|
-
March 26th, 2003, 04:36 PM
#1
Junior Member
A Routing problem.. Please help? :-/
Hi!
I don't know if this is the right place for the question I have, but it's related to a honeynet, so I take my chances.
I have a router that's configured with two ethernet devices, one points to the Internet, and the other one to my network.
The router config looks like this: (the ip-addresses are fake..)
----
interface Ethernet0
ip address 219.18.129.205 255.255.255.252
half-duplex
!
interface FastEthernet0
ip address 84.12.145.41 255.255.255.248
speed auto
half-duplex
!
ip default-gateway 219.18.129.206
ip classless
ip route 0.0.0.0 0.0.0.0 219.18.129.206
ip route 84.12.145.40 255.255.255.248 FastEthernet0
ip route 194.19.32.96 255.255.255.224 FastEthernet0
----
And as you can see I have two public networks 84.12.x.x and 194.19.x.x, and I want to
route both those network into my network (Fast0). And this seems to be working just fine.
On the inside I have a Debian 2.4.18-x server with two network cards:
eth0
inet addr:84.12.145.43 Bcast:84.255.255.255 Mask:255.255.255.248
eth1
inet addr:194.19.32.97 Bcast:194.19.32.127 Mask:255.255.255.224
The routing table looks like this:
----
Destination Gateway Genmask Flags Metric Ref Use Iface
84.12.145.40 0.0.0.0 255.255.255.248 U 0 0 0 eth0
193.71.32.96 0.0.0.0 255.255.255.224 U 0 0 0 eth1
0.0.0.0 84.12.145.41 0.0.0.0 UG 0 0 0 eth0
----
And connected to eth1 I have another Debian server with one interface:
eth0
inet addr:194.19.32.98 Bcast:194.19.32.127 Mask:255.255.255.224
And the routing table looks like this:
----
Destination Gateway Genmask Flags Metric Ref Use Iface
194.19.32.96 0.0.0.0 255.255.255.224 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 194.19.32.97 0.0.0.0 UG 0 0 0 eth0
----
I thought that this should work, but it doesn't. When I ping Debian server #2
server (194.19.32.98) from Debian server #1 (194.19.32.97) it answers and everything
looks fine. And it works fine the other way around as well.
And if I try to ping eth0 (84.12.145.43) from Debian server #2 (194.19.32.98) I get
an answer.
But, if I try to ping the router (84.12.145.41) I get no answer.
I have connected a hub between Debian server #1 and the router and I am trying to
tcpdump/tethereal to find out what's happening.
The ping goes through, but Debian server #1 (84.12.145.43) does not want to tell
the router (84.12.145.41) where to find Debian server #2 (194.19.32.98).
-----
0.000000 194.19.32.98 -> 84.12.145.41 ICMP Echo (ping) request
0.001085 00:14:d1:3f:4a:f1 -> ff:ff:ff:ff:ff:ff ARP Who has 194.19.32.98? Tell 84.12.145.41
0.729126 00:14:d1:3f:4a:f1 -> 00:14:d1:3f:4a:f1 LOOP Loopback
-----
I suspect that I cannot see the forest because the trees are in my view, and that the
Loopback message should tell me something. But, I am a blank.
Does anyone have any suggestions? Please? I am going slightly mad.. (Blupp)
Maybe I am attacking this the wrong way, and I appreciate any suggestion at this moment.
Thanks!
- Ole S -
-
March 26th, 2003, 04:43 PM
#2
Re: A Routing problem.. Please help? :-/
Originally posted here by ostefan
ip default-gateway 219.18.129.206
ip classless
ip route 0.0.0.0 0.0.0.0 219.18.129.206
ip route 84.12.145.40 255.255.255.248 FastEthernet0
ip route 194.19.32.96 255.255.255.224 FastEthernet0
The ip route 84.12.145.40 255.255.255.248 FastEthernet0 isn't needed because it's a direcly connected network.
What does a show route tell you on the router?
-
March 26th, 2003, 04:54 PM
#3
Junior Member
'show route' doesn't turn out anything.. Just blanks..
-
March 26th, 2003, 04:56 PM
#4
Originally posted here by ostefan
'show route' doesn't turn out anything.. Just blanks..
Doh! It should be show ip route. My mistake 
It is a cisco router isn't it?
-
March 26th, 2003, 05:00 PM
#5
You can put a secondary IP address on the FastE0
Command
ip address 194.19.32.xx 255.255.255.224 secondary
This would allow you to route on the FastE0 interface
-
March 26th, 2003, 05:02 PM
#6
Junior Member
Eh.. I should have know too.. Sorry..
Yes, a cisco 1721..
Gateway of last resort is 217.8.129.206 to network 0.0.0.0
84.12.0.0/29 is subnetted, 1 subnets
C 81.12.145.40 is directly connected, FastEthernet0
219.18.129.0/30 is subnetted, 1 subnets
C 219.18.129.204 is directly connected, Ethernet0
194.19.32.0/27 is subnetted, 1 subnets
S 194.19.32.96 is directly connected, FastEthernet0
S* 0.0.0.0/0 [1/0] via 219.18.129.206
-
March 26th, 2003, 05:02 PM
#7
Originally posted here by d0ppelg@nger
You can put a secondary IP address on the FastE0
Command
ip address 194.19.32.xx 255.255.255.224 secondary
This would allow you to route on the FastE0 interface
This should not be necessary. As long as all the ip addresses, netmasks and routes are correct.
-
March 26th, 2003, 05:08 PM
#8
Junior Member
And, that another question.. Do I really have to use a public ip-address on the interfaces that's against my network? I mean, shouldn't it be possible to route a network over another network? I.e Fast0 (on the router) 192.168.0.1/30, and on the Debian server #1 eth0 192.168.0.2/30? I thought that was possible, and I would save public ip-addresses..
-
March 26th, 2003, 05:09 PM
#9
What's up with the BCast on this interface
eth0
inet addr:84.12.145.43 Bcast:84.255.255.255 Mask:255.255.255.248
-
March 26th, 2003, 05:11 PM
#10
Junior Member
And it looks like Debian Server #1 actually routest the ping to the router and that the router answers, but cannot find the route back to Debian server #2..
And the MAC is know by Debian server #1. At least I can see it when I issue a arp -a command.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote