Much more useful. As I recall from your prior message, the problem is that
a host on one LAN can reach all of the router's interfaces, but it cannot
reach other hosts on other LANs. For these purposes, "reach" means "ping".
I also seem to recall that the unsuccessful ping attempts fail silently,
not with an explicit error message. (If I have any of this summary wrong,
please correct me.)
First question: have you verified that what I wrote above is true on all 3
LANs? That is, can a host on each LAN ping both its own gateway address
(the router's address on that same LAN) -AND- the router's own other IP
addresses? If not, suspect either a cabling problem or a routing-table
problem on the host/LAN that can't do it.
Second question: once you have a pair of hosts, on different LANs, that can
pass the above tests, try pinging one from the other. Also try connecting
in some other way (say telnet) from one to the other. After you do, use
"ipchains -nvL" again to check the chains and see if the packet count in
the forward chain has changed from 0. If not, your kernel is not forwarding
the packets and you need to check that element of the router's
configuration. (The reason for trying telnet as well as ping is that the
router *may* be set not to forward ICMP packets but to forward TCP packets.)
At 08:19 AM 6/18/02 +0300, Rajiv S. Shah wrote:
>Thanks for trying to help me. I apologise for providing insufficient
>information.
>
>I am running Dachstein v1.02
>
>Kernel version (uname -a):
> Linux rtru1 2.2.19-3-LEAF #1 Sat Dec 1 12:15:05 CST 2001 i386
>unknown
>
>ip addr show:
> 1: lo: <LOOPBACK,UP> mtu 3924 qdisc noqueue
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 brd 127.255.255.255 scope global lo
> 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen
>100
> link/ether 00:48:54:1c:95:3a brd ff:ff:ff:ff:ff:ff
> inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
> 3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen
>100
> link/ether 00:48:54:1b:2a:c1 brd ff:ff:ff:ff:ff:ff
> inet 192.168.17.1/24 brd 192.168.17.255 scope global
>eth1
> 4: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen
>100
> link/ether 00:48:54:1c:98:74 brd ff:ff:ff:ff:ff:ff
> inet 192.168.0.4/24 brd 192.168.0.255 scope global eth2
>
>ip route show:
> 192.168.1.0/24 dev eth0 proto kernel scope link src
>192.168.1.2
> 192.168.17.0/24 dev eth1 proto kernel scope link src
>192.168.17.1
> 192.168.0.0/24 dev eth2 proto kernel scope link src
>192.168.0.4
> 192.168.16.0/24 via 192.168.0.4 dev eth2
>
>ipchains -nvL:
> Chain input (policy ACCEPT: 41 packets, 3278 bytes):
> Chain forward (policy ACCEPT: 0 packets, 0 bytes):
> Chain output (policy ACCEPT: 37 packets, 2712 bytes):
>
>I do not want any firewalling features, NAT'ing or MASQ'ing. I just
>want a simple router with 3 ethernet interfaces so I have set the
>following in network.conf:
>
> IPFWDING_KERNEL=YES
> IPALWAYSDEFRAG_KERNEL=NO
> DEF_IP_SPOOF=NO
> DEF_IP_KRNL_LOGMARTIANS=NO
> BRG_SWITCH=NO
> IPFILTER_SWITCH=none
>
>I hope this is a bit more useful.
--
-----------------------------------------------"Never tell me the
odds!"--------------
Ray Olszewski -- Han Solo
Palo Alto, California, USA [EMAIL PROTECTED]
-------------------------------------------------------------------------------------------
----------------------------------------------------------------------------
Bringing you mounds of caffeinated joy
>>> http://thinkgeek.com/sf <<<
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
