[plug] Still not able to route to adsl

bob bob at fots.org.au
Sat May 1 19:48:42 WST 2004 

On Saturday 01 May 2004 19:18, Matt Kemner wrote:
> On Sat, 1 May 2004, quoth bob:
> > Ok, some success ! :). I can ping 192.168.1/24 from 192.168.0/24 (but
> > still can't see out when I set the ADSL as the default route)
>
> It's a good start :)

Yes, most promising after a frustrating couple of days :).

> > This is now sort of behaving like it can't resolve IPs outside the LAN
> > (once I change the default route to gw via 192.168.1.1). Some thing I
> > should mention is that I'm running a DNS on the gateway. Is there any
> > config-fu I should know ?
>
> Can you ping IPs? That will tell you if it's a DNS issue or something
> else.
>
> eg try pinging 202.72.177.62 (spark.plug.linux.org.au) from a .0.x host
>
> It may also be worth running "tcpdump -lnfi eth1 icmp" on your gateway to
> check the packets are going where they should. The same for eth0 and ppp0
> may help too, if the packets aren't going where you expect :)

I get traffic on eth1 

tcpdump gives stuff like
19:22:35.870650 192.168.0.111 > 202.72.177.62: icmp: echo request (DF)

Its stopping at the NB1300 (or going out and not returning -hard to say 
which, the leds on the NB1300 are not that informative)
(just checked... yes it does ping via ppp0 :)

Hmm... pinging the ADSL assigned IP from spark is VERY slow. I would have 
expected much better than min/avg/max = 1041.3/1595.5/2040.1 ms to a 
westnet IP#

> > Interesting... although I can ping 192.168.1.1  from 192.168.0/24 I
> > can't access the web config.
>
> That may be a security feature on the router - only allow access to the
> config from "local" hosts. "It's a feature, not a bug!" :)

Could be... though that may be a bit smarter than it actually is.

> > 'Sok. :). I'd still like to know how to definitively check for
> > masquerading/SNAT. Would doing both routing and SNAT be bad?
>
> iptables -t nat -vnxL
> look for -j SNAT or -j MASQUERADE

=================================
iptables -t nat -vnxL
Chain PREROUTING (policy ACCEPT 1248 packets, 82917 bytes)
    pkts      bytes target     prot opt in     out     source               
destination

Chain POSTROUTING (policy ACCEPT 653 packets, 39867 bytes)
    pkts      bytes target     prot opt in     out     source               
destination
      59     4468 MASQUERADE  all  --  *      ppp0    192.168.0.0/24       
0.0.0.0/0
      60     4560 MASQUERADE  all  --  *      ppp0    192.168.1.0/24       
0.0.0.0/0

Chain OUTPUT (policy ACCEPT 691 packets, 43085 bytes)
    pkts      bytes target     prot opt in     out     source               
destination
==============================

No  -j SNAT or -j MASQUERADE !?

Looks to me like 192.168.0.0/24 and 192.168.1.0/24 are masq'd out ppp0 
though (yes?)

> Regards,
>
>  - Matt

Thanks for following this up. Much appreciated.

-- 
I'm going to raise an issue and stick it in your ear.
		-- John Foreman

More information about the plug mailing list