routing problem

gerrit_daniels · 09-27-2006, 11:54 AM

I have a machine with 5 ethernet cards that I'm trying to configure as a router/firewall, but I'm having a problem. I'm using Mandriva linux 2006.

My modem/NAT-router is connected to eth4 and has the IP-address 192.168.254.1. The 4 other network cards are used to connect 4 different subnets. The computer also runs dhcpd for those 4 subnets. I haven't started configuring the firewall so that shouldn't be an issue (I think).

The network cards are configured as follows:

Code:

$ ifconfig | grep -E -e "(eth|lo|inet )"
eth0      Link encap:Ethernet  HWaddr 00:0C:F6:16:E9:E4
          inet addr:10.0.0.1  Bcast:10.0.0.255  Mask:255.255.255.0
eth1      Link encap:Ethernet  HWaddr 00:0C:F6:16:F0:B6
          inet addr:10.0.1.1  Bcast:10.0.1.255  Mask:255.255.255.0
eth2      Link encap:Ethernet  HWaddr 00:10:5A:67:1D:E4
          inet addr:10.0.2.1  Bcast:10.0.2.255  Mask:255.255.255.0
eth3      Link encap:Ethernet  HWaddr 00:10:5A:67:21:89
          inet addr:10.0.3.1  Bcast:10.0.3.255  Mask:255.255.255.0
eth4      Link encap:Ethernet  HWaddr 00:50:BA:E9:11:86
          inet addr:192.168.254.254  Bcast:192.168.254.255  Mask:255.255.255.0
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0

This is my routing table:

Code:

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.0.0        0.0.0.0         255.255.255.0   U     10     0        0 eth0
10.0.1.0        0.0.0.0         255.255.255.0   U     10     0        0 eth1
10.0.2.0        0.0.0.0         255.255.255.0   U     10     0        0 eth2
10.0.3.0        0.0.0.0         255.255.255.0   U     10     0        0 eth3
192.168.254.0   0.0.0.0         255.255.255.0   U     10     0        0 eth4
0.0.0.0         192.168.254.1   0.0.0.0         UG    10     0        0 eth4

And this is my dhcpd configuration:

Code:

$ cat /etc/dhcpd.conf
ddns-update-style ad-hoc;
authoritative;
option domain-name-servers 195.238.2.21,195.238.2.22;

subnet 10.0.0.0 netmask 255.255.255.0 {
    option routers 10.0.0.1;
    range 10.0.0.100 10.0.0.200;
}

subnet 10.0.1.0 netmask 255.255.255.0 {
    option routers 10.0.1.1;
    range 10.0.1.100 10.0.1.200;
}

subnet 10.0.2.0 netmask 255.255.255.0 {
    option routers 10.0.2.1;
    range 10.0.2.100 10.0.2.200;
}

subnet 10.0.3.0 netmask 255.255.255.0 {
    option routers 10.0.3.1;
    range 10.0.3.100 10.0.3.200;
}

When I login to the router/firewall, I can ping the modem and google.com.

When I connect a machine to one of the subnets it gets the correct information from the DHCP server. From this machine (eg 10.0.0.200) I can ping all the interfaces on the router/firewall (eg 192.168.254.254, 10.0.0.1, ...) but I can't ping the modem (192.168.254.1). So I'm thinking there is something wrong with my routing table. Can anybody tell my what I've done wrong?

I also checked the routing table on my home machine (the one I'm typing this message on) and here I also have an entry for the loopback interface. Can this be the cause of the problems?

arno · 09-27-2006, 05:45 PM

try this to enable routing and hope your kernel has routing enabled

echo "1" > /proc/sys/net/ipv4/ip_forward

gerrit_daniels · 09-28-2006, 02:08 PM

I tried "echo 1 > /proc/sys/net/ipv4/ip_forward", but it didn't solve my problem. I installed mandriva as a firewall/router so I think it should have routing enabled.

Any other ideas?