We use a dual homed CentOS-6.3 host for our Internet gateway router.
Its internal nic (eth1) is configured such that the address
192.168.0.1 is one of its aliases.
Internal packets routed to 192.168.209.41 are passing through this
router out onto the network. I am afraid that the reason is not
evident to me and I have been unable to locate an answer.
The primary address for eth1 has the following configuration:
What configuration setting am I missing that will cause packets to
192.168.ccc.ddd to stay on the LAN and not try and pass though the WAN
interface?
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
09-04-2012, 07:01 PM
Les Mikesell
Simple routing question
On Tue, Sep 4, 2012 at 1:34 PM, James B. Byrne <byrnejb@harte-lyne.ca> wrote:
> We use a dual homed CentOS-6.3 host for our Internet gateway router.
> Its internal nic (eth1) is configured such that the address
> 192.168.0.1 is one of its aliases.
>
> # cat /etc/sysconfig/network-scripts/ifcfg-eth1:192BOOTPROTO=none
>> DEVICE=eth1:192
> IPADDR=192.168.0.1
> NETMASK=255.255.0.0
>
> Internal packets routed to 192.168.209.41 are passing through this
> router out onto the network. I am afraid that the reason is not
> evident to me and I have been unable to locate an answer.
That netmask says the interface handles the range from
192.168.0.0-192.168.255.255. Maybe you meant 255.255.255.0?
--
Les Mikesell
lesmikesell@gmail.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
09-04-2012, 07:18 PM
"James B. Byrne"
Simple routing question
On Tue, September 4, 2012 14:34, James B. Byrne wrote:
> We use a dual homed CentOS-6.3 host for our Internet gateway router.
> Its internal nic (eth1) is configured such that the address
> 192.168.0.1 is one of its aliases.
>
per: Les Mikesell lesmikesell at gmail.com
Tue Sep 4 15:01:18 EDT 2012
>> # cat /etc/sysconfig/network-scripts/ifcfg-eth1:192BOOTPROTO=none
>> DEVICE=eth1:192
>> IPADDR=192.168.0.1
>> NETMASK=255.255.0.0
>>
>> Internal packets routed to 192.168.209.41 are passing through this
>> router out onto the network. I am afraid that the reason is not
>> evident to me and I have been unable to locate an answer.
>
> That netmask says the interface handles the range from
> 192.168.0.0-192.168.255.255. Maybe you meant 255.255.255.0?
There are presently two subnets on the lan, 192.168.209.0 and
192.168.209.0. I believe that the present netmask is correct in these
circumstances.
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
09-04-2012, 07:27 PM
Les Mikesell
Simple routing question
On Tue, Sep 4, 2012 at 2:18 PM, James B. Byrne <byrnejb@harte-lyne.ca> wrote:
>
> On Tue, September 4, 2012 14:34, James B. Byrne wrote:
>> We use a dual homed CentOS-6.3 host for our Internet gateway router.
>> Its internal nic (eth1) is configured such that the address
>> 192.168.0.1 is one of its aliases.
>>
>
> per: Les Mikesell lesmikesell at gmail.com
> Tue Sep 4 15:01:18 EDT 2012
>
>>> # cat /etc/sysconfig/network-scripts/ifcfg-eth1:192BOOTPROTO=none
>>> DEVICE=eth1:192
>>> IPADDR=192.168.0.1
>>> NETMASK=255.255.0.0
>>>
>>> Internal packets routed to 192.168.209.41 are passing through this
>>> router out onto the network. I am afraid that the reason is not
>>> evident to me and I have been unable to locate an answer.
>>
>> That netmask says the interface handles the range from
>> 192.168.0.0-192.168.255.255. Maybe you meant 255.255.255.0?
>
> There are presently two subnets on the lan, 192.168.209.0 and
> 192.168.209.0. I believe that the present netmask is correct in these
> circumstances.
If the 192.168.209.x range is connected to this interface, then I
don't think I understand the problem. I thought you were saying those
addresses should not go out this interface.
--
Les Mikesell
lesmikesell@gmail.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
09-04-2012, 07:32 PM
John R Pierce
Simple routing question
On 09/04/12 12:18 PM, James B. Byrne wrote:
> There are presently two subnets on the lan, 192.168.209.0 and
> 192.168.209.0. I believe that the present netmask is correct in these
> circumstances.
um, those are both the same? I assume you meant one of them to be
different?
when you say therre are two subnets, whats the mask for those two
'subnets' ? if its /24 (255.255.255.0) then those subnets would not be
able to reach the gateway at 192.168.0.1 without additional routing
information.
--
john r pierce N 37, W 122
santa cruz ca mid-left coast
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
09-04-2012, 08:25 PM
"James B. Byrne"
Simple routing question
On 09/04/12 12:18 PM, James B. Byrne wrote:
> There are presently two subnets on the lan, 192.168.209.0 and
> 192.168.209.0. I believe that the present netmask is correct in these
> circumstances.
um, those are both the same? I assume you meant one of them to be
different?
You are correct. I mistyped.
I have host A with eth0[aaa.bbb.ccc.A] and eth1[192.168.216.A]
I have host B with eth0[aaa.bbb.ccc.B] and eth1[192.168.209.B]
and I have host C as the gateway with eth0 being the WAN and eth1
being the LAN. Eth1 on C has the address [aaa.bbb.ccc.1] assigned to
it and has the alias [192.168.0.1] as well.
I want traffic from 192.168.216.A addressed to 192.168.209.B to go to
eth1 on B. Instead it goes to Eth0 on C where it dies as one would
expect.
I am not terribly familiar with routing so I expect that I am doing
something wrong that is obvious yet invisible to me. This is an
experimental set up so that I can explore these issues before
inflicting them on my unsuspecting users.
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
09-04-2012, 08:42 PM
Nicolas Thierry-Mieg
Simple routing question
James B. Byrne wrote:
>
> On 09/04/12 12:18 PM, James B. Byrne wrote:
>> There are presently two subnets on the lan, 192.168.209.0 and
>> 192.168.209.0. I believe that the present netmask is correct in these
>> circumstances.
>
> um, those are both the same? I assume you meant one of them to be
> different?
>
>
> You are correct. I mistyped.
>
> I have host A with eth0[aaa.bbb.ccc.A] and eth1[192.168.216.A]
>
> I have host B with eth0[aaa.bbb.ccc.B] and eth1[192.168.209.B]
>
> and I have host C as the gateway with eth0 being the WAN and eth1
> being the LAN. Eth1 on C has the address [aaa.bbb.ccc.1] assigned to
> it and has the alias [192.168.0.1] as well.
>
> I want traffic from 192.168.216.A addressed to 192.168.209.B to go to
> eth1 on B. Instead it goes to Eth0 on C where it dies as one would
> expect.
>
> I am not terribly familiar with routing so I expect that I am doing
> something wrong that is obvious yet invisible to me. This is an
> experimental set up so that I can explore these issues before
> inflicting them on my unsuspecting users.
>
could you show the result of the route command on host C?
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
09-04-2012, 08:51 PM
Les Mikesell
Simple routing question
On Tue, Sep 4, 2012 at 3:25 PM, James B. Byrne <byrnejb@harte-lyne.ca> wrote:
>
> On 09/04/12 12:18 PM, James B. Byrne wrote:
>> There are presently two subnets on the lan, 192.168.209.0 and
>> 192.168.209.0. I believe that the present netmask is correct in these
>> circumstances.
>
> um, those are both the same? I assume you meant one of them to be
> different?
>
>
> You are correct. I mistyped.
>
> I have host A with eth0[aaa.bbb.ccc.A] and eth1[192.168.216.A]
>
> I have host B with eth0[aaa.bbb.ccc.B] and eth1[192.168.209.B]
>
> and I have host C as the gateway with eth0 being the WAN and eth1
> being the LAN. Eth1 on C has the address [aaa.bbb.ccc.1] assigned to
> it and has the alias [192.168.0.1] as well.
>
> I want traffic from 192.168.216.A addressed to 192.168.209.B to go to
> eth1 on B.
That should happen directly without C's involvement if the netmask is
255.255.0.0 on A and B's eth1 interfaces.
> Instead it goes to Eth0 on C where it dies as one would
> expect.
Why does C have both internet and LAN addresses on the same interfaces?
--
Les Mikesell
lesmikesell@gmail.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
09-04-2012, 08:51 PM
John R Pierce
Simple routing question
On 09/04/12 1:25 PM, James B. Byrne wrote:
> I have host A with eth0[aaa.bbb.ccc.A] and eth1[192.168.216.A]
>
> I have host B with eth0[aaa.bbb.ccc.B] and eth1[192.168.209.B]
what are the subnet masks defined on 192.168.216.A and 192.168.209.B ?
> and I have host C as the gateway with eth0 being the WAN and eth1
> being the LAN. Eth1 on C has the address [aaa.bbb.ccc.1] assigned to
> it and has the alias [192.168.0.1] as well.
assuming the answer to my above question is 255.255.255.0, then noone
has a route to this 192.168.0.1 as its in an entirely different
subnet. you can't overlap subnets with different size masks without
creating some serious messes.
> I want traffic from 192.168.216.A addressed to 192.168.209.B to go to
> eth1 on B. Instead it goes to Eth0 on C where it dies as one would
> expect.
there's no route defined to do that, since 192.168.209.B is not in any
network that A has knowlege of. A would need an IP in the B subnet,
and B would need an IP in the A subnet for this to work.
why do you have two seperate LAN subnets? are you running two seperate
LANs ? there have to be some really good reasons before I create
anything this messy.
for instance...
host A with eth0[aaa.bbb.ccc.A] and eth1[192.168.216.A] and eth1[192.168.209.A]
host B with eth0[aaa.bbb.ccc.B] and eth1[192.168.209.B] and eth1[192.168.216.B]
now A can reach B via its eth1 as it now has a route to 192.168.216/24
--
john r pierce N 37, W 122
santa cruz ca mid-left coast
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
09-04-2012, 08:55 PM
"James B. Byrne"
Simple routing question
per: Nicolas Thierry-Mieg Nicolas.Thierry-Mieg at imag.fr
Tue Sep 4 16:42:57 EDT 2012
> could you show the result of the route command on host C?
[root@gway01 ~]# ip route
216.185.64.52/30 dev eth0 proto kernel scope link src 216.185.64.54
10.0.0.0/24 dev eth1 proto kernel scope link src 10.0.0.1
172.16.0.0/24 dev eth1 proto kernel scope link src 172.16.0.1
169.254.0.0/24 dev eth1 proto kernel scope link src 169.254.0.1
192.168.0.0/24 dev eth1 proto kernel scope link src 192.168.0.1
192.0.0.0/24 dev eth1 proto kernel scope link src 192.0.0.1
216.185.71.0/24 dev eth1 proto kernel scope link src 216.185.71.1
169.254.0.0/16 dev eth0 scope link metric 1002
169.254.0.0/16 dev eth1 scope link metric 1003
default via 216.185.64.53 dev eth0
192.168.0.0/24 dev eth1 proto kernel scope link src 192.168.0.1 is
wrong I think, but I cannot figure out what in the configuration file
is causing it.
Simple routing question
