to help try and explain the problem i've tried to textulise my network below. Basically two subnets, with subnet 1 beig connected to the internet through a ADSL wireless router. each subnet has two hosts sitting on it with the RH server having to interfaces one in each subnet.

192.168.2.0 (subnet 2) 192.168.1.0 (subnet 1)
----------------------------- ------------------------------

RH 9.0 client (192.168.2.11) eth0




RH 9.0 server (192.168.2.10) eth0 <----> RH 9.0 server (192.168.1.11) wlan0




ADSL wireless router (192.168.1.1) <---> internet




MacOS X ibook (192.168.1.12) en1



now, i want to be able to ping anything on the 192.168.1.0 subnet from the RH 9 client on 192.168.2.11

If I run "ping 192.168.1.11" on the RH client its fine.
If I run "ping 192.168.1.12" on the RH client it just hangs.
ping 192.168.1.1 also hangs.

(IPtables on all RH hosts were stopped while testing/pinging)

If i run "tcpdump -i wlan0 | grep icmp" on the RH server i can see the ping being received and being replied to. However if I run
"tcpdump -i eth0 | grep icmp" on the RH server I only see the ping being sent, and no reply coming back. So the ping reply seems to be being dropped between the interfaces on the RH server, or dropped at the wlan0, and not "forwarded" to the eth0 and back to the client.

Not sure what to enable to correct this situation ??????

Below are the outputs from route -n on the client and the server

RH client :-

[root@hansolo root]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 192.168.1.11 255.255.255.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo

RH server :-

[root@vader root]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0

route to 192.168.2.0 not defined properly

try this on vader

hmm, not sure what mean by 192.168.2.0 not defined properly,

route del 192.168.2.0 wouldnt work, had to do

route del -net 192.168.2.0 netmask 255.255.255.0 dev eth0 to remove the entry, i then did the 2nd line you posted, which put the entry back in, route -n now shos the same -

[root@vader root]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0


??? ping / tcdump test shows the same problem.

Edit: brainfart, sorry.



are you runnung gated?

you need something to tell the server to route the traffic between wlan0 & eth0

there used to be a kernel config option for ip forwarding, but it seems to have gone away...

I'd do some homework on gated, or Firestarter http://firestarter.sourceforge.net

it's either that or turn on advanced routing in the kernel &

Thanks, hmm, I did already switch the IP_forwarding on , i.e, set it to "1" on the server (vader), before i did that i had "host is unreachable" error when i did the ping, after adding that ping just hangs. So to me it seems that the IP_forwarding is only working in one direction, from eth0 to wlan0, and not forwrding the traffic back. soo, wlan0 doesnt know what to do with traffic coming from 192.168.1.0. it doesnt know to send it to eth0 if its for 192.168.2.0... which is wierd, coz its in the rouing table.

Do the ADSL/802.11 router and the ibook know how to route back (through 192.168.1.11) to 192.168.2.0/24? You probably need to add a static route on both.

Have fun,
chris

That's what caught my attention the first time...


seems like
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

should be
192.168.2.0 0.0.0.0 255.255.255.0 UG 0 0 0 eth0

but I'm not sure if the second field should be
0.0.0.0

or

192.168.2.10

since it's free try dropping the route again

route del -net 192.168.2.0 netmask 255.255.255.0 dev eth0
then
route add -net 192.168.2.0 netmask 255.255.254.0 gw 192.168.2.10 dev eth0


if you tell it in this fashion that the route to 192.168.2.0 is through 192.168.2.10, it may figure it out...

I've never used a linux box as a router, but have set up multiple subnets using Cisco dedicated routers

HEY!!! I made it work.

here are the routing tables :-

hansolo (client, 192.168.2.11) :-

[root@hansolo root]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 192.168.2.11 255.255.255.0 UG 0 0 0 eth0
192.168.1.0 192.168.1.11 255.255.255.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo

vader (server, 192.168.2.10 and 192.168.1.11) :-

[root@vader root]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 192.168.2.10 255.255.255.0 UG 0 0 0 eth0
192.168.1.0 192.168.1.11 255.255.255.0 UG 0 0 0 wlan0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0

ibook (balrog, 192.168.1.12) :-

[balrog]:[root] >> route get 192.168.2.11
route to: 192.168.2.11
destination: 192.168.2.0
mask: 255.255.255.0
gateway: 192.168.1.11
interface: en1
flags: <UP,GATEWAY,DONE,STATIC,PRCLONING>
recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu expire
0 0 0 0 0 0 1500 0

running the cmd :- route add -net 192.168.2.0 192.168.1.11 255.255.255.0 on the ibook (balrog), was the final thing i did that made it work, as soon as i did that the ping on hansolo stopped hanging and started getting a reply.

The reason i didnt do that earlier was coz i could see the ping coming in on 192.168.1.11 (wlan0) on vader. BUT... I now realise that because ibook didnt know about 192.168.2.0 it couldnt send the packet with that network dest, the packet dest must have just had 192.168.1.0 network info, which is why it stopped at wlan0 (192.168.1.11), and vader couldnt forward it to 192.168.2.10 and onto 192.168.2.11 !!

phew.

well thanks to all your help, incl.. especially to bnice and bastard23 (are you sure you are not alter egos ? )) )

later,

inode100

and.... i just added a static route to the ADSL wireless router, dest addr 192.168.2.0, netmask 255.255.255.0 and gateway 192.168.1.11, now i can ping that box also from hansolo...

woo-hoo! :JAWA:

I love it when things work!
Have Fun

yeah! its great when you get that little bit of success... but now I want to look at setting up the Linux server as a "router" rather than just an IP forwarder.. if thats possible..i'm thinking that then i wont have to have a static route entry config'd on each and every host.. watch this space!!!

What do you see is the difference between a router and ip_forwarder?

Not sure yet So far i've had to enter details about the gateways and subnets in the route table of each host on my 2 subnets, to get inter-subnet traffic to find its way. I'm sure in large networks this isnt done, so i'm thinking that there must be a different method of routing the traffic ? Maybe i'm wrong. Do you know if there is more i can do here with the routing than just "IP_Forwarding" ?