Thank You for Your time and answer, Jesús: > Sorry for the long delay.
Please do not worry - I myself am often very busy. :) That's why I like mail - reply when at ease. > What's the machine that holds the 10.10.10.10 IP address? My bet is > that it's some kind of router owned by your ISP; I don't know if > located on your premises or those of your ISP. Am I right? Yes, absolutely. > > > 2) Can you ping 10.10.10.10 from host2? > > > > Yes. > > If I don't recall wrongly, host2 is your routing one, sitting in > between your internal network and your Internet connection. Is this > right? Well. That's what we have here - just reminding so that everything was fresh: host1 <-> eth <-> host2 <-> ppp <-> Internet. host1 has eth0 w/ 192.168.0.2 host2 has eth0 w/ 192.168.0.125 and ppp0 w/ 10.10.10.10 Internet 20.20.20.20 > > > 3) Can you ping 152.46.7.81 from host2? > > > > No. > > That's a known server on Internet; the one hosting www.tldp.org and > it does return pings. That means that your routing host is unable to > reach Internet. Is that true? Are you sure your only defined > interfaces on host2 are lo, eth0 and eth1 and that the only firewall > rules applied were the ones I provided? The interfaces are: lo ppp and eth. Yes, I did as You said. Jesús, we latter w/ another person some time ago, here, has discovered, that all I needed to have for the host1 access to Internet was the necessity for host2 to route the packets from Internet back to host1 - that is masquerading. - Therefore it works. - I thought You have seen the message. I the reason why we then continued our talk w/ You was that You said that (or I have understood so) it is possible to make routung other way than through iptables - as I understand, through routing tables - the ones we see w/ ip command - is it correct/possible? - Or we just waste one another's time? :) > > > 4) Can you ping 192.168.0.3 from host2? > > > > Not ping but connect by ssh. > > Is there any firewall on host1? Are you sure your only defined Well. there is another firewall. > interfaces on host2 are lo eth0 and eth1 and that the only firewall > rules applied were the ones I provided? No ping but ssh ability Yes. > smells strongly like a firewall problem, not one about routing. Yea - I just ment here that there is traffic between the hosts - just wanted to be honest w/ You. :) - It is true - the pings are just blocked. But for the Internet connection it is open - related is in INPUT chain. > > > 5) Can you ping 192.168.0.125 from host1? > > > > Yes. > > Definetly there's some firewall-related problem hidden somewhere here. Yes - masquerading. :) > > > 6) Can you ping 20.20.20.20 from host1? > > > > No. - How it can if now masquerading on host2? > > Do you really mean "now masquerading" or "no masquerading"? If the "no masquerading" of course - or it becomes illogical. > > > 7) Can you ping 152.46.7.81 from host1? > > > > No. > > This was expected as this time. > > If you are still working out this problem, can you please start a > thread anew providing topology/IP address space again? I already > deleted these posts from my local spool and I'm having problems > finding this thread on Debian's list servers. Well. I have said already about solving of the problem And interest if it is possible to go another way - through ip table routing - that is not clear to me why it exists while there is iptables, for example - is it not interchangeable? As for the list search of the message: http://lists.debian.org/debian-user/2010/10/msg01704.html Thank, Jesús, for the attention You have paid to my problem - I do appreciate it much. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4d08e9c0.918acc0a.430b.4...@mx.google.com
