LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   help with home networking setup and static routes (https://www.linuxquestions.org/questions/linux-networking-3/help-with-home-networking-setup-and-static-routes-710282/)

zoidb 03-09-2009 12:19 PM
help with home networking setup and static routes
 
In the below diagram router-a is an actiontec verizon fios router and router-b is a linksys router running openwrt.

I am having some trouble setting up two different networks, my first configuration was just router-a with one pc. I then added router-b and configured the lan to exist on a separate network.

both the wan interfaces on router-a and router-b are masquerading outgoing traffic.
Initially i have no static routes configured and this what I observe:

PC-a and PC-b can both connect to the internet fine
PC-b can see PC-a.
PC-a cannot see PC-b

I believe all of this is pretty straightforward and expected.

Now what I want to do is allow PC-a to see PC-b.
Through the verizon-fios crappy web interface I added a static route,
For the network 192.168.0.0/24, the gateway is 192.168.1.2

After making this change I can ping from PC-a to PC-b but I cannot intiate an ssh connection. Using wireshark I see the packets leaving 1.50 and arriving at 0.50, 0.50 is responding but I do not see the return packets at 1.50.
Is this because the outbound packets leaving the wan port of router-b are masqueraded as 1.50 and router-a are dropping them? Any ideas for how to allow PC-a to talk to PC-b?

Code:
(internet)
|
|    router-a (1.1)      router-b (1.2/0.1)
|  -------------    -------------
|--| wan | lan |-----| wan |  lan | 
  -------------    -------------
            |                |
            |                |
        PC-a (1.50)        PC-b(0.50)

rossonieri#1 03-09-2009 02:11 PM
hi zoidb,

Quote:
Is this because the outbound packets leaving the wan port of router-b are masqueraded as 1.50 and router-a are dropping them?
that wasnt your router_a that drops the ssh - its your pc_a itself receiving reply from unknown host. your router_a LAN interface is the same subnet as router_b's wan (1.2) - so it wont drop anything other than traffic to other subnet.

Quote:
Any ideas for how to allow PC-a to talk to PC-b?
if you dont need MASQUERADE - you can just route :
pc_b to pc_a via 0.1 metric 1
pc_b to internet via 0.1 metric 10

pc_a to pc_b via 1.2 metric 1
pc_a to internet via 1.1 metric 10

HTH.

zoidb 03-09-2009 06:20 PM
thanks for the quick response.
I did what you suggested and was able to configure routes on the two hosts to get them to talk to each other. In my real configuration I have a few more machines hanging off of router_a; Without adding routes on each machine for the 1.0 and 0.0 networks, is it possible to configure the routers so that machines hanging off of rourter_a can see the machines hanging off of router_b?

rossonieri#1 03-09-2009 11:42 PM
hi zoidb,

ok then, its nice to know it worked :)

Quote:
is it possible to configure the routers so that machines hanging off of rourter_a can see the machines hanging off of router_b?
not on router_a since you have 2 routes go to router_b and the internet.
so any machines that on router_a LAN should have this 2 routes : a default route to internet and 1 static to router_b LAN side. so they know which gateway to be use to reach any destinations.

the easiest method to do this is probably pushing those 2 routes using DHCP method.

on router_b LAN side - you can just put 1 default route to 0/0.

HTH.


All times are GMT -5. The time now is 08:49 PM.