Subject: Re: Routing
To: dkwok <dkwok@iware.com.au>
From: Paul Goyette <paul@whooppee.com>
List: port-i386
Date: 09/10/2001 20:45:54
1. Make sure that your router can ping both the client 192.168.2.16 and
192.168.1.1. If the router cannot ping both, then the two of them
won't be able to ping each other.
2. What does "netstat -rn" and "netstat -in" say on your router? On
the client 192.168.2.16? On the target machine?
3. Does the target machine know how to send packets back to the client?
One of the most common mistakes is to think that if a ping fails, it
means that the machine can't send to the target; but ping is a
round-trip test, and it will fail in exactly the same manner if the
target doesn't have a route back to the originator. I would run
tcpdump on both interfaces of the router to see
a) icmp echo request arriving on the 192.168.2.1 interface
b) icmp echo request leaving on the 192.168.1.31 interface
c) icmp echo reply arriving on the 192.168.1.31
d) icmp echo reply leaving on the 192.168.2.1
I'd guess that a & b work, but c and d show nothing! So make sure
the target knows that it has to send packets to 192.168.1.31 if it
wants those packets to arrive on the 192.168.2.x network!
On Tue, 11 Sep 2001, dkwok wrote:
> Thanks.
>
> My problem is not having 192.168.2.16 pinging 192.168.1.1. I must have
> missed something. The routing server has 2 nic.
>
> 1. 192.168.1.31
> 2. 192.168.2.1
>
> Theoretically packets from 192.168.2.16 would go onto its 192.168.1.0. I
> make sure the kernel options gateway is activated. Are there any obvious
> things which I might have missed?
>
> David Kwok
> ----- Original Message -----
> From: Paul Goyette <paul@whooppee.com>
> To: dkwok <dkwok@iware.com.au>
> Cc: <port-i386@netbsd.org>
> Sent: Tuesday, September 11, 2001 12:44 PM
> Subject: Re: Routing
>
>
> > 1. Make sure you have a default route set in the client.
> >
> > 2. You'll need to turn on NAT if you want the client to reach the
> > outside world. Otherwise, you will not get any further than the
> > 192.168.1.x network.
> >
> > On Tue, 11 Sep 2001, dkwok wrote:
> >
> > > Sorry guys. The network diagram is like this:
> > >
> > > The purpose is to route 192.168.2.16 to the internet
> > >
> > > Network client 192.168.2.16
> > > |
> > > |
> > > routing server (see the routing table previously posted)
> > > wi0 IP 192.168.2.1
> > > rtk0 IP 192.168.1.23
> > > |
> > > |
> > > gateway computer
> > > (192.168.1.1) Internal IP
> > > (203.42.129.27)Public IP
> > > |
> > > |
> > > |
> > > INTERNET
> > >
> > > David Kwok
> > >
> >
> > ----------------------------------------------------------------------
> > | Paul Goyette | PGP DSS Key fingerprint: | E-mail addresses: |
> > | Network Engineer | BCD7 5301 9513 58A6 0DBC | paul@whooppee.com |
> > | & World Cruiser | 91EB ADB1 A280 3B79 9221 | pgoyette@juniper.net |
> > ----------------------------------------------------------------------
> >
> >
>
>
----------------------------------------------------------------------
| Paul Goyette | PGP DSS Key fingerprint: | E-mail addresses: |
| Network Engineer | BCD7 5301 9513 58A6 0DBC | paul@whooppee.com |
| & World Cruiser | 91EB ADB1 A280 3B79 9221 | pgoyette@juniper.net |
----------------------------------------------------------------------