Wow. I got a headache trying to follow all of those routes. Truly complicated stuff. Let's dig in!
> Site 1: 10.10.1.0 > eth0 10.10.1.40/24 > eth1 192.168.1.254/24 > > Destination Mask Gateway Dev > 0.0.0.0 0.0.0.0 10.10.1.254 eth0 (to internet) > 10.10.1.0 255.255.255.0 10.10.1.40 eth0 (wired interface) > 10.10.12.0 255.255.255.0 192.168.1.253 eth1 (wireless to site 2) > 10.10.13.0 255.255.255.0 192.168.1.253 eth1 (wireless to site 2) > 192.168.1.0 255.255.255.0 192.168.1.254 eth1 (wireless interface) > 192.168.2.0 255.255.255.0 192.168.1.253 eth1 (wireless to site 2) As a side note here, you can do some trimming down of routes pretty thoroughly. For example, the 10.10.12.x and 10.10.13.x can be condensed into 10.10.12.0 255.255.254.0 with a gateway of 192.168.1.253. Remember, the router only needs to know how to send to the next hop on the path; the next hop's job is to determine what to do with it. This is the same reasoning behind what Matt said regarding using a 0.0.0.0 gateway. With the subnet your worried about, there should be some hop in there between the site's individual router and that destination net that will examine the destination traffic and send it correctly. Sending stuff straight out the default gateway should work just fine as long as there's something between you and the Internet that can catch the traffic and redirect it (locally). In the one I pointed out, Site 2 is going to be doing all the work to determine where the IPs in those two /24s are going to be going. All Site 1 needs to know is how to get it to site two. If whatever has the 10.10.1.254 IP has routes for public IPs that are NOT destined for the general internet (and any devices it sends to also have those routes) shoving it out default gateway works. Now, you stated that the problem seems to be coming from trying to reach Site 3 from Site 1, yes? Site 1 sends traffic from - for example - 10.10.1.8 to a host on Site 3 at 10.10.13.20. Assuming 10.10.1.40 is Default Gateway for all hosts on 10.10.1.0/24 except for the 254 host. 10.10.1.8 -> 10.10.1.40 -> 192.168.1.253 -> 10.10.12.253 -> 192.168.2.253 -> 10.10.13.20. Response would be: 10.10.13.20 -> 10.10.13.254 -> 192.168.2.254 -> 10.10.12.254 -> 192.168.1.254 -> 10.10.1.8 Site 3 appears to be the problem, though without knowing for sure what the firewalling is doing there I can't say that the firewalling or the routing is actually the issue here. Check to make sure IP Forwarding is turned on as was suggested, and if it is, try adding a specific route for 10.10.1.0/24 pointing to 192.168.1.254 on Site 3. There's no real reason why it SHOULD work, but stranger things have happened before. The default routes your using in the later sites should do the job, and indeed do up until Site 3. It's possible that somewhere, somehow something got altered by accident routing wise, but it SHOULD show up in the routing tables (something like a 10.10.13.0 255.255.0.0 would REALLY confuse the routing...) in at least some form. This is an interesting problem (for me, at any rate, probably very frustrating to you) so I'll bang my head on it for a bit and see if I come up with anything interesting. -- George Metz Commercial Routing Engineer [EMAIL PROTECTED] "We know what deterrence was with 'mutually assured destruction' during the Cold War. But what is deterrence in information warfare?" -- Brigadier General Douglas Richardson, USAF, Commander - Space Warfare Center _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
