Hi, I decided to add a linux box between my DSL router/modem (GNET BB0060), and my Linksys router, to eventually act as a firewall. However, it seems that the packets that are coming from Linksys router, are not routing properly to my GNET modem. However, traffic that is initiated from the linux box makes its way to the router/modem without any issue, and routes to the Internet.
Here are some more details:
- 10.0.0.0 /30 between linux box and Linksys (linksys is 10.0.0.1 ... Linux box P2P is 10.0.0.2)
- 192.168.7.0 /24 between linux box and GNET router/modem (GNET is 192.168.7.1 .... Linux box is at 192.168.7.2)
linux:~ # netstat -ar
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.0.0.0 * 255.255.255.252 U 0 0 0 eth0
192.168.7.0 * 255.255.255.0 U 0 0 0 eth1
link-local * 255.255.0.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default 192.168.7.1 0.0.0.0 UG 0 0 0 eth1
linux:~ # arp -a
? (192.168.7.1) at 00:30:EB
6:4F:48 [ether] on eth1
? (10.0.0.1) at 00:06:25:9C:CB:7D [ether] on eth0
linux:~ # lspci
-- snip --
0000:00:09.0 Ethernet controller: Lite-On Communications Inc LNE100TX (rev 20)
0000:00:0b.0 Ethernet controller: D-Link System Inc RTL8139 Ethernet (rev 10)
-- snip --
Here's an example that it doesn't work. From a Windows workstation that connects to the Linksys, I can ping the LAN IP of the linux box at IP 10.0.0.2, as well as the WAN IP of the linux box at IP 192.168.7.2. However, I cannot ping the LAN (inside interface) of the GNET router/modem at IP 192.168.7.1. However, like I said before from the Linux box no problem :
linux:~ # ping 192.168.7.1
PING 192.168.7.1 (192.168.7.1) 56(84) bytes of data.
64 bytes from 192.168.7.1: icmp_seq=1 ttl=64 time=0.469 ms
64 bytes from 192.168.7.1: icmp_seq=2 ttl=64 time=0.406 ms
64 bytes from 192.168.7.1: icmp_seq=3 ttl=64 time=0.420 ms
--- 192.168.7.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.406/0.431/0.469/0.036 ms
If you look at the routing table provided earlier, dynamic routing seems to have done its job properly, where traffic from the Linux box routes to gateway 192.168.7.1.
Any idea what's going on? Oh, by the way, linux box is Suse 9.1, haven't touched anything regarding firewall yet, just chose the basic installation of Suse 9.1.