<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Routing: Ping from router A to Host behind Router B does not work
From: "Nils Lichtenfeld" <Nils.Lichtenfeld,AT,gmx,DOT,net>
Date: Sun, 3 Feb 2002 17:16:49 +0100

Hi!

So getting cipe to run at all wasn easier then I expected :)

There is a problem I couldn't get fixed concerning routing (I think).

Setup:

Host A -- Router A -- Internet -- Router B -- Host B

I couldn't get the following pings to work:

Router A -> Host B
Router B -> Host A

All the other scenarios worked fine. What could that be?
Since The cipe-tunnel seems to work I only post the ipchains/route 
configuration of both Routers.

Router A:

route -n
Kernel routing table
Destination     Gateway         Genmask         Flags MSS    Window Use Iface
10.10.3.1       *               255.255.255.255 UH    0      0        0 cipcb0
217.5.98.18     *               255.255.255.255 UH    0      0        0 ppp0
192.168.3.0     10.10.3.1       255.255.255.0   UG    0      0        0 cipcb0
192.168.1.0     *               255.255.255.0   U     0      0        0 eth0
192.168.222.0   *               255.255.255.0   U     0      0        0 ippp0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         *               *               U     0      0        0 ppp0
 
ipchains -L
Chain input (policy ACCEPT):
target     prot opt     source                destination           ports
ACCEPT     all  ------  192.168.3.0/24       anywhere              n/a
ACCEPT     all  ------  anywhere             192.168.3.0/24        n/a
ACCEPT     all  ------  localhost            localhost             n/a
ACCEPT     tcp  !y----  anywhere             anywhere              any ->   
any
ACCEPT     all  ------  192.168.1.0/24       anywhere              n/a
ACCEPT     udp  ------  anywhere             anywhere              bootpc ->  
 bootps
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
0:ftp
REJECT     udp  ----l-  anywhere             anywhere              any ->   
0:21
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
telnet:52
REJECT     udp  ----l-  anywhere             anywhere              any ->   
23:52
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
54:www
REJECT     udp  ----l-  anywhere             anywhere              any ->   
54:www
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
81:auth
REJECT     udp  ----l-  anywhere             anywhere              any ->   
81:113
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
114:1023
REJECT     udp  ----l-  anywhere             anywhere              any ->   
114:1023
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
5000:5001
REJECT     udp  ----l-  anywhere             anywhere              any ->   
5000:5001
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
8000
REJECT     udp  ----l-  anywhere             anywhere              any ->   
8000
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
vboxd
REJECT     udp  ----l-  anywhere             anywhere              any ->   
vboxd
Chain forward (policy DENY):
target     prot opt     source                destination           ports
ACCEPT     all  ------  192.168.3.0/24       192.168.1.0/24        n/a
ACCEPT     all  ------  192.168.1.0/24       192.168.3.0/24        n/a
REJECT     tcp  ------  anywhere             anywhere              any ->   
netbios-ns:netbios-ssn
REJECT     tcp  ------  anywhere             anywhere              
netbios-ns:netbios-ssn ->   any
REJECT     udp  ------  anywhere             anywhere              any ->   
netbios-ns:netbios-ssn
REJECT     udp  ------  anywhere             anywhere              
netbios-ns:netbios-ssn ->   any
ACCEPT     all  ------  192.168.3.0/24       anywhere              n/a
ACCEPT     all  ------  anywhere             192.168.3.0/24        n/a
MASQ       all  ------  192.168.1.0/24       anywhere              n/a
Chain output (policy ACCEPT):

Router B

route -n
Kernel routing table
Destination     Gateway         Genmask         Flags MSS    Window Use Iface
217.5.98.91     *               255.255.255.255 UH    0      0        0 ppp0
10.10.1.1       *               255.255.255.255 UH    0      0        0 cipcb0
192.168.3.0     *               255.255.255.0   U     0      0        0 eth0
192.168.1.0     10.10.1.1       255.255.255.0   UG    0      0        0 cipcb0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         *               *               U     0      0        0 ppp0

ipchains -L
Chain input (policy ACCEPT):
target     prot opt     source                destination           ports
ACCEPT     all  ------  192.168.1.0/24       anywhere              n/a
ACCEPT     all  ------  anywhere             192.168.1.0/24        n/a
ACCEPT     all  ------  localhost            localhost             n/a
ACCEPT     tcp  !y----  anywhere             anywhere              any ->   
any
ACCEPT     all  ------  192.168.3.0/24       anywhere              n/a
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
0:ftp-data
REJECT     udp  ----l-  anywhere             anywhere              any ->   
0:ftp-data
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
telnet:52
REJECT     udp  ----l-  anywhere             anywhere              any ->   
23:52
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
54:finger
REJECT     udp  ----l-  anywhere             anywhere              any ->   
54:79
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
81:112
REJECT     udp  ----l-  anywhere             anywhere              any ->   
81:112
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
114:1023
REJECT     udp  ----l-  anywhere             anywhere              any ->   
114:1023
REJECT     tcp  ----l-  anywhere             anywhere              any ->   
5000:5001
REJECT     udp  ----l-  anywhere             anywhere              any ->   
5000:5001
Chain forward (policy DENY):
target     prot opt     source                destination           ports
ACCEPT     all  ------  192.168.1.0/24       192.168.3.0/24        n/a
ACCEPT     all  ------  192.168.3.0/24       192.168.1.0/24        n/a
REJECT     tcp  ------  anywhere             anywhere              any ->   
netbios-ns:netbios-ssn
REJECT     tcp  ------  anywhere             anywhere              
netbios-ns:netbios-ssn ->   any
REJECT     udp  ------  anywhere             anywhere              any ->   
netbios-ns:netbios-ssn
REJECT     udp  ------  anywhere             anywhere              
netbios-ns:netbios-ssn ->   any
ACCEPT     all  ------  192.168.1.0/24       anywhere              n/a
ACCEPT     all  ------  anywhere             192.168.1.0/24        n/a
MASQ       all  ------  192.168.3.0/24       anywhere              n/a
Chain output (policy ACCEPT):

Thanks!
MFG Nils





<< | Thread Index | >> ]    [ << | Date Index | >> ]