Network route problem

Luc MAIGNAN luc.maignan at winxpert.com
Sat Jan 7 17:56:26 UTC 2012


Le 07/01/2012 18:53, Kevin Martin a écrit :
>
> On 01/07/2012 11:49 AM, Luc MAIGNAN wrote:
>> Le 07/01/2012 18:39, Kevin Martin a écrit :
>>> On 01/07/2012 11:30 AM, Luc MAIGNAN wrote:
>>>> Le 07/01/2012 18:21, Kevin Martin a écrit :
>>>>> On 01/07/2012 11:01 AM, Luc MAIGNAN wrote:
>>>>>> Yes, 50.184 is another box on the network on which the tunnel has been setup via racoon.
>>>>>> On 50.184 the access to 172.16.2.6 works fine. ANd I want to use 50.184 as a gateway for this host on the network.
>>>>>>
>>>>>> What email address have I to use to do not top post ?
>>>>>>
>>>>>>
>>>>>>
>>>>>> Le 07/01/2012 17:53, Kevin Martin a écrit :
>>>>>>> On 01/07/2012 10:46 AM, Luc MAIGNAN wrote:
>>>>>>>> 192.168.50.184 is a gateway on which a IPSEC tunnel allow to access to host 172.16.2.6
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Le 07/01/2012 17:45, Kevin Martin a écrit :
>>>>>>>>> On 01/07/2012 10:18 AM, Luc MAIGNAN wrote:
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> I have the following problem.
>>>>>>>>>>
>>>>>>>>>> Here is the output of : route -n :
>>>>>>>>>>
>>>>>>>>>> 0.0.0.0 192.168.50.2 0.0.0.0 UG 0 0 0 eth0
>>>>>>>>>> 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
>>>>>>>>>> 172.16.2.6 192.168.50.184 255.255.255.255 UGH 0 0 0 eth0
>>>>>>>>>> 192.168.50.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> When I try to ping 172.16.2.6, it doesn't work while the first available route is used (0.0.0.0 via 192.168.50.2)
>>>>>>>>>>
>>>>>>>>>> How can I modify the order of the route table to force use of the right route ?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Thanks for any help
>>>>>>>>> What is 192.168.50.184? From the routing table, its the same ethernet nic so it's no wonder the route to 172.16.2.6 is
>>>>>>>>> using the
>>>>>>>>> 0.0.0.0 (default) route (even though it looks like you've tried to force it to a different route). If you want to split the
>>>>>>>>> 192.168.50 network you'll need two nics, you'll need to set the netmask correctly to split it between them, then you will be
>>>>>>>>> able to
>>>>>>>>> set the 172.16.2.6 host to route a different way.
>>>>>>>>>
>>>>>>>>> Kevin
>>>>>>> So the 50.184 address is another box which you have an ipsec tunnel to from the machine that this network route is on? How
>>>>>>> are you
>>>>>>> creating the tunnel?
>>>>>>>
>>>>>>> And please don't top post, it makes it hard to consistently read the thread.
>>>>>>>
>>>>>>> Kevin
>>>>> Do you have ip forwarding turned on on the host that you are trying to route over the tunnel (the one with the 172.16.2.6 route)?
>>>>> And not top-posting (or bottom posting) is simply done by posting your replies at the bottom of the thread, not the top. That way
>>>>> people can read from top-to-bottom of a thread (like a book). Makes the threads much easier to follow then top posting (the
>>>>> Microsoft Outlook default).
>>>>>
>>>>> Kevin
>>>> Yes the ip forwarding is enabled.
>>>> With the route table I've described, I am directed on 50.2 and If I place on it the route to 172.16.2.6 via gw 50.184 it works.
>>>> But I consider that It is not necessary to pass via 50.2
>>>> It is why I search a way to modify the routage table
>>> Can you show a "traceroute 172.16.2.6" when you've got the tunnel up?
>>>
>>> Kevin
>> traceroute to 172.16.2.6 (172.16.2.6), 30 hops max, 60 byte packets
>> 1 192.168.50.2 (192.168.50.2) 0.187 ms 0.166 ms 0.154 ms
>> 2 192.168.50.184 (192.168.50.184) 0.545 ms 0.600 ms 0.603 ms
>> 3 * * *
>> 4 172.16.2.6 (172.16.2.6) 5.958 ms 4.324 ms 4.390 ms
>>
>> It should use directly 50.184 and not first 50.2
>>
>> Luc
> What type of device is 50.2? Is it a switch of some kind?
>
> Kevin

It is a fedora box, that works as a firewall/router

Luc


More information about the users mailing list