Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 04-28-2005, 08:05 AM   #1
LQ Newbie
Registered: Apr 2005
Location: Montreal, Canada
Distribution: Ubuntu
Posts: 11

Rep: Reputation: 0
Linux box as a gateway/router

Hi, I decided to add a linux box between my DSL router/modem (GNET BB0060), and my Linksys router, to eventually act as a firewall. However, it seems that the packets that are coming from Linksys router, are not routing properly to my GNET modem. However, traffic that is initiated from the linux box makes its way to the router/modem without any issue, and routes to the Internet.

Here are some more details:

- /30 between linux box and Linksys (linksys is ... Linux box P2P is

- /24 between linux box and GNET router/modem (GNET is .... Linux box is at


linux:~ # netstat -ar
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface * U 0 0 0 eth0 * U 0 0 0 eth1
link-local * U 0 0 0 eth0
loopback * U 0 0 0 lo
default UG 0 0 0 eth1


linux:~ # arp -a
? ( at 00:30:EB6:4F:48 [ether] on eth1
? ( at 00:06:25:9C:CB:7D [ether] on eth0


linux:~ # lspci

-- snip --
0000:00:09.0 Ethernet controller: Lite-On Communications Inc LNE100TX (rev 20)
0000:00:0b.0 Ethernet controller: D-Link System Inc RTL8139 Ethernet (rev 10)
-- snip --


Here's an example that it doesn't work. From a Windows workstation that connects to the Linksys, I can ping the LAN IP of the linux box at IP, as well as the WAN IP of the linux box at IP However, I cannot ping the LAN (inside interface) of the GNET router/modem at IP However, like I said before from the Linux box no problem :

linux:~ # ping
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=64 time=0.469 ms
64 bytes from icmp_seq=2 ttl=64 time=0.406 ms
64 bytes from icmp_seq=3 ttl=64 time=0.420 ms

--- ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.406/0.431/0.469/0.036 ms


If you look at the routing table provided earlier, dynamic routing seems to have done its job properly, where traffic from the Linux box routes to gateway

Any idea what's going on? Oh, by the way, linux box is Suse 9.1, haven't touched anything regarding firewall yet, just chose the basic installation of Suse 9.1.
Old 04-28-2005, 10:37 AM   #2
Registered: Dec 2004
Location: Western Pennsylvania, USA
Distribution: Red Hat
Posts: 150

Rep: Reputation: 15
Are you using NAT on the Linux box? If not, then your problem is probably that the GNET router has no route to the 10 network. When it receives the ping from, it will look for a route to the 10 network so it can send a response. Not finding a route to the 10 network, it most likely will send the reply to it's default gateway which should be pointing to your ISP. What it does with the packet really depends on the software running on the router but it will not automatically forward the packet back through
If your GNET router supports static routes, you could configure a static route on it that says "to reach the network, send packets through". Many small DSL routers don't support static routes. Even if they do, some only support NAT on one subnet.
I have a small 3Com router at home. I tried to set up the same type of network you have with a Linux box acting as a firewall between my home network and the 3Com router that connects to the Internet. I can configure a static route on the 3Com router so that it will respond to pings from machines on the home network on the other side of the Linux box. However, the 3Com router will only preform NAT on the subnet that is actually attached to it's LAN interface so I couldn't reach the Internet from the home network.

The solution I ended up with was to set up IP Masquerading on the Linux box. That way, any packet that reaches the 3Com router from my home network has a source IP address of the interface on the Linux box that connects to the 3Com router. Basically I was using double NAT. It worked OK but there was a slight performance hit on the network because each packet had to be translated twice.

If the GNET router doesn't support static routes or it will only allow NAT on one subnet, your easiest option will be to use IP Masquerading on the Linux box if you want to use it as a firewall.
Another option is to use proxy ARP. If you're not familiar with it, it's more complicated to set up than IP masquerading.

Added Later:
After re-reading your post, I see that you also have a Linksys router in the mix which could make things even more complicated. Is it a router/switch combo where you could use it as only a switch or does it have to work as a router?

Last edited by cowanrl; 04-28-2005 at 10:41 AM.
Old 04-29-2005, 01:06 PM   #3
LQ Newbie
Registered: Apr 2005
Location: Montreal, Canada
Distribution: Ubuntu
Posts: 11

Original Poster
Rep: Reputation: 0
Your suggestion to add a static route route on the GNET, to announce network /30 to forward to gateway worked, thanks.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Using a Linux box as a residential gateway on my LAN LordFett Linux - Newbie 9 12-21-2005 05:20 PM
VPN gateway with linux BOX jobbe314 Linux - Networking 5 08-02-2005 09:43 PM
Linux box as Gateway to internet for Windows Network bickyz Linux - Networking 11 11-29-2004 06:06 PM
XP Box won't take DHCP information or an IP from Linux gateway Diademed Linux - Newbie 2 10-22-2004 05:47 PM
gateway for a linux router?? jmono Linux - Networking 12 11-17-2003 09:33 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:13 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration