 times in total
Back to top
View user's profile Send private message
kashani
Advocate
Advocate


Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco

PostPosted: Fri Jan 14, 2011 5:15 pm    Post subject: Reply with quote

Does your windows machine have an address on 192.168.0.0/24? If it doesn't, then your default gateway needs to know how to direct your packets to that network. When troubleshooting networking keep in mind that connected networks do not require routing and routing to an unconnected network (to your machine) needs routes that work in both directions. You need to route to the far end the far needs to know how to route back to you.

kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape.
Back to top
View user's profile Send private message
dermund
Apprentice
Apprentice


Joined: 28 Aug 2007
Posts: 205
Location: Sprawl

PostPosted: Fri Jan 14, 2011 5:33 pm    Post subject: Reply with quote

Hello kashani,

Quote:
If it doesn't, then your default gateway needs to know how to direct your packets to that network

Let's assume I give my windows machine the ip 192.168.5.101 and the default gateway 192.168.0.100.
Why does this table doesn't work?

Code:
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.5.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
127.0.0.0       127.0.0.1       255.0.0.0       UG    0      0        0 lo


What route do I have to add do make it go in both ways?
Another noobish question probably: What do you mean by "connected" and "unconnected" networks?
Back to top
View user's profile Send private message
kashani
Advocate
Advocate


Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco

PostPosted: Fri Jan 14, 2011 5:49 pm    Post subject: Reply with quote

That won't work. You can not have a gateway on a network you don't have an interface on.

If I have a machine with the interfaces eth0 and eth0:0 that have IPs 10.12.13.11/24 and 10.15.16.11/24 then I am connected to those networks. Any other network requires me to hit a gateway first before I can reach them. In your example you're connected to 192.168.5.0/24 and your gateway is not on that network therefore you can't reach it. That's why you don't see a gateway in your routing table, because Linux dropped it on the floor when it realized it was impossible.

kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape.
Back to top
View user's profile Send private message
dermund
Apprentice
Apprentice


Joined: 28 Aug 2007
Posts: 205
Location: Sprawl

PostPosted: Sat Jan 15, 2011 1:18 am    Post subject: Reply with quote

Hmm, right. :oops:

Thx for helping, kashani!
Back to top
View user's profile Send private message
dermund
Apprentice
Apprentice


Joined: 28 Aug 2007
Posts: 205
Location: Sprawl

PostPosted: Sat Jan 15, 2011 4:23 pm    Post subject: Reply with quote

On my router I made a tun device tun0 with
Code:
tunctl -t tun0
ifconfig tun0 192.168.5.100


Still I cannot ping from 192.168.5.5 to machines in 192.168.0.0/24.
Here are the relevant devices:

Code:
eth0      Link encap:Ethernet  HWaddr 00:30:18:a2:98:8e 
          inet addr:192.168.0.100  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::230:18ff:fea2:988e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:87444 errors:0 dropped:0 overruns:0 frame:0
          TX packets:115838 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:14267565 (13.6 MiB)  TX bytes:82217969 (78.4 MiB)
          Interrupt:11 Base address:0x2000

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:431 errors:0 dropped:0 overruns:0 frame:0
          TX packets:431 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:56426 (55.1 KiB)  TX bytes:56426 (55.1 KiB)

tun0      Link encap:Ethernet  HWaddr 82:8c:28:f0:e0:e3 
          inet addr:192.168.5.100  Bcast:192.168.5.255  Mask:255.255.255.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)


Here is the routing table:
Code:
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.64.64.64     0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
192.168.5.0     0.0.0.0         255.255.255.0   U     0      0        0 tun0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
127.0.0.0       127.0.0.1       255.0.0.0       UG    0      0        0 lo
0.0.0.0         10.64.64.64     0.0.0.0         UG    0      0        0 ppp0


The output of iptables-save:
Code:

*nat
:PREROUTING ACCEPT [5302:317574]
:INPUT ACCEPT [1828:120380]
:OUTPUT ACCEPT [13226:832942]
:POSTROUTING ACCEPT [943:74145]
-A POSTROUTING -o ppp0 -j MASQUERADE
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
# Completed on Sat Jan 15 17:19:26 2011
# Generated by iptables-save v1.4.6 on Sat Jan 15 17:19:26 2011
*mangle
:PREROUTING ACCEPT [245237:127390328]
:INPUT ACCEPT [160497:88033951]
:FORWARD ACCEPT [84618:39345792]
:OUTPUT ACCEPT [119324:63471710]
:POSTROUTING ACCEPT [203943:102817836]
COMMIT
# Completed on Sat Jan 15 17:19:26 2011
# Generated by iptables-save v1.4.6 on Sat Jan 15 17:19:26 2011
*filter
:INPUT ACCEPT [1289:151267]
:FORWARD ACCEPT [521:302713]
:OUTPUT ACCEPT [1105:170138]
-A INPUT -i tun+ -j ACCEPT
-A INPUT -i tap+ -j ACCEPT
-A FORWARD -i eth0 -j ACCEPT
-A FORWARD -i tun+ -j ACCEPT
-A FORWARD -i tap+ -j ACCEPT
-A OUTPUT -o tun+ -j ACCEPT
COMMIT


Or is it not that simple?
Back to top
View user's profile Send private message
kashani
Advocate
Advocate


Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco

PostPosted: Sat Jan 15, 2011 5:38 pm    Post subject: Reply with quote

The setup you've got below is a little confusing. Let me write what I think you need to build and maybe that'll make more sense.

machine1 = 192.168.0.5 netmask 255.255.255.0 default gw 192.168.0.1
machine2 = 192.168.5.5 netmask 255.255.255.0 default gw 192.168.5.1

router1 = 192.168.0.1 and 192.168.5.1 and 10.64.64.5 gw 10.64.64.1 and routing enabled using sysctl

Then in order to test machine1 ping its gw of 192.168.0.1. That'll almost always work unless there is a typo since there is no routing involved. No try to ping 192.168.5.1. In order for that to work your machine1's default route will have to be correct.

Now try the same thing from opposite machine2. First ping its default gw, then ping the gw of machine1. I don't believe routing has to work for these pings to work since your pinging interfaces on the router.

Assuming all of that works now have each machine try to ping each other. If this does not work, the problem in on the router.

Let me know how it goes.

kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape.
Back to top
View user's profile Send private message
dermund
Apprentice
Apprentice


Joined: 28 Aug 2007
Posts: 205
Location: Sprawl

PostPosted: Sat Jan 15, 2011 10:43 pm    Post subject: Reply with quote

Hello kashani,

Code:
...and routing enabled using sysctl

I have "net.ipv4.ip_forward = 1". Do you mean that?

10.64.64.64 is my ppp0 internet uplink. Can we please ignore that, if possible. I have the feeling that this will make test environment more complicated.
Besides that I have quite the setup you described, I have:

machine1 = 192.168.0.101 netmask 255.255.255.0 default gw 192.168.0.100
machine2 = 192.168.5.5 netmask 255.255.255.0 default gw 192.168.5.100
router1 = (see routing table)

Do you think the routing table is ok? I really have not much experience with routing.

Code:
Then in order to test machine1 ping its gw of 192.168.0.1. That'll almost always work unless there is a typo since there is no routing involved. No try to ping 192.168.5.1. In order for that to work your machine1's default route will have to be correct.

That works.
Code:
Now try the same thing from opposite machine2. First ping its default gw, then ping the gw of machine1. I don't believe routing has to work for these pings to work since your pinging interfaces on the router.

That doesn't work. I neither receive a pong from the machine2's default gw nor from the machine1's gw.
I also can see nothing if I try tcp connections from machine2 to somewhere, when I watch tun0 with tcpdump.

Also watch this:
Code:
tun0      Link encap:Ethernet  HWaddr 82:8c:28:f0:e0:e3 
          inet addr:192.168.5.100  Bcast:192.168.5.255  Mask:255.255.255.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

RX bytes: 0 ?
TX bytes: 0 ?
and
it is UP but not RUNNING!
This is also the first tun device I made, did I maybe forgot to plug its power cord in ? :o .
Can tun devices be used like this, at all?

I hope this is not all, too confusing :oops:
Back to top
View user's profile Send private message
Cocker68
Apprentice
Apprentice


Joined: 16 Jan 2003
Posts: 227
Location: Germany

PostPosted: Sat Jan 15, 2011 11:45 pm    Post subject: Reply with quote

Your tun0-device seems strange, dermund. A tun-device always has got a point-to-point-partner, but Yours doesn't.
Code:
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 
          inet addr:192.168.168.6  P-t-P:192.168.168.5  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:1279350 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1237399 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:588405402 (561.1 MiB)  TX bytes:259140726 (247.1 MiB)


- Cocker :wq
Back to top
View user's profile Send private message
dermund
Apprentice
Apprentice


Joined: 28 Aug 2007
Posts: 205
Location: Sprawl

PostPosted: Sun Jan 16, 2011 1:57 am    Post subject: Reply with quote

Hello Cocker68,

Quote:
Your tun0-device seems strange, dermund. A tun-device always has got a point-to-point-partner, but Yours doesn't.

So tun adapters won't do the job?
Is there a virtual ethernet adapter that can be routed ...and does the job?
Back to top
View user's profile Send private message
AngelKnight
Tux's lil' helper
Tux's lil' helper


Joined: 14 Jan 2003
Posts: 126

PostPosted: Sun Jan 16, 2011 7:56 am    Post subject: Reply with quote

dermund wrote:
machine1 = 192.168.0.101 netmask 255.255.255.0 default gw 192.168.0.100
machine2 = 192.168.5.5 netmask 255.255.255.0 default gw 192.168.5.100
router1 = (see routing table)


Please specify how machine2 connects to router1. I think this may be one of the missing pieces we need in order to assist you.

If router1 is a linux box, please oblige by providing the output for the following:

Code:
/sbin/ip addr show

Code:
/sbin/ip rule show

Code:
/sbin/ip route show
Back to top
View user's profile Send private message
dermund
Apprentice
Apprentice


Joined: 28 Aug 2007
Posts: 205
Location: Sprawl

PostPosted: Sun Jan 16, 2011 11:13 am    Post subject: Reply with quote

Hello AngelKnight,

machine2 is a windows box and connects to router1 over a switch.

router1 is a gentoo box:

ip addr show:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:30:18:a2:98:8e brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.100/24 brd 192.168.0.255 scope global eth0
    inet6 fe80::230:18ff:fea2:988e/64 scope link
       valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
    link/sit 0.0.0.0 brd 0.0.0.0
4: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 3
    link/ppp
    inet 10.45.120.115 peer 10.64.64.64/32 scope global ppp0
5: tun0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 500
    link/ether fa:13:0d:38:e9:f3 brd ff:ff:ff:ff:ff:ff
    inet 192.168.5.100/24 brd 192.168.5.255 scope global tun0


ip rule show:
0:   from all lookup local
32766:   from all lookup main
32767:   from all lookup default


ip route show:
10.64.64.64 dev ppp0  proto kernel  scope link  src 10.45.120.115
192.168.5.0/24 dev tun0  proto kernel  scope link  src 192.168.5.100
192.168.0.0/24 dev eth0  proto kernel  scope link  src 192.168.0.100
127.0.0.0/8 via 127.0.0.1 dev lo
default via 10.64.64.64 dev ppp0


ppp0 is a dial up link to an internet provider. eth0 is connected to the switch. tun0 is the abused tunnel device that doesn't work for that purpose?!
Back to top
View user's profile Send private message
AngelKnight
Tux's lil' helper
Tux's lil' helper


Joined: 14 Jan 2003
Posts: 126

PostPosted: Tue Jan 18, 2011 5:27 am    Post subject: Reply with quote

dermund wrote:
Hello AngelKnight,

machine2 is a windows box and connects to router1 over a switch.
router1 is a gentoo box:

ip addr show:
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:30:18:a2:98:8e brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.100/24 brd 192.168.0.255 scope global eth0
    inet6 fe80::230:18ff:fea2:988e/64 scope link
       valid_lft forever preferred_lft forever
5: tun0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 500
    link/ether fa:13:0d:38:e9:f3 brd ff:ff:ff:ff:ff:ff
    inet 192.168.5.100/24 brd 192.168.5.255 scope global tun0


ip route show:
10.64.64.64 dev ppp0  proto kernel  scope link  src 10.45.120.115
192.168.5.0/24 dev tun0  proto kernel  scope link  src 192.168.5.100
192.168.0.0/24 dev eth0  proto kernel  scope link  src 192.168.0.100
127.0.0.0/8 via 127.0.0.1 dev lo
default via 10.64.64.64 dev ppp0


ppp0 is a dial up link to an internet provider.


Right. Looks like ppp0 isn't part of this discussion, at least not at the moment.

Quote:
eth0 is connected to the switch. tun0 is the abused tunnel device that doesn't work for that purpose?!


So, IP-wise, it looks like you made mention of 3 separate networks:

192.168.0.0/24
- your router1 asserts 192.168.0.100/24 on this L3 network on its eth0
- your machine1 asserts 192.168.0.101/24 on this L3 network
192.168.5.0/24
- your router1 seems to assert 192.168.5.100/24 on this L3 network on its tun0 (??)
- your machine2 seems like it wants 192.168.5.5/24, using 192.168.5.100 as the g/w
192.168.100.0/24
- I dunno what this is for, and you don't seem to need it from your description so far

Are machine1, machine2 and router1 all connected on the same switch? If so, why not have your machine2 have a secondary IP on 192.168.0.X/24 on the same ethernet and call it a day? You don't need to traverse through router1 in this case.

If machine1 and machine2 are connected on separate switches, make sure machine2 has a route for 192.168.0.0/24 via 192.168.5.100, and machine1 has a route for 192.168.5.0/24 via 192.168.0.100, and machine2 and machine 1 will be convinced to talk to each other via the IP of router1 that is common for the L3 network in which each machine has an IP address.

If you want to do this without adding routes, your communications needs may be met with SNAT, but you may want to take a few steps back and ask yourself "what do you want to do?"

If what you want to do is to tinker around with networking, you may wish to give http://www.lartc.org/ a thorough reading first.
Back to top
View user's profile Send private message
dermund
Apprentice
Apprentice


Joined: 28 Aug 2007
Posts: 205
Location: Sprawl

PostPosted: Tue Jan 18, 2011 9:55 am    Post subject: Reply with quote

Hello AngelKnight,

I am almost sorry for this post right now :(
But as I stated in my first post this is just for fun. Of course I now that I could give my laptop an ip in the 192.168.0.0/24 subnet and things would just work.
But I am doing this for routing exercise. Because I don't have more than 1 physical ethernet port on my router and I now would need some virtual ethernet adapter.
All machines are connected to the same switch!
My question now is: Is there some virtual ethernet adapter that can be routed like this and can tun adapters be abused to do something like this?

Have a nice day
Back to top
View user's profile Send private message
dermund
Apprentice
Apprentice


Joined: 28 Aug 2007
Posts: 205
Location: Sprawl

PostPosted: Wed Jan 19, 2011 7:24 pm    Post subject: Reply with quote

Hey guys,

Why didn't you tell me about eth0:0 ;)
I just made a virtual ethernet interface with "ifconfig add eth0:0 192.168.5.100 up"
with this routing table:
Code:
nibbler ~ # ip route show
10.64.64.64 dev ppp0  proto kernel  scope link  src 10.74.124.142
192.168.5.0/24 dev eth0  scope link
192.168.0.0/24 dev eth0  proto kernel  scope link  src 192.168.0.100
127.0.0.0/8 via 127.0.0.1 dev lo
default via 10.64.64.64 dev ppp0


And now I can connect to teh internetz with clients in the address range 192.168.5.1-254

If I did anything horribly wrong, please tell me.
Back to top
View user's profile Send private message
kashani
Advocate
Advocate


Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco

PostPosted: Thu Jan 20, 2011 5:46 pm    Post subject: Reply with quote

We assumed no one would go through the trouble of creating tap0, tun0, sit0, etc unless you needed them. :-)

kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum