[plug] Still not able to route to adsl

Matt Kemner zombie at penguincare.com.au
Sat May 1 16:59:32 WST 2004 

On Sat, 1 May 2004, quoth bob:

> ADSL (NB1300+4)
>         |
>         eth1 (192.168.1.x dhcp'd from ADSL)
> Gateway/firewall  (debian)
>         eth0 (192.168.0.x)
>         |
> hosts on LAN
>
> I can not ping  ADSL from "hosts on LAN". I can ping  ADSL from
> Gateway/firewall.

Does the ADSL router have a route to 192.168.0.0/24 via the debian
gateway?

Alternatively, does the debian gateway masquerade (NAT) packets from
192.168.0.0/24 so the ADSL gateway sees them as 192.168.1.x packets?

You'll need to do one of those two, or else you won't see reply packets
from the internet because the ADSL router doesn't know where to find you.

You'll also need to ensure IP forwarding is on
(echo 1 > /proc/sys/net/ipv4/ip_forward)

> Yes, there is an iptables firewall... I tried an iptables -clear to see if
> that got rid of the problem... nope - don't worry, I remembered to restore
> it :).

If there is a firewall, make sure it allows packets to flow between eth0
and eth1, and SNATs them if required. (see above)

> I have tried every setting on the ADSL that looks halfway sensible without
> success. I have set routes to 192.168.0/24 on the device, I have tried both
> static and dhcp IP#s on the Gateway/firewall eth1 (dhcp was suggested as a
> possible solution).

What I would do:

Set eth1 to a static IP (eg 192.168.1.2) and make sure there is a route on
the ADSL router for 192.168.0.0/24 via that IP (192.168.1.2)

Then you should be able to ping the ADSL router from the 192.168.0.0/24
network. If you can't do that, check your firewall (clear it if need be,
and make sure the policy on the builtin rules are ACCEPT)  and
ensure ip_forwarding is on.

> I have set default routes on the Gateway/firewall to the ADSL 192.168.1/24
> addr, to the assigned ISP for the ADSL and to the ISP's gateway addr. None
> made any difference.

The default route on the Debian gateway must be the ADSL router IP
(192.168.1.1 or whatever)

and the default routes on your 192.168.0.x machines must be eth0's IP
address.

> (what's the point of buying a router in that case?)

My ever-so-humble opinion is.. why buy a router at all when you have a
perfectly good Linux box, which can do anything even a high-end router can
(albeit in software, not in hardware which the really expensive ciscos can
do)

> [1] note to self: Two default routes + restarting networking = kernel panic

As Cameron said, that should not happen.

Regards,

 - Matt

More information about the plug mailing list