FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Edubuntu User

 
 
LinkBack Thread Tools
 
Old 11-20-2007, 04:52 PM
Tom Wolfe
 
Default Edubuntu routing question -- from external to internal (fwd)

Hi,

I'm trying to allow access from the eth1 subnet (external) to the eth0 subnet
(ineternal/Thin Client)

I have a route set up on the external network (192.168.192.0/255.255.252.0) as
follows:

route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.192.18

The Edubuntu/Gutsy server is 192.168.192.18 on eth1 as you might gather.

pinging 192.168.100.254 (the Edubuntu server on eth0) from the 192.168.192.0
subnet gets no reply

tracert 192.168.100.254 from the 192.168.192.0 subnet gets:

Tracing route to 192.168.100.2 over a maximum of 30 hops

1 <1 ms <1 ms <1 ms EDUBUNTU [192.168.192.18]
2 *

... timeout/error. So it's not getting through the Edubuntu server. Could
someone please suggest to me a way to set up the routing so that I can do this?
I've also got webmin running in case there's a way to easily to it that way
too. Sorry for the rookie question, I'm just a little overwhelmed with the docs
on this. With K12LTSP I didn't have this problem.

Regards,
Tom Wolfe

---
Tom Wolfe, IT Specialist twolfe@sawback.com
Stoney Educational Authority tel: (403) 881-2650
Box 238, Morley AB, T0L 1N0 fax: (403) 881-2793
Morley Community School | Chief Jacob Bearspaw School | Ta-otha School


--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-20-2007, 06:07 PM
Gavin McCullagh
 
Default Edubuntu routing question -- from external to internal (fwd)

Hi,

On Tue, 20 Nov 2007, Tom Wolfe wrote:

> I'm trying to allow access from the eth1 subnet (external) to the eth0
> subnet (ineternal/Thin Client)
>
> I have a route set up on the external network
> (192.168.192.0/255.255.252.0) as follows:
>
> route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.192.18

So this route is installed on each machine in the external network. That
sounds fine.

> The Edubuntu/Gutsy server is 192.168.192.18 on eth1 as you might gather.
>
> pinging 192.168.100.254 (the Edubuntu server on eth0) from the 192.168.192.0
> subnet gets no reply

You need to tell the edubuntu that it should forward packets between
networks (ie act as a router) or it will just ignore them. This is
generally done using

echo 1 > /proc/sys/net/ipv4/ip_forward

which you should try first.

However, you're asking it to route packets between two private network
ranges which linux may not be keen on (as it breaks some network rules).
One usually uses an iptables NAT rule in this instance but you may be able
to get away without it, I'm not certain off the top of my head.

Gavin


--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-20-2007, 06:19 PM
"David Van Assche"
 
Default Edubuntu routing question -- from external to internal (fwd)

Take a look here, this should add total routing, though masquerading
with something like shorewall will make it even more transparent:

https://wiki.ubuntu.com/ThinClientHowtoNAT

On Nov 20, 2007 8:07 PM, Gavin McCullagh <gmccullagh@gmail.com> wrote:
> Hi,
>
> On Tue, 20 Nov 2007, Tom Wolfe wrote:
>
> > I'm trying to allow access from the eth1 subnet (external) to the eth0
> > subnet (ineternal/Thin Client)
> >
> > I have a route set up on the external network
> > (192.168.192.0/255.255.252.0) as follows:
> >
> > route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.192.18
>
> So this route is installed on each machine in the external network. That
> sounds fine.
>
> > The Edubuntu/Gutsy server is 192.168.192.18 on eth1 as you might gather.
> >
> > pinging 192.168.100.254 (the Edubuntu server on eth0) from the 192.168.192.0
> > subnet gets no reply
>
> You need to tell the edubuntu that it should forward packets between
> networks (ie act as a router) or it will just ignore them. This is
> generally done using
>
> echo 1 > /proc/sys/net/ipv4/ip_forward
>
> which you should try first.
>
> However, you're asking it to route packets between two private network
> ranges which linux may not be keen on (as it breaks some network rules).
> One usually uses an iptables NAT rule in this instance but you may be able
> to get away without it, I'm not certain off the top of my head.
>
> Gavin
>
>
>
> --
> edubuntu-users mailing list
> edubuntu-users@lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
>

--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-21-2007, 09:15 AM
Gavin McCullagh
 
Default Edubuntu routing question -- from external to internal (fwd)

Hi,

On Tue, 20 Nov 2007, Tom Wolfe wrote:

> Thanks for the tips, but I already had followed the NAT FAQ to no avail.
> /proc/sys/net/ipv4/ip_forward is therefore already set to "1"
>
> So I'm stumped. I don't have any firewall rules at all right now. Any more
> suggestions?

On reflection, you shouldn't need NAT for this and you shouldn't need
iptables.

> The Edubuntu/Gutsy server is 192.168.192.18 on eth1 as you might gather.
>
> pinging 192.168.100.254 (the Edubuntu server on eth0) from the
> 192.168.192.0 subnet gets no reply

That's a bit of a surprise. Are you sure you have the route set up
correctly on the 192.168.192.0 box?

> tracert 192.168.100.254 from the 192.168.192.0 subnet gets:
>
> Tracing route to 192.168.100.2 over a maximum of 30 hops
>
> 1 <1 ms <1 ms <1 ms EDUBUNTU [192.168.192.18]
> 2 *

This looks to be a different experiment. Now you're tracerouting to
192.168.100.2 (a machine on the thin client net) and it's getting to the
edubuntu router, but not further. Bear in mind that 192.168.100.2 would
have to have an explicit (or default) route back through 192.168.100.254
for the ping to get back to you.

Can you traceroute 192.168.100.254 from 192.168.192.0?

If you want to get a better picture for what's going on, I'd suggest using
tcpdump. You can run

tcpdump -i eth0 icmp

to see all ping packets passing a particular interface. You can then see
them arrive at the router eth0, pass through eth1, arrive at the far end,
and see the reply all the way back (or however far it gets).

Gavin


--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-21-2007, 12:03 PM
Oliver Grawert
 
Default Edubuntu routing question -- from external to internal (fwd)

hi,
On Di, 2007-11-20 at 12:52 -0500, Tom Wolfe wrote:
> Hi,
>
> I'm trying to allow access from the eth1 subnet (external) to the eth0 subnet
> (ineternal/Thin Client)
>
> I have a route set up on the external network (192.168.192.0/255.255.252.0) as
> follows:
>
> route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.192.18
additionaly you need to enable ip forwarding though echoing 1
into /proc/sys/net/ipv4/ip_forward
like:

echo 1|sudo tee -a /proc/sys/net/ipv4/ip_forward

ciao
oli
--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-21-2007, 12:21 PM
Tom Wolfe
 
Default Edubuntu routing question -- from external to internal (fwd)

Thanks Oliver -- but this has been done. I'm still at a loss.

Regards,
Tom Wolfe

---
Tom Wolfe, IT Specialist twolfe@sawback.com
Stoney Educational Authority tel: (403) 881-2650
Box 238, Morley AB, T0L 1N0 fax: (403) 881-2793
Morley Community School | Chief Jacob Bearspaw School | Ta-otha School


On Wed, 21 Nov 2007, Oliver Grawert wrote:

> hi,
> On Di, 2007-11-20 at 12:52 -0500, Tom Wolfe wrote:
>> Hi,
>>
>> I'm trying to allow access from the eth1 subnet (external) to the eth0 subnet
>> (ineternal/Thin Client)
>>
>> I have a route set up on the external network (192.168.192.0/255.255.252.0) as
>> follows:
>>
>> route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.192.18
> additionaly you need to enable ip forwarding though echoing 1
> into /proc/sys/net/ipv4/ip_forward
> like:
>
> echo 1|sudo tee -a /proc/sys/net/ipv4/ip_forward
>
> ciao
> oli
>

--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-21-2007, 12:35 PM
Tom Wolfe
 
Default Edubuntu routing question -- from external to internal (fwd)

So to give some background:

1) I have a large network dominated by Windows AD & Windows clients
2) I have two smaller networks that are dominated by LTS & clients, one is
K12LTSP 6.0, the other is Edubuntu/Gutsy
3) Within the two LTSP networks I do have a few Windows clients and
network printers. I want these printers to be available to all three
networks.
4) I have a firewall/router (Endian) that has two permanent routes, one
pointing to the K12LTSP server, the other to the Edubuntu/Gutsy server.
5) I can ping/access any IP address within the K12LTSP network no problem,
but I'm still trying to figure out how to access IP addresses within the
Edubuntu network.
6) Last week, in an effort to grant access from within the Edubuntu
network to the rest of the network (which worked) I followed the NAT/Thin
Client How-To to enable ip forwarding AND ip masquerading, but I'm
wondering if masquerading is really what I want here since I want all
hosts to be transparent to each other; and I'm wondering if this is what
is screwing things up?

Any pointers?

Regards,
Tom Wolfe


On Wed, 21 Nov 2007, Oliver Grawert wrote:

> hi,
> On Di, 2007-11-20 at 12:52 -0500, Tom Wolfe wrote:
>> Hi,
>>
>> I'm trying to allow access from the eth1 subnet (external) to the eth0 subnet
>> (ineternal/Thin Client)
>>
>> I have a route set up on the external network (192.168.192.0/255.255.252.0) as
>> follows:
>>
>> route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.192.18
> additionaly you need to enable ip forwarding though echoing 1
> into /proc/sys/net/ipv4/ip_forward
> like:
>
> echo 1|sudo tee -a /proc/sys/net/ipv4/ip_forward
>
> ciao
> oli
>

--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 

Thread Tools




All times are GMT. The time now is 06:29 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org