Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
12-20-2013, 02:54 PM
|
#1
|
Member
Registered: Dec 2007
Posts: 59
Rep:
|
Simple problem with ip addressing and ping
Machines:
Linux Fedora 19 machine, no GUI, IP address is 10.200.201.xxx, netmask is 255.255.255.0, broadcast is 10.200.201.255
Windows machine IP address is 192.168.xxx.xxx, same netmask, gateway is 192.168.1.1.
Both machines can see the wide world of the internet, ping of external hosts works, can 'yum install' from linux , etc.
Linux machine can ping windows machine :-)
Windows machine cannot ping Linux machine ... times out. :-( No other windows machines in the office can see that linux box, but they see each other. No other incoming cxns e.g. ssh, telnet work at all - they all time out. This is the problem.
Linux machine can ping localhost and it's own IP address. I have used iptables to enable ICMP packets, no apparent changes.
Net config is:
linux --> ethernet --> router -->ethernet-->wireless router/gateway "FOO" --> the world
and
windows-->wireless --> wireless router/gateway "FOO" (yes, the same one) --> the world.
What is going on?
|
|
|
12-20-2013, 03:02 PM
|
#2
|
LQ Guru
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573
|
The linux machine is behind its own router, on its own subnet. It can see anybody in the "parent" subnet, but machines in the parent subnet can't see it. It's the same reason why I can't ping your windows machine using its 192.168.xxx.xxx address from my computer, not only would my machine not know how to access your 192.168.xxx.xxx address since it's on a private LAN, your router would block it anyway, just like the router hosting the linux subnet is blocking incoming connections from outside. It doesn't know that "outside" is just another level of your LAN, as far as its concerned "outside" is the big nasty web and it's protecting the linux box from intruders.
You would need to add port forwarding in the router hosting the linux subnet if you want to be able to punch through it (and you would need to connect to the router's IP, not the linux box's IP).
Is there any particular reason the linux machine is on its own subnet and not a part of the bigger one?
Last edited by suicidaleggroll; 12-20-2013 at 03:06 PM.
|
|
2 members found this post helpful.
|
12-20-2013, 03:28 PM
|
#3
|
Member
Registered: Dec 2007
Posts: 59
Original Poster
Rep:
|
Quote:
Originally Posted by suicidaleggroll
Is there any particular reason the linux machine is on its own subnet and not a part of the bigger one?
|
Yes, I was working with a piece of hardware that had a hardcoded IP address and required it's clients to be on the same subnet. The router was configured accordingly.
|
|
|
12-25-2013, 11:30 PM
|
#4
|
Member
Registered: Apr 2009
Location: Oz
Distribution: slackware64-14.0
Posts: 875
|
You need to either
1. Setup the wireless router to route packets to the 10.200.201.x block via the other router (if it can handle that sort of config)
2. Setup the Windows machine's routing table manually so that it knows how to get to the 10.200.201.x block via the other router.
|
|
|
01-02-2014, 05:50 AM
|
#5
|
LQ Newbie
Registered: Jan 2014
Posts: 3
Rep:
|
I dont think that it is a routing issue as the pings from the Linux box respond, proving that there are routes to and from the two different subnets. Without knowing more it could be the way that the firewall on the Linux box is setup. Did you set the rules on the firewall/Iptables to only allow established/related connections to pass through it? If so then the pings from Windows machines will be failing as the pings are outside connections that did not originate from the Linux LAN so will be getting blocked by your Firewall/Iptables.
|
|
|
01-02-2014, 07:38 PM
|
#6
|
LQ Guru
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573
|
Quote:
Originally Posted by liam662
I dont think that it is a routing issue as the pings from the Linux box respond, proving that there are routes to and from the two different subnets.
|
I can ping google.com from my computer at 192.168.1.2, but google can't ping my computer at the same address. Why? Because that address is on a local subnet behind a router. Somebody sitting at their desk at google.com could try pinging 192.168.1.2, but it would never reach my computer. Not only would their machine have NO idea how to access that address (since it's a private IP on my local network), but even if they knew where to look, my router would block it.
This is the exact same scenario as the Linux box the OP is dealing with. It is on a private LAN behind a router. The fact that the router's WAN port is plugged into another LAN instead of the WWW is irrelevant, you can consider the "higher level LAN" (the one the Windows boxes are on) as the WWW, and all of the machines on it as random computers on the internet anywhere on the globe. They have no idea what 10.200.201.xxx means. It's not on their subnet, which means it's "somewhere else". That's what the netmask says. 255.255.255.0 means "if I try to connect to an IP that matches the first three sets of my own (with anything for the 4th set), then it's on the local network and I can access it directly, otherwise it's remote and I need to go through the gateway". Since 10.200.201 does not match 192.168.1, the Windows boxes are going to go through the gateway to the WWW to try to find it, and they never will.
Going up through layered subnets (his Linux box to his Windows boxes) is easy, going down (Windows boxes to the Linux box) is hard and requires special routing and port forwarding so that the Windows machines know how to reach the destination.
Just think of the steps you need to take to access your machine on your local network from the WWW. You can't connect to the machine's private IP, you need to connect to the router's public IP and configure the router to forward the connection to your computer's address on the local network. Same deal here. The Windows boxes can't connect straight to the Linux box's private IP, they need to connect to the Linux router's public IP (on the 192.168.1 subnet), and the router needs to be configured to then push that connection to the Linux box's IP on the private network (10.200.201.xxx).
Last edited by suicidaleggroll; 01-02-2014 at 07:46 PM.
|
|
|
All times are GMT -5. The time now is 08:15 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|