LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 07-24-2011, 02:28 PM   #1
skinnchip
LQ Newbie
 
Registered: Jan 2009
Location: toronto
Distribution: slack
Posts: 16

Rep: Reputation: 0
"newb" can't seem to setup gateway to route properly


greetings dear reader,

this is not a critical issue for me, i am simply experimenting to expand my own knowledge of Linux and networking with it.

basic problem:
i have setup a second machine with slackware 13.37, it is a "supermicro" which i picked up though my work. the idea was to set it up as a gateway and gradually expand my knowledge of sub networking, iptables, forwarding and the like. after a couple nights of forum searching and "o'reilly" book reading i am still unable to get a proper route working thru the "supermicro" to our dsl router.

what is setup?: i will start from my main machine simply calling it slackbox

slackbox: has two ethernet cards which i have given static ip's to
eth0 192.168.2.16 and eth1 192.168.3.11
eth0 (192.168.2.16) is connected to a switch and then to our dsl router, it is working, i'm using right now to work on this forum.
eth1 (192.168.3.11) is connected to the "supermicro" thru a cross-over cable, it also is working, pinging the "supermicro" works.
default gateway on slackbox is set to be 192.168.3.10 (the supermicro)

note: i only set slackbox's default as 192.168.3.10 when testing to see if the supermicro gateway will work

supermicro: also has two ethernet cards which i have given static ip's to
eth0 192.168.3.10 (this is the card with the cross-over cable connected)
pinging 192.168.3.11 (the slackbox) works.
eth1 192.168.2.24 is connected to our switch as well, it is working, pinging our dsl router works.
default gateway on supermicro is set in rc.inet.conf to be 192.168.2.1 (which is our dsl router)

i hope i have made it clear. I realize it sounds confusing, but all my machines have two ethernet cards. this has just made it easy for me to test the setup while still having internet access on slackbox.

yet when testing the gateway from slackbox thru supermicro i am getting "Destination Host Unreachable"

route info on supermicro looks like this:
192.168.3.0 * 255.255.255.0 u 0 0 0 eth0
192.168.2.0 * 255.255.255.0 u 0 0 0 eth1
loopback * 255.0.0.0 u 0 0 0 lo
default 192.168.2.1 0.0.0.0 UG 1 0 0 eth1

route info on slackbox is the same except default
default 192.168.3.10 0.0.0.0 UG 1 0 0 eth1

i figure so far im not entering "route" commands properly. being the supermicro doesn't seem to pass any requests from slackbox.
yet the supermicro itself will ping our dsl router and even www.google.com.

i find most forums, howtos, and even my o'reilly books seem to be vague as to which machine to perform commands on. when they are talking about the route command. simply saying things like (enter: route add default gw 192.168.X.X) this has lead me to try sum rather pokey attempts, thinking maybe i just misinterpreted sumthing.

if anyone has sum suggestions as to what i may be missing or have screwed up on, im listening!

lol

dann
 
Old 07-24-2011, 08:04 PM   #2
skinnchip
LQ Newbie
 
Registered: Jan 2009
Location: toronto
Distribution: slack
Posts: 16

Original Poster
Rep: Reputation: 0
update:

it seems clear to me now, over the last 4 or so hours. i don't know what im doing when setting my routing tables! hehe

i expressed that may routing tables on the supermicro look like this:

destination gateway genmask flags metric ref use iface

192.168.3.0 * 255.255.255.0 U 0 0 0 eth0
192.168.2.0 * 255.255.255.0 U 0 0 0 eth1
loopback * 255.0.0.0 u 0 0 0 lo
default 192.168.2.1 0.0.0.0 UG 1 0 0 eth1

this is the machine i am tiring to set up as a gateway/router between my dsl router and a slackbox

i have now read that these *'s mean nothing has been defined. :P
i can't seem to find any info on defining them, nor do i seem to be able to delete them.
route delete 192.18.3.0......
returns this
SIOCDELRT: No such process

i can define new routes! but i'm not sure if this confuses my system, not to mention looks supper sloppy.


needless to say, im still stumped for the night, but i am confident that this is my problem! LOL

tryin to keep a smile on me face
dann,
 
Old 07-25-2011, 03:23 PM   #3
baldy3105
Member
 
Registered: Jan 2003
Location: Cambridgeshire, UK
Distribution: Mint (Desktop), Debian (Server)
Posts: 876

Rep: Reputation: 184Reputation: 184
diagram.png

So this is what I interpret from your description, and it looks correct to me.

One thing you don't mention is IP forwarding. Have you enabled it? Try -

echo 1 > /proc/sys/net/ipv4/ip_forward

Last edited by baldy3105; 07-25-2011 at 03:27 PM.
 
Old 07-25-2011, 03:51 PM   #4
skinnchip
LQ Newbie
 
Registered: Jan 2009
Location: toronto
Distribution: slack
Posts: 16

Original Poster
Rep: Reputation: 0
hey! thats a great pic. thanks!

what you've drawn is perfect, the idea i have setup.

i did actually try enabling ip_forward exactly as u describe above,
but i didn't know how to check that it worked. ie. i don't know if its working when the system boots.

if ip_forward is running, then it's not what my problem is.

at work right now, i will have to look into that when i get home.

i very much appreciate ur work and reply! maybe it will help anyone else who may look at this thread.

so greatful,
dann
 
Old 07-25-2011, 04:08 PM   #5
baldy3105
Member
 
Registered: Jan 2003
Location: Cambridgeshire, UK
Distribution: Mint (Desktop), Debian (Server)
Posts: 876

Rep: Reputation: 184Reputation: 184
If you want the advice of an old network engineer, ALWAYS draw a picture. The stupid mistake you're making is normally obvious when you do!

Not in this case it seems.

*Edit*

DOH! the Stupid one is me! : Question - what route have you configured for 192.168.3.0 on the DSL router?

Your outbound traffic is likely fine, the return traffic is probably being black-holed by your router.

Last edited by baldy3105; 07-25-2011 at 04:10 PM. Reason: The obvious dawning on me a bit too late...
 
Old 07-25-2011, 08:32 PM   #6
skinnchip
LQ Newbie
 
Registered: Jan 2009
Location: toronto
Distribution: slack
Posts: 16

Original Poster
Rep: Reputation: 0
thanks Pete,

just got home, and im looking at what you are suggesting, unfortunately im not sure i understand.

Quote:
Question - what route have you configured for 192.168.3.0 on the DSL router?


i assumed since the supermicro is connected to our dsl router via eth1 on network 192.168.2.0 (which is the routers network)
I wouldn't need to define any routes for network 192.168.3.0 on the dsl router itself. (in other words, i didn't think
network 192.168.3.0 was even visible to the dsl router)

i always figured if a request from 192.168.3.0 was forwarded through a gateway onto a new network (in this case 192.168.2.0)
that any returned requests would be received by the gateway, thus be forwarded back onto 192.168.3.0, and hence to the machine that made the original request.

my logic on this may be completely off, i am a newb after all.

to sum that up, hehe, i have a picture in my head of how this is supposed to work. perhaps that picture isn't complete.

im wondering now, does my hardware (dsl router, supermicro, and any other hardware i add) require "return" (route)'s defined? (in other words again, are the routes i have defined only for leaving my network or subnetworks)?

i appreciate your question on this problem i have, it is making me think "outside my box" lol

sadly i can't answer what u have asked me.
if in fact i need to define a "route" in my dsl router, then i don't think my dsl router has that capability.
at least nothing that i can see in its settings. (and i do have the admin password to change anything i want in it)

the dsl router does claim to have a "default gateway" of its own, but im quite sure this is sum gateway belonging to my ISP.

hehe pheeew! long winded im sorry.

but does any of this make sense to you?
or am i screwed? lol

open to constructive criticism
dann
 
Old 07-25-2011, 09:20 PM   #7
frankbell
Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Mageia, Mint
Posts: 8,243

Rep: Reputation: 1557Reputation: 1557Reputation: 1557Reputation: 1557Reputation: 1557Reputation: 1557Reputation: 1557Reputation: 1557Reputation: 1557Reputation: 1557Reputation: 1557
I'll offer this as reference material: the best introduction to subnetting I have yet found.

Don't let the HTML 3.0 look fool you. The author write it in the HTML 3.0 days when he was on the faculty of a university (I think it was U. Colorado) and HTML 3.0 was the bee's knees. I am guessing he's retired or moved to a new job, so he just piped the whole website unchanged to his personal site.
 
Old 07-25-2011, 09:57 PM   #8
skinnchip
LQ Newbie
 
Registered: Jan 2009
Location: toronto
Distribution: slack
Posts: 16

Original Poster
Rep: Reputation: 0
thank you frank,

definitely appreciate anything that can be of help.

i know this has to be just one little thing, that i will slap my forehead over later.

makes it all the more enjoyable once i find it.


dann

p.s. i've had a few headbangers like that with slackware already
 
Old 07-26-2011, 12:08 AM   #9
skinnchip
LQ Newbie
 
Registered: Jan 2009
Location: toronto
Distribution: slack
Posts: 16

Original Poster
Rep: Reputation: 0
update:

i have learned now how to check that "ip_forward" is running, aswell as how to restart it if i ever need too.

aswell i know see it start at boot time, it may have been booting all along, not sure.


further, getting curious as to what is working and what is not: i realized

-from slackbox, i am able to ping the following, 192.168.3.10 (the supermicro) also 192.168.2.24 (the other side of supermicro)

from that i am amusing, or feel it is safe to amuse that "ip_forward" is working. (could be wrong on that assumption)

-traceroute confirms the same results.

-other than that i still can't ping anything else in the house (laptops, other computers, or DSL router)


just adding this before bedtime in case it means anything.

thanks again to frank for the additional info,

nighy night
dann
 
Old 07-26-2011, 04:44 PM   #10
baldy3105
Member
 
Registered: Jan 2003
Location: Cambridgeshire, UK
Distribution: Mint (Desktop), Debian (Server)
Posts: 876

Rep: Reputation: 184Reputation: 184
Ah, OK. If you create IP packets on most devices, unless you manually specify what source address the packets will carry, they will "collect" the IP address of the interface via which they leave the box.

If slackbox pings the internet and it goes via default route pointing at supermicro, then the ping will pick up a source address of 192.168.3.11 as it leaves eth1.

(This is obviously a simplification, but its an easy way to think about it)

The internet host will respond to this address. The DSL router must route this packet to its destination 192.168.3.11. Therefore it needs a return route of 192.168.3.0 255.255.255.0 via 192.168.2.24 to get the response to its destination.

In this case you could point this route at 192.168.2.16 and you would then have what we call asymmetric routing. The path out is not the same as the path back.

What you've got here is a fairly common mistake which is why I should have spotted it earlier.

Last edited by baldy3105; 07-26-2011 at 04:49 PM.
 
Old 07-26-2011, 11:28 PM   #11
skinnchip
LQ Newbie
 
Registered: Jan 2009
Location: toronto
Distribution: slack
Posts: 16

Original Poster
Rep: Reputation: 0
thanks for the clarification on what is happening!
it does make sense to me.

it only kinda leaves me with the problem of defining the route back (defining that within the DSL router is what it sounds like your saying)

unfortunately, (and i am sorry to say that word, hehe) may plan was to get this gateway (supermicro) running, and then disconnect 192.168.20.0 from slackbox.
it is currently only there to provide the internet i am otherwise lacking thru the gateway.

as well, im quite certain this dsl router does not have any provisions for supplying a route to a sub-network. (or a return gateway if u will)
if this is the case, meaning this is the problem. than i may need to look for a new dsl router. (its likly my ISP never intended for me to play with such ideas)

I truly appreciate your thoughts on this matter Pete!

but if there is no other way of making it work, (aside from new hardware, DSL router specifically) than You have done your best! and been of great help!

a friend has suggested to me to check such things as my "iptables" and any other security or routing services. "to be sure" he suggests that they are not causing my misfortune.
he understands that the system is freshly installed and is not likly to have anything setup that i wouldn't be aware of. yet i want to look at these things anyway, it is the reason
i am doing this after all.

i will have sum time in the next two days to look deeper at this, i will post what i finally find to be the remedy and mark it solved.

thanks again Pete, and thank you Frank for your help,
the link u provided is definitely worth newb's reading.

got my slack-T from slackware.com todee! yaaay!
(maybe i should wait till i figure this out to put it on) :S hehe

dann
 
Old 07-26-2011, 11:40 PM   #12
skinnchip
LQ Newbie
 
Registered: Jan 2009
Location: toronto
Distribution: slack
Posts: 16

Original Poster
Rep: Reputation: 0
i just had a thought!
(lol)

maybe i can define a rule with "iptables" that will allow the returning packets?

i will look and see, if not! please let me know so im not looking needlessly for an afternoon.

nighty night
 
Old 07-27-2011, 02:28 PM   #13
baldy3105
Member
 
Registered: Jan 2003
Location: Cambridgeshire, UK
Distribution: Mint (Desktop), Debian (Server)
Posts: 876

Rep: Reputation: 184Reputation: 184
I'd be surprised if your DSL router didn't have a page to add a route. I've used Linksys, Netgear, BT and Cisco DSL routers and they all had somewhere to add a route, even if it wasn't obvious.

If you google for the model and "manual" you'll normally find something.
 
Old 07-28-2011, 07:02 PM   #14
skinnchip
LQ Newbie
 
Registered: Jan 2009
Location: toronto
Distribution: slack
Posts: 16

Original Poster
Rep: Reputation: 0
Did some research on the DSL router i have, looked promising at first!

i figure Pete was telling me to look for settings like what is outlined in the PDF screen shot i have below:
2wire.png


sad part of this is, the DSL router i am "renting" from bell requires a password placed there by bell, to access this page of the router setup.

the page is part of a 2wire router (model 2701hg-g) "Management and Diagnostic Center"

it has been locked out by bell to keep "us" from fiddling with it.

i had a look online to see if just by chance someone knew what the password was. apparently no one does, hehe. only a bunch of suggestions for updating the firmware with another companies version.
that is just going to far for me to bother.

in the end, if this is what you were suggesting i look for Pete? then it seems i am done here.

i will inquire with bell regarding buying my own modem, or any alternatives they could suggest to get this working.

at this point i feel this thread has gotten away from its original purpose and should probably just be marked solved?, or skrewd by bell? one or the other lol!

if u have any last thoughts, i'll be checking back.

thanks folks for all your input!
i have learned a lot regardless, and im sure I'll be back with another problem of sorts!

beers and cheers,
dann
 
  


Reply

Tags
gateway, route, slackware


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Where should I configure the default gateway, "ifcfg-eth0" or "network"? huntkey Linux - Server 5 01-05-2009 10:41 AM
IPTABLES: interface on "192.168.1.0/24" won't route clients from "10.65.0.0" zivota Linux - Networking 2 06-09-2008 02:35 PM
"setup" or "elinks" text garbage displayed sr99 Red Hat 1 12-06-2006 08:43 PM
"mythtv-setup" giving "Session management error: Authentication Rejected" Mitchua Ubuntu 0 10-09-2005 05:32 PM
Route to subnet exists but I get "Network unreachable" when adding default route fciuffani Linux - Networking 4 08-18-2004 03:11 PM


All times are GMT -5. The time now is 10:44 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration