<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.2.3">
</HEAD>
<BODY LINK="#0000ff">
On Thu, 2004-10-28 at 21:06 +0100, Chris Bond wrote:<BR>
<BLOCKQUOTE TYPE=CITE>
<FONT SIZE="2"><FONT COLOR="#000080"><A HREF="http://www.linuxforums.org/forum/ntopic25532.html">http://www.linuxforums.org/forum/ntopic25532.html</A> seems to suggest you need to fwd the packets using iptables as the default routing is not doing nothing – not sure what lines need to be added in a two-subnets though…</FONT></FONT><BR>
</BLOCKQUOTE>
<BR>
They are referring to masquerading (source address rewriting). Your doing 'normal' routing, Box A will send a packet through the gateway (Linux Box) to Box B and Box B will reply through through the gateway to Box A - no address rewriting needed.<BR>
<BR>
Like I said earlier we need the output of 'ipconfig'/'ifconfig' and 'route' on all three machines to see what's going on (and the output of 'cat /proc/sys/net/ipv4/ip_forward' just for a sanity check).<BR>
<BR>
Thanks<BR>
Mark<BR>
<BR>
<BLOCKQUOTE TYPE=CITE>
<FONT SIZE="2"><FONT COLOR="#000080"> </FONT></FONT><BR>
<BR>
<DIV ALIGN=center>
<HR>
</DIV><BR>
<BR>
<B><FONT SIZE="2"><FONT COLOR="#000000">From:</FONT></FONT></B><FONT COLOR="#000000"><FONT SIZE="2">Mark Broadbent [mailto:markb@wetlettuce.com] </FONT></FONT><BR>
<B><FONT SIZE="2"><FONT COLOR="#000000">Sent:</FONT></FONT></B><FONT COLOR="#000000"><FONT SIZE="2"> 28 October 2004 9:03 PM</FONT></FONT><BR>
<B><FONT SIZE="2"><FONT COLOR="#000000">To:</FONT></FONT></B><FONT COLOR="#000000"><FONT SIZE="2"> chris@logics.co.uk; Herefordshire Linux Users Group.</FONT></FONT><BR>
<B><FONT SIZE="2"><FONT COLOR="#000000">Cc:</FONT></FONT></B><FONT COLOR="#000000"><FONT SIZE="2"> mherbert@redhat.com</FONT></FONT><BR>
<B><FONT SIZE="2"><FONT COLOR="#000000">Subject:</FONT></FONT></B><FONT COLOR="#000000"><FONT SIZE="2"> RE: [Herefordshire] Routing two subnets</FONT></FONT><BR>
<BR>
<BR>
<FONT COLOR="#000000"> </FONT><BR>
<BR>
<FONT COLOR="#000000">On Thu, 2004-10-28 at 20:43 +0100, Chris Bond wrote: </FONT><BR>
<BR>
<PRE>
<FONT SIZE="2"><FONT COLOR="#000000"> </FONT></FONT>
<FONT SIZE="2"><FONT COLOR="#000000">Might have not made it clear I can route on the linux box perfectly its on a</FONT></FONT>
<FONT SIZE="2"><FONT COLOR="#000000">remote machine that where the default gateway is set to route that segment</FONT></FONT>
<FONT SIZE="2"><FONT COLOR="#000000">that it doesn't route via the linux box.</FONT></FONT>
<FONT SIZE="2"><FONT COLOR="#000000"> </FONT></FONT>
<FONT SIZE="2"><FONT COLOR="#000000">-----Original Message-----</FONT></FONT>
<FONT SIZE="2"><FONT COLOR="#000000">From: Chris Bond [mailto:<A HREF="mailto:chris@logics.co.uk">chris@logics.co.uk</A>] </FONT></FONT>
<FONT SIZE="2"><FONT COLOR="#000000">Sent: 28 October 2004 8:41 PM</FONT></FONT>
<FONT SIZE="2"><FONT COLOR="#000000">To: <A HREF="mailto:mherbert@redhat.com">mherbert@redhat.com</A>; <A HREF="mailto:herefordshire@mailman.lug.org.uk">herefordshire@mailman.lug.org.uk</A></FONT></FONT>
<FONT SIZE="2"><FONT COLOR="#000000">Subject: RE: [Herefordshire] Routing two subnets</FONT></FONT>
<FONT SIZE="2"><FONT COLOR="#000000"> </FONT></FONT>
<FONT SIZE="2"><FONT COLOR="#000000">Already done that but still doesn't route the packets! Iptables -L shows</FONT></FONT>
<FONT SIZE="2"><FONT COLOR="#000000">default ACCEPT so its not that blocking it... aby more ideas?</FONT></FONT>
</PRE>
<BR>
<BR>
<FONT COLOR="#000000">I assume your network is laid out like somewhat like:</FONT><BR>
<BR>
<FONT COLOR="#000000">[Box A]<---Subnet 1-->[eth? "Linux Box" eth?]<--Subnet 2-->[Box B]</FONT><BR>
<BR>
<FONT COLOR="#000000">Starting with basics I'll assume your attempting to ping Box B from Box A. The output from this would be useful, even more useful would be the packet capture whilst your pinging Box B (using tcpdump or ethereal). But to start with if give us the output from the 'route' command on all the boxes (plus a corresponding 'ifconfig' [Linux] or 'ipconfig /all' [Windows]) and we can work from there.</FONT><BR>
<BR>
<FONT COLOR="#000000">Thanks</FONT><BR>
<FONT COLOR="#000000">Mark</FONT><BR>
<BR>
<BR>
<BR>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
-- <BR>
Mark Broadbent <<A HREF="mailto:markb@wetlettuce.com">markb@wetlettuce.com</A>> <BR>
<BR>
<BR>
</TD>
</TR>
</TABLE>
<BR>
<FONT COLOR="#000000"> </FONT><BR>
<BR>
<BR>
</BLOCKQUOTE>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
-- <BR>
Mark Broadbent <<A HREF="mailto:markb@wetlettuce.com">markb@wetlettuce.com</A>>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>