What route to access daisy chained 2d router 192.168.1.1 after 192.168.0.1 (subnets?)

Emmanuel_uk · 04-26-2006, 07:02 AM

Hi,

I want to be abe to configure (via firefox), from PC1, on subnet 192.168.0.y., the wireless router at 192.168.1.1. (for learning sake)
In other words what route is needed so that
PC1 eth0 0.y --> dlink 192.168.0.1 --> 192.168.1.1 (Below is a figure; dots are blanks / spacing).

Is this possible? From my reading it is looking like I have 2 subnets but no overarching network.
So it is looking bad.
Would router 192.168.0.1 (D-link 604) just happy to forward packets to 192.168.1.1?
It did not look good because pinging 192.168.1.1 via the ping menu in the web interface of 192.168.0.1 (D-link 604) did not work.
I am confused because the "Linux Network Administrator's Guide" says
"With the new networking code, subnetting is not limited to byte boundaries, so even a class
C network may be split into several subnets."

I was going to add (is this correct? already messed this up at home)
route add -net 192.168.1.0 netmask 255.255.255.0 metric 0 dev eth0
although I am wondering if I do not have the netmask wrong and should go for
route add -net 192.168.0.0 netmask 255.255.0.0 metric 0 dev eth0

this thread "192.168.2.1 network with 192.168.0.1? "
http://www.linuxquestions.org/questi...d.php?t=295385 make me think I rather need

route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.1 dev eth0

cable co modem
|
router dlink604 (firewall integrated) lives at 192.168.0.1 (4-ports) running DHCP
|...........|...........|...........|
eth0...eth0........|
PC1...PC2......Wireless WRT54GS router (4-port). Router lives at 192.168.1.1
........................|...........|...........|...........|
......................laptop

- I know, I could remove router dlink604 all together, but I like the challenge and the learning

- I could add a NIC to PC1 (too much challenge because then I need to learn about gateway?)
(saying that I have eth1 on PC1 that I used to test that the wireless router was alive).
- router dlink604 has IP 192.168.0.x where x can be chosen, but 192.168.0. *cannot* be changed.
- PCs are given IP address 192.168.0.y by the DHCP server of the router dlink604
- possibly Wireless router can be given any private fixed IP, so maybe I could swap the two routers (no challenge either)
os just set wireless router to 192.168.0.2 (I think it will remember after each power on/off cycle)

Need to run and check
ping -c1 192.168.1.1 (ping the wireless from PC1)
ip neigh show
Do I need / check echo 1 > /proc/sys/net/ipv4/ip_forward
maybe /proc/sys/net/ipv4/conf/eth0/forwarding (Enable or disable IP forwarding on eth0)
edit /etc/hosts and add the wireless router

Passing through "Linux Advanced Routing & Traffic Control HOWTO" did not help much.

Currently

Code:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.0.0     *               255.255.255.0   U     10     0        0 eth0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         dlink604        0.0.0.0         UG    10     0        0 eth0

Many thanks

Centinul · 04-26-2006, 11:38 AM

Quote:

Originally Posted by Emmanuel_uk

this thread "192.168.2.1 network with 192.168.0.1? "
http://www.linuxquestions.org/questi...d.php?t=295385 make me think I rather need

route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.1 dev eth0

I ran into a similar problem a while ago where I had the following configuration

192.168.1.x == Linksys Router == 192.168.10.99 --------- 192.168.10.1 == Firewall == Internet

In order to get communication to work I had to add the following route:
route add -net 192.168.1.0/24 gw 192.168.10.99

and voila it worked like a charm.

So along with my network diagram above I think you are definitely on the right track for getting this working. You could try the route above or try a modified version like this:
route add -net 192.168.1.0 netmask 255.255.255.0 gw WAN IP OF WRT54GS HERE dev eth0

I hope this helps!

Emmanuel_uk · 04-27-2006, 01:55 AM

Centinul, thanks for taking an interest in this.
I still cannot make the connection work. Can it be a DNAT issue?

I tried this

Quote:

route add -net 192.168.1.0 netmask 255.255.255.0 gw WAN IP OF WRT54GS HERE dev eth0

That is:
route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1 (WAN IP WRT54GS) dev eth0
(the wan port of the WRT54GS is connected to one of the port of the Dlink604)
I actually tried for hours deleting and adding some other routes

but still ping –c1 192.168.1.1 (WRT54GS default IP) does not answer (nor mozilla 192.168.1.1)

Both these are 1 (on PC1)
/proc/sys/net/ipv4/ip_forward
maybe /proc/sys/net/ipv4/conf/eth0/forwarding
I know I have set icmp_echo_ignore_all to 0 on PC1
/etc/hosts now have entry 192.168.1.1 wireless_router

I then looked again at the Dlink604, and found that I actually could change its main IP. (two menus are confusing)
So I did set it to 192.168.1.2 so I have only one LAN 192.168.1.x
I ran ethereal to get an idea of what was going through.
Ping did not get an answer, but there was some ARP negotiation.
So much so it reached PC1, and the arp table on PC1 had registered the name wireless_router.
Switching off WRT54GS, I could see DHCP negotiation, and the WRT54GS becoming 192.168.1.133, but still I could not ping 192.168.1.133 from either PC1 or from the DLINK (even when configured as 192.168.1.2
I have tried so many things that I need to redo them and record, just in case I missed something

What I need to test
- ip arp flush (so I start from clear sheet)
- Order in which devices are switched on
- Shorewall is pretty tight but syslog in the background picture does not show shorewall / iptable blocking anything. Nevertheless I may add an accept rule on PC1 net:IP_WRT54GS fw all.
- Do I need a DNAT option in shorewall? (have I got one already)
- Check that there is no default option in the WRT54GS (firewall that blocks access if not directly linked to the PC)
- Use the R option for ping to see if path can teach us anything

Am going to do some more reading (http://linux-ip.net/).
and post back when I have tested a few things
(I still want to get the two subnet solution to work, but will also try the one LAN option)

Centinul · 04-27-2006, 09:34 AM

I think we are at a slight misunderstanding. To clarify I need to ask a question. is your WRT54GS doing NAT? If so then most likely the WAN IP won't be the 192.168.1.1 that you mentioned. That IP is what the computers "behind" the WRT54GS see. There should be a different IP Address on the side that is connected to your D-Link. This is the address that I want you to try in the route.

I'll try and stew over your problem a little bit more. There has to be a solution (especially since I have a similar configuration).

Emmanuel_uk · 04-28-2006, 01:25 AM

Hi there,
>>is your WRT54GS doing NAT
It has the default configuration on, I will check if enabled.

>>If so then most likely the WAN IP won't be the 192.168.1.1
The doc says 192.168.1.1 is the default.
I know it is 192.168.1.1 because if I plug WRT54GS to eth1 direct
then I can access the web interface.
Saying that, god knows what happen during dhcp negotiation with Dlink604,
but if I remember well 192.168.1.1 is fixed and dhcp disabled by default
on the wrt54gs.

I tested this rule
route add -host wireless_192.168.1.1 gw IP_dlink_set_to_192.168.1.2

ping says hop to 192.168.1.1 and 192.168.1.1 is unreachable
but syslog say something else about hop being ignored?
(will post details another day, do not have Pc with me)

Thanks for you interest in this.

Centinul · 04-28-2006, 10:32 AM

The doc is correct when it says the IP is 192.168.1.1 by default. But that is the IP OF THE INTERNAL SIDE OF THE WRT. That is the side that your computers plug in to. The WAN Port is on a different VLan than the other 4 ports on the router. if you have the WAN port connected to the Dlink then the WRT is going to have a different IP address on the WAN side. The Dlink won't recognize it as 192.168.1.1 it will be what ever the dlink hands out if it does DHCP. What I recommend that you do is access the web interface of the WRT54GS and see if you can find any information about it's public IP. if your Dlink is doing DHCP then it's most likely handing out adresses on the 192.168.0.x subnet as you have listed in your first post. So most likely your WAN IP of the WRT is 192.168.0.x. I'm sorry if I'm not explaining this correctly. I just don't believe we are on the same page.

Emmanuel_uk · 05-05-2006, 01:47 AM

I have a partial solution.
(you were right about the wan address being different to the lan address. But the key for now was to move one of the cable)
Now then, I should be able to do better than that,
or create two subnets next and use the wan connector

Current solution is: Set router to 192.168.1.1.
Set static IP of WRT54GS to 192.168.1.2 (No DHCP) - I guess this is wan side.
Set local IP of router of WRT54GS to 192.168.1.3 - this the 4-port side.
(and also set default gateway to 192.168.1.1 in WRT54GS)
*Connect router to one of the 4-port of the WRT54GS not the wan port.* This was important

but not the best / logical thing, is it?
In this configuration, firefox can access http://192.168.1.3 directly (what I wanted)
from PC1 192.168.1.y eth0 => router 192.168.1.1 => WRT54GS on 192.168.1.3

Did not need to change the routing table:
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 10 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.1.1 0.0.0.0 UG 10 0 0 eth0

I suppose I could add (just for the sake of faster routing)
route add -host 192.168.1.3 gw 192.168.1.1 dev eth0