Routing problem on a Masquerading Firewall
Martijn Jacobs
martijn at fourdigits.nl
Wed Oct 5 18:27:07 CEST 2005
Hello!
I've setup tinc almost succesfully, but there is one problem remaining
with a routing issue.
Short Description of the situation :
Workstation A (192.168.1.3)
|
|
Tinc Host "50K" (192.168.1.1)
|
|
<Unknown Firewall>
+
+
+
<Masq Firewall (Linux)>
and Tinc Host "oeoe" (192.168.2.1)
|
|
Workstation B (192.168.2.3)
-
Tinc Host "50K" initiates the connection through the unkown firewall
-
All the hosts have the TCPOnly = yes configuration value
-
Connection is succesfull, the Masq firewall / Tinc Host "oeoe" can
connect(ping) to Tinc Host "50K" as well as to Workstation A.
-
Workstation A can connect (ping) to Masq firewall / Tinc Host "oeoe" as
well as to Workstation B. And Tinc Host "50K" is able to connect to
Workstation B
-
The problem : Workstation B cannot connect to Tinc Host "50K" nor to
Workstation A. It could be that the Workstation B packets are not
correctly routed, however : When I run both tinc daemons in debug mode,
I see packets logged, so the packets are arriving via the virtual
network. Because Workstation A can connect to Workstation B , routing
should be ok right? Has this something to do with the unknown firewall?
And if so, why are the packets then arriving on the other subnet (logged
in tincd debug mode)?
I've also tried to disable Masquerading on the Masquerading Firewall
"oeoe" without succes. And I've checked /proc/sys/net/ipv4/ip_forward.
I'm out of idea's, so If any of you guys have a suggestion what could be
wrong?
================
Routing table of Host "50K":
Destination Gateway Genmask Flags Metric Ref Use
Iface
10.0.0.0 * 255.255.255.0 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
192.168.0.0 * 255.255.0.0 U 0 0 0
fourdigits
default 10.0.0.254 0.0.0.0 UG 0 0 0 eth0
Routing table of Host "OEOE":
Destination Gateway Genmask Flags Metric Ref Use
Iface
10.0.0.0 * 255.255.255.0 U 0 0 0 eth1
192.168.2.0 * 255.255.255.0 U 0 0 0 eth1
82.161.58.0 * 255.255.254.0 U 0 0 0 eth0
192.168.0.0 * 255.255.0.0 U 0 0 0
fourdigits
default bbned-10k-07.ro 0.0.0.0 UG 0 0 0 eth0
Host "50K" tinc-up:
echo "1" > /proc/sys/net/ipv4/ip_forward
ifconfig $INTERFACE 192.168.1.1 netmask 255.255.0.0
Host "Oeoe" tinc-up :
ifconfig $INTERFACE 192.168.2.1 netmask 255.255.0.0
================
--
Martijn Jacobs
Four Digits, internet solutions
e-mail: martijn at fourdigits.nl | web: http://www.fourdigits.nl
tel: +31 (0)26 44 22 700 | fax: +31 (0)84 22 06 117
More information about the tinc
mailing list