Simone Molendini wrote:
> when I ping from L2 to L1 or L3, everything it's OK.
>
> when I ping from L1 to L3 (or from L3 to L1), it doesn't work.
>
> Where do I wrong?
1. Have you enabled IP forwarding? It's disabled by default.
Try:
cat /proc/sys/net/ipv4/ip_forward
It will print "1" if forwarding is enabled and "0" if it isn't. You
can enable IP forwarding with:
echo 1 > /proc/sys/net/ipv4/ip_forward
You need to do this from your init scripts to enable forwarding
whenever the system boots. If you're using RedHat, I believe that
setting "FORWARD_IPV4=yes" in /etc/sysconfig/network will cause IP
forwarding to be enabled at boot time.
2. If IP forwarding is enabled, the next thing to check is that L1 and
L3 have the correct routing tables. Does L1 know that L2 is the
gateway to L3, and vice-versa? They (L1 and L3) can't figure this out
for themselves.
Your original post suggests that this isn't the case:
> # on L1
> route add X.223 eth0
> route add X.222 eth0
> route add X.149 eth0
Nope:
route add X.223 dev eth0
route add X.222 dev eth0 gw X.223
route add X.149 dev eth0 gw X.223
> # on L2
> route add X.158 eth1
> route add X.149 eth0
OK.
> # on L1
You mean L3, right?
> route add X.223 eth0
> route add X.222 eth0
> route add X.158 eth0
Again, nope:
route add X.222 dev eth0
route add X.223 dev eth0 gw X.222
route add X.158 dev eth0 gw X.222
BTW: if you have many hosts on each segment, you have to either:
1. Configure each host separately.
2. Run a routing daemon on each host.
3. Ensure that each host has a default gateway which has all of the
relevant routes, and rely on ICMP redirect messages.
4. Use proxy-ARP on L2 to make it transparent.
To try option 4, execute:
echo 1 > /proc/sys/net/ipv4/conf/all/proxy_arp
--
Glynn Clements <[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
