A Routing problem.. Please help? :-/
Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: A Routing problem.. Please help? :-/

  1. #1
    Junior Member
    Join Date
    Oct 2002
    Posts
    12

    A Routing problem.. Please help? :-/

    Hi!

    I don't know if this is the right place for the question I have, but it's related to a honeynet, so I take my chances.

    I have a router that's configured with two ethernet devices, one points to the Internet, and the other one to my network.

    The router config looks like this: (the ip-addresses are fake..)
    ----
    interface Ethernet0
    ip address 219.18.129.205 255.255.255.252
    half-duplex
    !
    interface FastEthernet0
    ip address 84.12.145.41 255.255.255.248
    speed auto
    half-duplex
    !
    ip default-gateway 219.18.129.206
    ip classless
    ip route 0.0.0.0 0.0.0.0 219.18.129.206
    ip route 84.12.145.40 255.255.255.248 FastEthernet0
    ip route 194.19.32.96 255.255.255.224 FastEthernet0
    ----
    And as you can see I have two public networks 84.12.x.x and 194.19.x.x, and I want to
    route both those network into my network (Fast0). And this seems to be working just fine.


    On the inside I have a Debian 2.4.18-x server with two network cards:

    eth0
    inet addr:84.12.145.43 Bcast:84.255.255.255 Mask:255.255.255.248

    eth1
    inet addr:194.19.32.97 Bcast:194.19.32.127 Mask:255.255.255.224


    The routing table looks like this:
    ----
    Destination Gateway Genmask Flags Metric Ref Use Iface
    84.12.145.40 0.0.0.0 255.255.255.248 U 0 0 0 eth0
    193.71.32.96 0.0.0.0 255.255.255.224 U 0 0 0 eth1
    0.0.0.0 84.12.145.41 0.0.0.0 UG 0 0 0 eth0
    ----


    And connected to eth1 I have another Debian server with one interface:

    eth0
    inet addr:194.19.32.98 Bcast:194.19.32.127 Mask:255.255.255.224


    And the routing table looks like this:
    ----
    Destination Gateway Genmask Flags Metric Ref Use Iface
    194.19.32.96 0.0.0.0 255.255.255.224 U 0 0 0 eth0
    127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
    0.0.0.0 194.19.32.97 0.0.0.0 UG 0 0 0 eth0
    ----

    I thought that this should work, but it doesn't. When I ping Debian server #2
    server (194.19.32.98) from Debian server #1 (194.19.32.97) it answers and everything
    looks fine. And it works fine the other way around as well.

    And if I try to ping eth0 (84.12.145.43) from Debian server #2 (194.19.32.98) I get
    an answer.

    But, if I try to ping the router (84.12.145.41) I get no answer.

    I have connected a hub between Debian server #1 and the router and I am trying to
    tcpdump/tethereal to find out what's happening.

    The ping goes through, but Debian server #1 (84.12.145.43) does not want to tell
    the router (84.12.145.41) where to find Debian server #2 (194.19.32.98).
    -----
    0.000000 194.19.32.98 -> 84.12.145.41 ICMP Echo (ping) request
    0.001085 00:14:d1:3f:4a:f1 -> ff:ff:ff:ff:ff:ff ARP Who has 194.19.32.98? Tell 84.12.145.41
    0.729126 00:14:d1:3f:4a:f1 -> 00:14:d1:3f:4a:f1 LOOP Loopback
    -----

    I suspect that I cannot see the forest because the trees are in my view, and that the
    Loopback message should tell me something. But, I am a blank.

    Does anyone have any suggestions? Please? I am going slightly mad.. (Blupp)

    Maybe I am attacking this the wrong way, and I appreciate any suggestion at this moment.

    Thanks!

    - Ole S -

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401

    Re: A Routing problem.. Please help? :-/

    Originally posted here by ostefan
    ip default-gateway 219.18.129.206
    ip classless
    ip route 0.0.0.0 0.0.0.0 219.18.129.206
    ip route 84.12.145.40 255.255.255.248 FastEthernet0
    ip route 194.19.32.96 255.255.255.224 FastEthernet0
    The ip route 84.12.145.40 255.255.255.248 FastEthernet0 isn't needed because it's a direcly connected network.

    What does a show route tell you on the router?

  3. #3
    Junior Member
    Join Date
    Oct 2002
    Posts
    12
    'show route' doesn't turn out anything.. Just blanks..

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Originally posted here by ostefan
    'show route' doesn't turn out anything.. Just blanks..
    Doh! It should be show ip route. My mistake

    It is a cisco router isn't it?

  5. #5
    Member
    Join Date
    Mar 2003
    Posts
    99
    You can put a secondary IP address on the FastE0
    Command
    ip address 194.19.32.xx 255.255.255.224 secondary

    This would allow you to route on the FastE0 interface

  6. #6
    Junior Member
    Join Date
    Oct 2002
    Posts
    12
    Eh.. I should have know too.. Sorry..

    Yes, a cisco 1721..

    Gateway of last resort is 217.8.129.206 to network 0.0.0.0

    84.12.0.0/29 is subnetted, 1 subnets
    C 81.12.145.40 is directly connected, FastEthernet0
    219.18.129.0/30 is subnetted, 1 subnets
    C 219.18.129.204 is directly connected, Ethernet0
    194.19.32.0/27 is subnetted, 1 subnets
    S 194.19.32.96 is directly connected, FastEthernet0
    S* 0.0.0.0/0 [1/0] via 219.18.129.206

  7. #7
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Originally posted here by d0ppelg@nger
    You can put a secondary IP address on the FastE0
    Command
    ip address 194.19.32.xx 255.255.255.224 secondary

    This would allow you to route on the FastE0 interface
    This should not be necessary. As long as all the ip addresses, netmasks and routes are correct.

  8. #8
    Junior Member
    Join Date
    Oct 2002
    Posts
    12
    And, that another question.. Do I really have to use a public ip-address on the interfaces that's against my network? I mean, shouldn't it be possible to route a network over another network? I.e Fast0 (on the router) 192.168.0.1/30, and on the Debian server #1 eth0 192.168.0.2/30? I thought that was possible, and I would save public ip-addresses..

  9. #9
    Member
    Join Date
    Mar 2003
    Posts
    99
    What's up with the BCast on this interface

    eth0
    inet addr:84.12.145.43 Bcast:84.255.255.255 Mask:255.255.255.248

  10. #10
    Junior Member
    Join Date
    Oct 2002
    Posts
    12
    And it looks like Debian Server #1 actually routest the ping to the router and that the router answers, but cannot find the route back to Debian server #2..

    And the MAC is know by Debian server #1. At least I can see it when I issue a arp -a command.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •