Hi there I just had a data line installed between my home and the office. I''ve managed to connect the two sides successfully with ppp and the gateways on both sides can see each other. I want the hosts behind the gateways to see each other as well and although this is discussed in some howtos I couldn''t get this right and need some help with the routing. Here''s my setup: At home I have a 192.168.2.0 network and at the office I have a 192.168.1.0 network. The gateway at home is 192.168.2.10 and at the office it is 192.168.1.10. My routing table at home looks like this: Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.10 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.1.0 192.168.1.10 255.255.255.0 UG 0 0 0 ppp0 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0 My routing table at work looks like this: Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth1 192.168.2.10 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 196.x.y.51 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 196.x.y.48 0.0.0.0 255.255.255.240 U 0 0 0 eth0 192.168.2.0 192.168.2.10 255.255.255.0 UG 0 0 0 ppp0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 196.44.35.49 0.0.0.0 UG 0 0 0 eth0 Here eth0 is connected to my ISP and eth1 is connect to the local lan. Now if I am logged in at 192.168.1.10 (the gateway at the office) and try to ping a host behind the gateway at home (eg. 192.168.2.2) then it looks like the packets make it to that host but 192.168.2.2 cannot locate host 192.168.1.10 and can therefor not send the echo reply. 192.168.2.2 has 192.168.2.1 as gateway. Any ideas what might be wrong? -- Roché Compaan Upfront Systems http://www.upfrontsystems.co.za _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi Roch?!> I just had a data line installed between my home and the office. I''ve > managed to connect the two sides successfully with ppp and the gateways > on both sides can see each other. I want the hosts behind the > gateways to see each other as well and although this is discussed in > some howtos I couldn''t get this right and need some help with the > routing. > > Here''s my setup: > > At home I have a 192.168.2.0 network and at the office I have a > 192.168.1.0 network. > > The gateway at home is 192.168.2.10 and at the office it is > 192.168.1.10. > > My routing table at home looks like this: > > Destination Gateway Genmask Flags Metric Ref Use Iface > 192.168.1.10 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 > 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 > 192.168.1.0 192.168.1.10 255.255.255.0 UG 0 0 0 ppp0 > 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0You don''t need to add a route to get to 192.168.1.0/24 since you your default gw will route packets to that network anyway. You are also use 192.168.1.10 as a gateway to get onto the 1/24 network which won''t work (you can''t use a machine on the network which you want to reach as a gateway). You want to be using 192.168.2.10 as a gateway to get onto the 1/24 network. Also, you can use unnumbered ppp. Just do this: On your home gateway''s eth0 assign 192.168.2.10 and on your office''s side, assign 192.168.1.10 to eth1. Then use unnumbered ppp on both sides and make sure that ip forwarding is enabled on the office gw. On your office side, you''ll have pppd ... 192.168.1.10:192.168.2.10 and on your home side, you''ll have pppd ... defaultroute : Of course, you probably have /etc/ppp/* with the pon/poff scripts in which case you need to add above to your /etc/ppp/peers/* scripts -- Regards Abraham QOTD: "I used to jog, but the ice kept bouncing out of my glass." ___________________________________________________ Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks P.O. Box 3472, Matieland, Stellenbosch, 7602 Cell: +27 82 565 4451 Http: http://www.frogfoot.net Email: abz@frogfoot.net
On Sat, 30 Nov 2002 13:53:57 +0200 Abraham van der Merwe <abz@frogfoot.net> wrote: Thanks for the advice :-)> You don''t need to add a route to get to 192.168.1.0/24 since you your > default gw will route packets to that network anyway. You are also use > 192.168.1.10 as a gateway to get onto the 1/24 network which won''t > work (you can''t use a machine on the network which you want to reach > as a gateway). You want to be using 192.168.2.10 as a gateway to get > onto the 1/24 network.Mmm, thought I had something upside down.> > Also, you can use unnumbered ppp. Just do this: > > On your home gateway''s eth0 assign 192.168.2.10 and on your office''s > side, assign 192.168.1.10 to eth1. Then use unnumbered ppp on both > sides and make sure that ip forwarding is enabled on the office gw.I don''t quite follow how to set up unnumbered ppp. Should I just omit the local_ip:remote_ip in my ppp options file at home?> > On your office side, you''ll have > > pppd ... 192.168.1.10:192.168.2.10 > > and on your home side, you''ll have > > pppd ... defaultroute : > > Of course, you probably have /etc/ppp/* with the pon/poff scripts in > which case you need to add above to your /etc/ppp/peers/* scriptsAt the moment I have no scripts in place - I''m doing it manually to see what works and what I should eventually put in the scripts. I only have /etc/ppp/options on both sides. -- Roché Compaan Upfront Systems http://www.upfrontsystems.co.za _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi Roch?!> > On your home gateway''s eth0 assign 192.168.2.10 and on your office''s > > side, assign 192.168.1.10 to eth1. Then use unnumbered ppp on both > > sides and make sure that ip forwarding is enabled on the office gw. > > I don''t quite follow how to set up unnumbered ppp. Should I just omit > the local_ip:remote_ip in my ppp options file at home?That is correct. See, ppp is a point-to-point protocol, so traffic can only go in two directions anyway, so you can tell ppp not to use any kind of layer 3 routing and just send packets to the other side automatically. In Linux you do that by just specifying local_ip:remote_ip on the server side and : on the client side.> > Of course, you probably have /etc/ppp/* with the pon/poff scripts in > > which case you need to add above to your /etc/ppp/peers/* scripts > > At the moment I have no scripts in place - I''m doing it manually to see > what works and what I should eventually put in the scripts. I only have > /etc/ppp/options on both sides.Ok, so this (otoh so don''t blame me if it doesn''t work *g*) in your inittab should do the job: ------------< snip <------< snip <------< snip <------------ # At office S0:23:respawn:/usr/sbin/pppd /dev/ttyS0 115200 modem noauth crtscts persist \ 192.168.1.10:192.168.2.10 nodetach >>/var/log/leased.log # At home S0:23:respawn:/usr/sbin/pppd /dev/ttyS0 115200 noauth lock debug crtscts defaultroute persist nodetach >>/var/log/leased.log ------------< snip <------< snip <------< snip <------------ -- Regards Abraham A morsel of genuine history is a thing so rare as to be always valuable. -- Thomas Jefferson ___________________________________________________ Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks P.O. Box 3472, Matieland, Stellenbosch, 7602 Cell: +27 82 565 4451 Http: http://www.frogfoot.net Email: abz@frogfoot.net
Thanks for your help. I will try this later this afternoon and let you know. I think I understand a bit more about routing and networks now. On Sat, 30 Nov 2002 14:37:09 +0200 Abraham van der Merwe <abz@frogfoot.net> wrote:> Hi Roch?! > > > > On your home gateway''s eth0 assign 192.168.2.10 and on your office''s > > > side, assign 192.168.1.10 to eth1. Then use unnumbered ppp on both > > > sides and make sure that ip forwarding is enabled on the office gw. > > > > I don''t quite follow how to set up unnumbered ppp. Should I just omit > > the local_ip:remote_ip in my ppp options file at home? > > That is correct. See, ppp is a point-to-point protocol, so traffic can only > go in two directions anyway, so you can tell ppp not to use any kind of > layer 3 routing and just send packets to the other side automatically. > > In Linux you do that by just specifying local_ip:remote_ip on the server > side and : on the client side. > > > > Of course, you probably have /etc/ppp/* with the pon/poff scripts in > > > which case you need to add above to your /etc/ppp/peers/* scripts > > > > At the moment I have no scripts in place - I''m doing it manually to see > > what works and what I should eventually put in the scripts. I only have > > /etc/ppp/options on both sides. > > Ok, so this (otoh so don''t blame me if it doesn''t work *g*) in your inittab > should do the job: > > ------------< snip <------< snip <------< snip <------------ > # At office > S0:23:respawn:/usr/sbin/pppd /dev/ttyS0 115200 modem noauth crtscts persist \ > 192.168.1.10:192.168.2.10 nodetach >>/var/log/leased.log > > # At home > S0:23:respawn:/usr/sbin/pppd /dev/ttyS0 115200 noauth lock debug crtscts > defaultroute persist nodetach >>/var/log/leased.log > ------------< snip <------< snip <------< snip <------------ > > -- > > Regards > Abraham > > A morsel of genuine history is a thing so rare as to be always valuable. > -- Thomas Jefferson > > ___________________________________________________ > Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks > P.O. Box 3472, Matieland, Stellenbosch, 7602 > Cell: +27 82 565 4451 Http: http://www.frogfoot.net > Email: abz@frogfoot.net > >-- Roché Compaan Upfront Systems http://www.upfrontsystems.co.za _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi Abraham> Ok, so this (otoh so don''t blame me if it doesn''t work *g*) in your inittab > should do the job: > > ------------< snip <------< snip <------< snip <------------ > # At office > S0:23:respawn:/usr/sbin/pppd /dev/ttyS0 115200 modem noauth crtscts persist \ > 192.168.1.10:192.168.2.10 nodetach >>/var/log/leased.logInstead of re-assigning 192.168.1.10 to eth1 at the office I just set loc_ip:rem_ip in my ppp options to 192.168.1.1:192.168.2.1 because to many hosts already point to 192.168.1.1 as their gateway. I think this boils down to the same thing. This works partially. I have one host behind 192.168.2.1 (gateway at home) with the ip 192.168.2.2. I had to add a route to 192.168.1.1 (gateway at the office) before 192.168.2.2 could see 192.168.1.1: route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.1 So now 192.168.2.2 can see 192.168.1.1 as gateway, but the hosts on the 192.168.1.0 network at the office can''t reach the 192.168.2.0 network at home. I tried to ping 192.168.2.1 from 192.168.1.2 (a host behind the 192.168.1.1 gateway) and got no response so I investigated with tcpdump. On 192.168.1.1 the output of tcpdump -i eth1 is: 10:20:43.432529 < 192.168.1.2 > 192.168.2.1: icmp: echo request (DF) 10:20:44.432621 < 192.168.1.2 > 192.168.2.1: icmp: echo request (DF) 10:20:45.432556 < 192.168.1.2 > 192.168.2.1: icmp: echo request (DF) 10:20:46.432560 < 192.168.1.2 > 192.168.2.1: icmp: echo request (DF) So no "echo reply", then I did a tcpdump -i ppp0 to see if these packets actually reach the ppp device and they don''t. This is how the routing table at the office looks like now: Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth1 192.168.2.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 196.x.y.51 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 196.x.y.48 0.0.0.0 255.255.255.240 U 0 0 0 eth0 192.168.2.0 192.168.1.1 255.255.255.0 UG 0 0 0 ppp0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 196.44.35.49 0.0.0.0 UG 0 0 0 eth0 -- Roché Compaan Upfront Systems http://www.upfrontsystems.co.za _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Ignore me previous post, my firewall was toasting me ;-) -- Roché Compaan Upfront Systems http://www.upfrontsystems.co.za _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/