Routing problems

Rick Sewill rsewill at gmail.com
Fri Feb 19 04:53:23 UTC 2010


On Fri, 2010-02-19 at 04:31 +0100, j.halifax . wrote: 
> > What happens if you try to "ping" from the eth2 interface of the router?
> > ping -I 10.255.250.37 172.17.1.50
> 
> Commands issued in 10.255.l250.37 (via ssh 195.39.130.92):
> =============================================
> ping -I 10.255.250.37 172.17.1.50
> PING 172.17.1.50 (172.17.1.50) from 10.255.250.37 : 56(84) bytes of data.
> >From 195.39.130.92 icmp_seq=2 Destination Host Unreachable
> :(
> ping -I eth2 182.15.1.50
> PING 182.15.1.50 (182.15.1.50) from 10.255.250.37 eth2: 56(84) bytes of data.
> >From 195.39.130.92 icmp_seq=1 Destination Host Unreachable
> :(
> ping 172.17.1.50
> PING 172.17.1.50 (172.17.1.50) 56(84) bytes of data.
> 64 bytes from 172.17.1.50: icmp_seq=1 ttl=253 time=8.65 ms
> :)
> 
> ==========================================
> iptables -L -v
> Chain INPUT (policy ACCEPT 3325K packets, 706M bytes)
>  pkts bytes target     prot opt in     out     source               destination
> 
> Chain FORWARD (policy ACCEPT 2152K packets, 964M bytes)
>  pkts bytes target     prot opt in     out     source               destination
>   534 40008 ACCEPT     all  --  any    eth3    anywhere             172.17.0.0/16
> 
> Chain OUTPUT (policy ACCEPT 1080K packets, 160M bytes)
>  pkts bytes target     prot opt in     out     source               destination
> ====================================
> ping -I eth2 172.17.1.50
> PING 172.17.1.50 (172.17.1.50) from 10.255.250.37 eth2: 56(84) bytes of data.
> >From 195.39.130.92 icmp_seq=2 Destination Host Unreachable
> ====================================
> iptables -L -v
> Chain INPUT (policy ACCEPT 3325K packets, 706M bytes)
>  pkts bytes target     prot opt in     out     source               destination
> 
> Chain FORWARD (policy ACCEPT 2153K packets, 964M bytes)
>  pkts bytes target     prot opt in     out     source               destination
>   534 40008 ACCEPT     all  --  any    eth3    anywhere             172.17.0.0/16
> 
> Chain OUTPUT (policy ACCEPT 1080K packets, 160M bytes)
>  pkts bytes target     prot opt in     out     source               destination
> =====================================
> 
> Thank you..
> jh


You convinced me my gut instinct is wrong about iptables being involved.

I have another line of thought.

I believe, with iproute2, there are additional routing tables.

With a note of caution as I am reading documentation as I go,
and you may find you have more experience with this than me,
please do:
ip rule list

I expect there to be at least 3 tables listed, local, main, default

For each table, please do  ip route list table <table name>
For example,
ip route list table local
ip route list table main
ip route list table default
...and ip route list table xxx for any other tables in the rule list.

I am going to make a wild guess the local table has higher priority
than the main table and has something adversely affecting your routing.

I believe we normally only look at the main table.

I think the files for iproute2 are kept in the /etc/iproute2 directory.

Again, this is only a guess on my part.

The documentation I was reading was found using google at URL:
http://www.linuxdocs.org/HOWTOs/Adv-Routing-HOWTO-4.html





More information about the users mailing list