Forwarding not work in FC9 but ip forward is turn on
ppps
no-reply-gw at fcp.surfsite.org
Tue Sep 23 15:05:30 UTC 2008
>First off, what is that extra netstat -rn entry for eth6
>(169.254.0.0...looks like some Windows default garbage)? Can't help but
>wonder what that's doing to routing to the 192.168.10 network on the
>machine.
I have tried to eliminate that route with the command
route del -net 169.254.0.0 netmask 255.255.0.0
This eliminates the route but on reboot again and lift it
I do not know which file to modify to be removed.
I think that you really don't need to worry about this route.
It's used for default networking when your system is set to DHCP but does not get an address from a DHCP server
(NIC self-assigns a 169.254.x.x address to itself). This also happens on Windows.
I think that, the route itself will have no effect on your connectivity or networking.
>Next, why do you get two different traceroute results when you
>traceroute host 192.168.10.20 as shown below (doesn't make any sense)?:
In the first tcpdump command,
ping from 192.168.10.250 to 192.168.10.20
|firewall |--x-->|switch |----> | host 192.168.10.20 |
In de Second tcpdump command
ping from 192.168.10.20 to 192.168.5.1
|host 192.168.10.20 |---->|switch |----> | FIRWALL |--x-->| switch |-----> | HOST 192.168.5.1 |
In two previous cases, it do not work.
The fact is that if any host of any lan to an internal interface of the router, then work. Example
192.168.1.201 (HOST) -> 192.168.1.231 (ROUTER) works!!!
192.168.10.20 (HOST) -> 192.168.5.254 (ROUTER) works!!!
192.168.1.201 (HOST) -> 192.168.10.250 (ROUTER) works!!!
>1) there is no default gateway entered in your netstat -nr command. Gateway 0.0.0.0 is
>missing in your routing table. So, where do you expect to go your traffic to?
>Can't help but wonder what that's doing to routing to the >192.168.10 network on the machine.
I think that is not the problem since the gw will only be used when I try to connect to a network from which
it is not in my routing table and this is not the case because I only forward packets between the networks directly connected to the router.
>2) you need the appropiate entries for accepting connections with iptables.
> just setting the ip.forward.v4 param is not that enough (IMHO).
I think so!!!
>Use system-config-firewall:
>- set the NIC you want to accept connection as a trusted device (for test purposes now)
>- add a forward rule to the nic, you want to to forward, such as :
>iptables -A FORWARD -i [NIC_TO_FORWARD] -j ACCEPT
>
>Try, then you should see using iptables -L -v some traffic on the NIC and in the FORWARD
>state.
I have also tried your suggestion but unfortunately it did not work: (
thanks a lot for your help.
Best regards
--
This is an email sent via the webforum on http://fcp.surfsite.org
http://fcp.surfsite.org/modules/newbb/viewtopic.php?post_id=291771&topic_id=61844&forum=10#forumpost291771
If you think, this is spam, please report this to webmaster at fcp.surfsite.org.
More information about the fedora-list
mailing list