LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   non-default route to static host through gateway for ppp failover testing (https://www.linuxquestions.org/questions/linux-networking-3/non-default-route-to-static-host-through-gateway-for-ppp-failover-testing-720361/)

jrscandora 04-20-2009 04:28 AM
non-default route to static host through gateway for ppp failover testing
 
Hello Network Gurus in Linux-Land!

I have a routing table:

joe@rose:~$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
63.215.28.59 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
208.67.219.99 192.168.65.1 255.255.255.255 UGH 0 0 0 eth0
192.168.65.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
0.0.0.0 63.215.28.59 0.0.0.0 UG 0 0 0 ppp0
joe@rose:~$

and an eth0 interface:

joe@rose:~$ ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:01:03:ce:7c:51
inet addr:192.168.65.222 Bcast:192.168.65.255 Mask:255.255.255.0
inet6 addr: fe80::201:3ff:fece:7c51/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:278 errors:0 dropped:0 overruns:0 frame:0
TX packets:1299 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:181495 (181.4 KB) TX bytes:113809 (113.8 KB)
Interrupt:10

joe@rose:~$

That is not working the way I want it to!

My normal connection to the Internet from rose (192.168.65.222) is the default gateway out of my Linksys WRT54G at 192.168.65.1. When that fails, I fire up PPP and connect using my dial-up connection. But I want to kill PPP and go back to the fast connection as soon as it comes back up, so I had this idea to configure a route to a static host (208.67.219.99) out on the Internet and ping it every couple minutes via a daemon shell script (started by ppp's ip-up) to see if the eth0 interface can see the Internet yet. I had it working at one point, honest. But it's not working now, and I can't figure out why. When I do a:

joe@rose:~$ ping 192.168.65.1
PING 192.168.65.1 (192.168.65.1) 56(84) bytes of data.
ping: sendmsg: Operation not permitted
^C
--- 192.168.65.1 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

joe@rose:~$ ping 208.67.219.99
PING 208.67.219.99 (208.67.219.99) 56(84) bytes of data.
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
^C
--- 208.67.219.99 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1012ms

joe@rose:~$


I can't reach my gateway or the static host on the other side of it.

Any ideas what I am doing wrong?

And I thank you for your help!

-js

datopdog 04-20-2009 06:24 AM
I suspect two issues.

1. your ping command is not suid (ls -l `which ping`)
2. iptables is blocking icmp traffic out (iptables -vnL)

jrscandora 04-20-2009 11:26 PM
Thanks datopdog! Ping was setuid, it was iptables and therefore the firewall, dumb user error. I'm using firestarter, I think I'll have to look into something a bit more configurable, maybe shorewall.

datopdog 04-21-2009 02:20 AM
If you are looking for an iptables front end, also take a look at vuurmuur http://www.vuurmuur.org/trac/ its easy to use and produces rules that are easy to debug.


All times are GMT -5. The time now is 02:00 AM.