help with home networking setup and static routes

zoidb · 03-09-2009, 12:19 PM

In the below diagram router-a is an actiontec verizon fios router and router-b is a linksys router running openwrt.

I am having some trouble setting up two different networks, my first configuration was just router-a with one pc. I then added router-b and configured the lan to exist on a separate network.

both the wan interfaces on router-a and router-b are masquerading outgoing traffic.
Initially i have no static routes configured and this what I observe:

PC-a and PC-b can both connect to the internet fine
PC-b can see PC-a.
PC-a cannot see PC-b

I believe all of this is pretty straightforward and expected.

Now what I want to do is allow PC-a to see PC-b.
Through the verizon-fios crappy web interface I added a static route,
For the network 192.168.0.0/24, the gateway is 192.168.1.2

After making this change I can ping from PC-a to PC-b but I cannot intiate an ssh connection. Using wireshark I see the packets leaving 1.50 and arriving at 0.50, 0.50 is responding but I do not see the return packets at 1.50.
Is this because the outbound packets leaving the wan port of router-b are masqueraded as 1.50 and router-a are dropping them? Any ideas for how to allow PC-a to talk to PC-b?

Code:

(internet)
|
|    router-a (1.1)      router-b (1.2/0.1)
|  -------------     -------------
|--| wan | lan |-----| wan |  lan |  
   -------------     -------------
            |                 |
            |                 |
         PC-a (1.50)         PC-b(0.50)

rossonieri#1 · 03-09-2009, 02:11 PM

hi zoidb,

Quote:

Is this because the outbound packets leaving the wan port of router-b are masqueraded as 1.50 and router-a are dropping them?

that wasnt your router_a that drops the ssh - its your pc_a itself receiving reply from unknown host. your router_a LAN interface is the same subnet as router_b's wan (1.2) - so it wont drop anything other than traffic to other subnet.

Quote:

Any ideas for how to allow PC-a to talk to PC-b?

if you dont need MASQUERADE - you can just route :
pc_b to pc_a via 0.1 metric 1
pc_b to internet via 0.1 metric 10

pc_a to pc_b via 1.2 metric 1
pc_a to internet via 1.1 metric 10

HTH.

zoidb · 03-09-2009, 06:20 PM

thanks for the quick response.
I did what you suggested and was able to configure routes on the two hosts to get them to talk to each other. In my real configuration I have a few more machines hanging off of router_a; Without adding routes on each machine for the 1.0 and 0.0 networks, is it possible to configure the routers so that machines hanging off of rourter_a can see the machines hanging off of router_b?

rossonieri#1 · 03-09-2009, 11:42 PM

hi zoidb,

ok then, its nice to know it worked

Quote:

is it possible to configure the routers so that machines hanging off of rourter_a can see the machines hanging off of router_b?

not on router_a since you have 2 routes go to router_b and the internet.
so any machines that on router_a LAN should have this 2 routes : a default route to internet and 1 static to router_b LAN side. so they know which gateway to be use to reach any destinations.

the easiest method to do this is probably pushing those 2 routes using DHCP method.

on router_b LAN side - you can just put 1 default route to 0/0.

HTH.