LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 12-20-2013, 02:54 PM   #1
RileyTheWiley
Member
 
Registered: Dec 2007
Posts: 59

Rep: Reputation: 15
Question Simple problem with ip addressing and ping


Machines:
Linux Fedora 19 machine, no GUI, IP address is 10.200.201.xxx, netmask is 255.255.255.0, broadcast is 10.200.201.255

Windows machine IP address is 192.168.xxx.xxx, same netmask, gateway is 192.168.1.1.

Both machines can see the wide world of the internet, ping of external hosts works, can 'yum install' from linux , etc.

Linux machine can ping windows machine :-)

Windows machine cannot ping Linux machine ... times out. :-( No other windows machines in the office can see that linux box, but they see each other. No other incoming cxns e.g. ssh, telnet work at all - they all time out. This is the problem.

Linux machine can ping localhost and it's own IP address. I have used iptables to enable ICMP packets, no apparent changes.

Net config is:
linux --> ethernet --> router -->ethernet-->wireless router/gateway "FOO" --> the world

and
windows-->wireless --> wireless router/gateway "FOO" (yes, the same one) --> the world.

What is going on?
 
Old 12-20-2013, 03:02 PM   #2
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573

Rep: Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142
The linux machine is behind its own router, on its own subnet. It can see anybody in the "parent" subnet, but machines in the parent subnet can't see it. It's the same reason why I can't ping your windows machine using its 192.168.xxx.xxx address from my computer, not only would my machine not know how to access your 192.168.xxx.xxx address since it's on a private LAN, your router would block it anyway, just like the router hosting the linux subnet is blocking incoming connections from outside. It doesn't know that "outside" is just another level of your LAN, as far as its concerned "outside" is the big nasty web and it's protecting the linux box from intruders.

You would need to add port forwarding in the router hosting the linux subnet if you want to be able to punch through it (and you would need to connect to the router's IP, not the linux box's IP).

Is there any particular reason the linux machine is on its own subnet and not a part of the bigger one?

Last edited by suicidaleggroll; 12-20-2013 at 03:06 PM.
 
2 members found this post helpful.
Old 12-20-2013, 03:28 PM   #3
RileyTheWiley
Member
 
Registered: Dec 2007
Posts: 59

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by suicidaleggroll View Post
Is there any particular reason the linux machine is on its own subnet and not a part of the bigger one?
Yes, I was working with a piece of hardware that had a hardcoded IP address and required it's clients to be on the same subnet. The router was configured accordingly.
 
Old 12-25-2013, 11:30 PM   #4
wildwizard
Member
 
Registered: Apr 2009
Location: Oz
Distribution: slackware64-14.0
Posts: 875

Rep: Reputation: 282Reputation: 282Reputation: 282
You need to either
1. Setup the wireless router to route packets to the 10.200.201.x block via the other router (if it can handle that sort of config)
2. Setup the Windows machine's routing table manually so that it knows how to get to the 10.200.201.x block via the other router.
 
Old 01-02-2014, 05:50 AM   #5
liam662
LQ Newbie
 
Registered: Jan 2014
Posts: 3

Rep: Reputation: Disabled
I dont think that it is a routing issue as the pings from the Linux box respond, proving that there are routes to and from the two different subnets. Without knowing more it could be the way that the firewall on the Linux box is setup. Did you set the rules on the firewall/Iptables to only allow established/related connections to pass through it? If so then the pings from Windows machines will be failing as the pings are outside connections that did not originate from the Linux LAN so will be getting blocked by your Firewall/Iptables.
 
Old 01-02-2014, 07:38 PM   #6
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573

Rep: Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142
Quote:
Originally Posted by liam662 View Post
I dont think that it is a routing issue as the pings from the Linux box respond, proving that there are routes to and from the two different subnets.
I can ping google.com from my computer at 192.168.1.2, but google can't ping my computer at the same address. Why? Because that address is on a local subnet behind a router. Somebody sitting at their desk at google.com could try pinging 192.168.1.2, but it would never reach my computer. Not only would their machine have NO idea how to access that address (since it's a private IP on my local network), but even if they knew where to look, my router would block it.

This is the exact same scenario as the Linux box the OP is dealing with. It is on a private LAN behind a router. The fact that the router's WAN port is plugged into another LAN instead of the WWW is irrelevant, you can consider the "higher level LAN" (the one the Windows boxes are on) as the WWW, and all of the machines on it as random computers on the internet anywhere on the globe. They have no idea what 10.200.201.xxx means. It's not on their subnet, which means it's "somewhere else". That's what the netmask says. 255.255.255.0 means "if I try to connect to an IP that matches the first three sets of my own (with anything for the 4th set), then it's on the local network and I can access it directly, otherwise it's remote and I need to go through the gateway". Since 10.200.201 does not match 192.168.1, the Windows boxes are going to go through the gateway to the WWW to try to find it, and they never will.

Going up through layered subnets (his Linux box to his Windows boxes) is easy, going down (Windows boxes to the Linux box) is hard and requires special routing and port forwarding so that the Windows machines know how to reach the destination.

Just think of the steps you need to take to access your machine on your local network from the WWW. You can't connect to the machine's private IP, you need to connect to the router's public IP and configure the router to forward the connection to your computer's address on the local network. Same deal here. The Windows boxes can't connect straight to the Linux box's private IP, they need to connect to the Linux router's public IP (on the 192.168.1 subnet), and the router needs to be configured to then push that connection to the Linux box's IP on the private network (10.200.201.xxx).

Last edited by suicidaleggroll; 01-02-2014 at 07:46 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
I.P addressing for simple screened subnet architecture methodtwo Linux - Networking 5 01-14-2011 07:34 AM
simple networking problem can ping gateway but not out centosnewbie Linux - Networking 5 09-15-2006 08:25 AM
Simple question about command syntax ping/log ping results ohalnet Linux - Networking 1 07-25-2006 04:46 AM
Problem with IP Addressing orko Linux - Networking 3 01-14-2005 03:54 PM
Simple Ping problem bkesting Linux - Networking 11 11-30-2004 02:53 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:15 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration