[tlug] Re: routing question

[Tobias Diedrich <ranma@example.com>]

Botond Botyanszki wrote:

> I have no problem accessing this network from the firewall, but cant get
> to the zaurus at 192.168.129.201. Same in reverse.
> 
> In a diagram it's like this:
> 
>    +------------------------------------->
>    |                   <----------------------------------+
>  firewall         laptop eth0      laptop usb0        zaurus usbd0
> 192.168.1.1 <--> 192.168.2.12 <--> 192.168.129.1 <--> 192.168.129.201
> 
> Trying to assign a different gw for the zaurus other than 192.168.129.1
> gives a "network unreachable" error.

I _guess_ that the packets from your zaurus reach their destination,
but the reply doesn't get back to your zaurus because you didn't set up
your routing for the reverse direction.

The machine with IP 192.168.2.1 or its default gw needs to know that it
has to route packets destined to 192.168.129.201 over your notebook.

You can avoid fiddling with the other routing tables by masquerading the
packets from your zaurus on your notebook.

A packet sniffer like ethereal or tcpdump is a good tool to check where
the packets get stuck.  Sometimes enabling logging of martians and
disabling the reverse path filter can also help debugging complicated
setups (/proc/sys/net/ipv4/conf/*/(rp_filter|log_martians)).

-- 
Tobias						PGP: http://9ac7e0bc.2ya.com
Beware of bugs in the above code; I have only proved it correct, but
not tried it.    -- Donald Knuth

Attachment: signature.asc
Description: Digital signature