Re: routing

Fri, 29 Oct 2010 02:47:45 -0700 

Hi, Sthu:

On Friday 29 October 2010 10:05:52 Sthu Deus wrote:
> Thank You for Your time and answers, Jesús - I really appreciate it:
> > Two things:
> > 1) Try without a firewall (iptables default rules
> > to "accept",  /proc/sys/net/ipv4/ip_forward to "1" and anything else).
>
> Still the same:

[...]

> For /proc/sys/net/ipv4/ip_forward I tried numbers 1, 2, 3 - all w/ the
> same effect - packets go to but do no return.

It's not a matter of blindlingly trying things just for the sake of it.  What 
did you expect trying "2" and "3" on that file?

> > 2) Then if you can ping 20.20.20.20 from host1 *and* you can ping
> > "the Internet" from host2 (say, `ping 152.46.7.81`, which is the IP
> > for www.tldp.org, known to return ECHO packages) it's almost surely
> > not a routing problem within host2.
>
> I did ping for the IP - same effect - it works for host2 and does not
> for host1.

Did I ask you to try 152.46.7.81 from host1?

> If it be not routing problem, then what it can be?

A different one.  We are trying to diagnose it.

> > Now, my bet:
> > Does whatever sit on the far end of your ppp link holding IP address
> > 10.10.10.10 know how to return packets to 192.168.0.0/24?
>
> Sorry, I do not know.

You'll need to know.  What does sit at 10.10.10.10?

Let's try again:
1) What are the exact iptables rules you are trying?
I'd suggest trying this and only this (just for testing; once it's working you 
can tie up them as needed):
        /sbin/iptables -F
        /sbin/iptables -t nat -F
        /sbin/iptables -t mangle -F
 
        /sbin/iptables -X
        /sbin/iptables -t nat -X
        /sbin/iptables -t mangle -X

        /sbin/iptables -P INPUT ACCEPT
        /sbin/iptables -P OUTPUT ACCEPT
        /sbin/iptables -P FORWARD ACCEPT
        
        echo "1" > /proc/sys/net/ipv4/ip_forward

Now, let's test it:
2) Can you ping 10.10.10.10 from host2?
3) Can you ping 152.46.7.81 from host2?
4) Can you ping 192.168.0.3 from host2?
5) Can you ping 192.168.0.1 from host1?
6) Can you ping 20.20.20.20 from host1?
7) Can you ping 152.46.7.81 from host1?
(remember these tests since it's what you need to diagnose your problem; you 
should try them after any change on your config).

Cheers.


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/201010291147.22818.jesus.nava...@undominio.net

Reply via email to