Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
SDN 101: An Introduction to Software Defined Networking
Discover the advantages of SDN.
SDN has quickly become one of the hottest trends in IT. But not all SDN solutions offer real software-defined functionality. As more enterprises consider SDN, they want to know, “What is SDN? And what are the real benefits?” If you're ready to explore the advantages of SDN, and want to know how it should be implemented within your enterprise, start by reading our introductory white paper.
Click Here to receive this Complete Guide absolutely free.
After the ppp link is established, my routes on FW1 are as follows:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.31.240.1 * 255.255.255.255 UH 0 0 0 ppp0
220.127.116.11 * 255.255.255.128 U 0 0 0 eth3
172.31.254.0 * 255.255.255.0 U 0 0 0 eth2
169.254.0.0 * 255.255.0.0 U 0 0 0 eth3
default 18.104.22.168 0.0.0.0 UG 0 0 0 eth3
Now, a client (172.31.254.50) on the left network tries to ping the remote firewall at 172.31.240.1 but it never reaches the destination. Similarly, this client can't ping any workstation on the right (172.31.244.50). So I added the route:
route add -net 172.31.241.0 netmask 255.255.255.0 dev ppp0
But still not working..... So, my questions are:
1. What routes do I have to add on FW1 to enable the left network to ping/access the remote firewall (FW2) and remote workstations (172.31.244.x)
2. What routes do I have to add to FW2 to enable the reverse?
3. What is the best place to add these routes so they are added & deleted as the tunnel goes up and down? (eg: in the event of a link failure)
To make things more interesting....here more info:
I can ping FW2 (172.31.240.1) from FW1. It correctly routes out FW1's ppp interface (172.31.241.1).
What's strange however, is that a workstation on the left LAN cannot ping FW2. The workstation has 172.31.254.1 (FW1 internal interface) set as its default gateway, but it appears that FW1 is routing the ping from the workstation out the EXTERNAL interface (22.214.171.124) and not out the PPP interface (172.31.241.1). (I can't be sure, but the tracert shows it going to devices not responding to tracert - just like my ISP's network).
Why would the firewall FW1 not route the workstation's ping out the ppp interface? Is this a major bug or something conceptual I'm missing here?
The route to 172.31.240.1 clearly exists in FW1's routing table, yet FW1 is not sending the packets to ppp interface if the come from the left LAN. Ideas?