OT: Help with Routing please..
Listman
fedora at linsolutions.com
Wed Sep 1 10:59:29 UTC 2004
On Wed, 2004-09-01 at 03:16, Sanjay Arora wrote:
> Hi all
>
> This question is not Fedora related, but could not find how to do this.
> Being a newbie, decided to ask the masters ;-)
>
> Network 1.
>
> Ipcop firewall gateway..
>
> Public address: 202.x.x.139 Netmask 255.255.255.248 given by ISP
> DMZ: 192.168.100.1
> Lan: 192.168.200.1
>
> Gateway to Internet through 202.x.x.137 provided by ISP.
>
> Network 2 (ISP Network...mostly hubs/repeaters & some switches)
>
> NAT Gateway to internet through ISP provided by ISP through 172.16.0.1
> My FC1 machine address: 172.16.0.133 Netmask 255.255.255.0, though I
> have not set it, as the ISP does not allow me to go on the net through
> this GW...only has given me an IP address to use on the local
> net...basically to test my machine his network i.e. from outside my
> network.
>
> Other friends on ISP LAN connected through the ISP: 172.16.0.x
>
> Now, the problem is that my FC1 machine though physically connected to
> my public IP (three connections to the hub...my ISP, my Ipcop machine
> and my FC1 machine), does not talk to my public IP.
>
> Ping says destination unreachable...I used ethereal to check the
> problem...my public IP firewall machine (202.x.x.139) is not responding
> to FC1 (172.16.0.133) ARP requests. I have set route in both machines
> by:
>
> On 172.16.0.133
> route add -host 202.x.x.139 dev eth2
Ugh, don't use dev next hops unless you must, a very very very bad
practice.
>
> On 202.x.x.139
> route add -host 172.16.0.133 dev eth2
>
> I think that the problem lies with different broadcast addresses, so the
> 202.x.x.139 machine is not getting the ARP request.
You don't see arp's for the next hops? May be related to you using dev
ethX instead of gw ip.
>
> My firewall does not block ICMP requests.
Service iptables stop for a few seconds to test, why chase a ghost
>
> Second problems is with my friends having 172.16.0.0 address with my ISP
> and having a GW address of 172.16.0.1 (which my FC1 machine does not
> have). They cant connect to my machine despite being on the same segment
> of my ISP Lan, without going through the internet. As their Internet
> bandwidth is capped...they cant transfer files with me. How to get their
> machines to talk with mine, without going to the ISP Gateway...some are
> Win machines & some Linux.
>
> Hope someone will help me...wont say can help me because I know
> otherwise ;-) Also, please provide pointers to some resources to this
> type of (not normal) TCP/IP routing...so I can learn and maybe someday
> be able to help some newbie like myself. Strangely...Google was not my
> friend this time ;-(
www.cisco.com, you can also google to scrounge up some very good
university lab stuff as well. I used to live in Ohio States web site
years back, they used to have lots of excellent on line lab materials.
Their where may other as well.
>
> My thanks for reading ALL the above.
>
> With best regards.
> Sanjay.
>
If you can put a little ascii diagram together it may be easier to help.
Ted
More information about the users
mailing list