Re: Routing Problem on OpenServer 5.0.6

From: Simon Hobson (simonsnews_at_thehobsons.codotuk)
Date: 03/30/05

Next message: Tony Lawrence: "Re: Configuring speed for SCO OpenServer"
Previous message: NSM: "Configuring speed for SCO OpenServer"
In reply to: fernando.scheid_at_gmail.com: "Routing Problem on OpenServer 5.0.6"
Next in thread: fernando.scheid_at_gmail.com: "Re: Routing Problem on OpenServer 5.0.6"
Reply: fernando.scheid_at_gmail.com: "Re: Routing Problem on OpenServer 5.0.6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Wed, 30 Mar 2005 19:56:32 +0100

On Tue, 29 Mar 2005 20:52:48 +0100, fernando.scheid@gmail.com wrote
(in message <1112125968.333544.243040@f14g2000cwb.googlegroups.com>):

> Hi all,
>
> I have one big problem with routing.
>
> See my network diagram bellow:
>
>
> +---------------------------+------------------------------
> | |
> OSR506A ROUTER-A (Linux Box)
> 192.168.10.10 192.168.10.254
> |
> |
> |
> FRAME-RELAY
> |
> |
> |
> ROUTER-B (Linux Box)
> 192.168.13.254
> |
> +-----------------------+-----------------------------
> |
> |
> 192.168.13.1 (net0)
> OSR506B
> 129.168.100.1 (net1)
> |
> |
> +-------------- FDDI -----------+
> |
> |
> 192.168.100.2 (net1)
> OSR506C
> 129.12.130.3 (net0)
>
>
>> From host OSR506A i can ping to ROUTER-A, ROUTER-B, OSR506B (net0),
> OSR506B (net1), OSR506C (net0) and OSR506C (net1).
>
>
> Traceroute from OSR506A to OSR506C runs fine too.
>
> osr506a # traceroute 129.12.130.3
> traceroute to 129.12.130.3 (129.12.130.3), 30 hops max, 40 byte packets
> 1 192.168.10.254 (192.168.10.254) 0.481 ms 0.395 ms 0.001 ms
> 2 192.168.248.5 (192.168.248.5) 37.808 ms 39.336 ms 42.508 ms
> (WAN)
> 3 osr506b (192.168.13.1) 32.190 ms 27.678 ms 39.581 ms
> 4 osr506c (129.12.130.3) 33.296 ms 25.877 ms 43.831 ms
>
>
> But from host OSR506C i can not ping or traceroute to OSR506A.
>
> osr506c # traceroute 192.168.10.10
> traceroute to 192.168.10.10 (192.168.10.10), 30 hops max, 40 byte
> packets
> 1 osr506b-gw (192.168.100.1) 0.481 ms 0.377 ms 0.339 ms
> 2 * * *
> 3 * * *
> 4 * * *
> 5 * * *
> .. ... ... ...
> ... ... ... ...
>
>
> Running a tcpdump on ROUTER-B and starting a ping from OSR506C
> to ROUTER-B, no one package is displayed.
>
> My first conclusion is that OSR506B is not forwarding packages.
>
> The paramenters ipforwarding and ipsendredirects are set to 1
> at the file /etc/default/inet on both servers.
>
> The inconfig command show the same informations too.
>
>
> OSR506A route table:
>
> osr506a # netstat -nr
> Routing tables
> Destination Gateway Flags Refs Use Interface
> 127.0.0.1 127.0.0.1 UH 3 426105 lo0
> 129.12.130 192.168.10.254 UGS 0 34 net0
> 192.168.10 192.168.10.10 UC 1 0 net0
> 192.168.10.10 127.0.0.1 UGHS 5 572 lo0
> 192.168.13 192.168.10.254 UGS 3 102 net0
> 224 192.168.10.10 UCS 0 0 net0
>
>
> OSR506B route table:
>
> osr506b # netstat -nr
> Routing tables
> Destination Gateway Flags Refs Use Interface
> 127.0.0.1 127.0.0.1 UH 3 36341 lo0
> 129.12.130 192.168.100.2 UGS 1 32475 net1
> 192.168.10 192.168.13.254 UGS 8 236 net0
> 192.168.13 192.168.13.1 UC 1 0 net0
> 192.168.13.1 127.0.0.1 UGHS 4 49 lo0
> 192.168.100 192.168.100.1 UC 1 0 net1
> 192.168.100.1 127.0.0.1 UGHS 0 45 lo0
> 224 192.168.13.1 UCS 0 0 net0
>
>
> OSR506C route table:
>
> osr506c # netstat -nr
> Routing tables
> Destination Gateway Flags Refs Use Interface
> 127.0.0.1 127.0.0.1 UH 3 488 lo0
> 129.12.130 129.12.130.3 UC 1 0 net0
> 129.12.130.3 127.0.0.1 UGHS 4 26 lo0
> 192.168.10 192.168.100.1 UGS 0 18 net1
> 192.168.13 192.168.100.1 UGS 3 1 net1
> 192.168.100 192.168.100.2 UC 1 0 net1
> 192.168.100.2 127.0.0.1 UGHS 0 0 lo0
> 224 129.12.130.3 UCS 0 0 net0
>
>
> All servers have SCO OpenServer 5.0.6 with rs506a and all recomended
> patches applied.
>
> Any help will be apreciatted.

Your routing tables are incorrect

When you ping from osr506A to 129.12.130.3, there is a route in the osr506A
server (and the osr506B server/router) to the network 129.12.130.0. Also,
osr506C and osr506B both have routes back to the network 192.168.10.0.
Result: Pings work.

Now ping A from C. C (and B) both have routes to 192.168.10.0 - hence the
outgoing packet will arrive. osr506B replies and the reply arrives because
osr506B is directly connected to the net 192.168.100.0. However, osr506A
cannot reply because it has no route to 192.168.100.0 - and from the fact
that you don't see replies from the two Linux routers suggest that they too
are missing this route.

If you were to try "ping -S 192.12.130.3 192.168.10.10 on the osr506C machine
then it may work because the reply packets will be routed to the 192.12.130.3
address instead of the unroutable 192.168.100.2 address.

As you will now realise, it is 110% vital that all your routing tables are
correct.

Personally, I prefer to avoid routing tables in hosts as much as possible as
it is nearly always possible to do it all in the routers. Assuming that there
are no other networks involved, then you could simplify your routing tables
thus (leaving out the system inserted stuff for clarity) :

OSR506A route table:

Destination Gateway Flags Refs Use Interface
0.0.0.0 192.168.10.254

OSR506B route table:

osr506b # netstat -nr
Routing tables
Destination Gateway Flags Refs Use Interface
129.12.130 192.168.100.2 UGS 1 32475 net1
192.168.10 192.168.13.254 UGS 8 236 net0

OSR506C route table:

osr506c # netstat -nr
Routing tables
Destination Gateway Flags Refs Use Interface
0.0.0.0 129.168.100.1

This means that osr506A will send all traffic for non-local networks to the
router at 192.168.10.254 and need know nothing more about the route it takes.

Similarly, osr506C will send all non-local traffic via 129.168.100.1 and not
care about what route it takes after that.

Obviously, osr506B needs to know about the routes to all other networks as it
is a router itself. Similarly, the two Linux router must have full knowledge
of how to reach all networks.

As far as osr506A is concerned, it doesn't matter even if you have another
router on the 192.168.10.0 network - if the correct route for a packet isn't
via 192.168.10.254 then it will receive an ICMP-redirect message telling it
the correct route (assuming the routers are correctly configured).

Simon

Next message: Tony Lawrence: "Re: Configuring speed for SCO OpenServer"
Previous message: NSM: "Configuring speed for SCO OpenServer"
In reply to: fernando.scheid_at_gmail.com: "Routing Problem on OpenServer 5.0.6"
Next in thread: fernando.scheid_at_gmail.com: "Re: Routing Problem on OpenServer 5.0.6"
Reply: fernando.scheid_at_gmail.com: "Re: Routing Problem on OpenServer 5.0.6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Re: Second ISP
... make sure that the second ISP router does not have a better default ... All of this can be done with show ip route ... Does this require a routing ... but I would recommend a routing protocol. ...
(comp.dcom.sys.cisco)
Re: Adding site to Domain, question about configuring before deploy
... > each of our sites use a separate class c network. ... > controlled through routing tables on our cisco routers. ... but you may also dispense with the router if you ... router unless you are a real VPC expert. ...
(microsoft.public.win2000.active_directory)
Re: [SLE] connection redundancy
... which is the router just this side of the ... >>because it's own gateway is still up. ... You'll also need three network cards to put into this Linux box. ... your internal LAN can route packets to the Internet. ...
(SuSE)
Re: Connecting two lans
... compatible with the IPs being provided by the other router. ... This creates a single network. ... The Network A computer has a routing table thus: ... modem acting as a DNS server proxy, after enabling DNS, you would enter ...
(microsoft.public.windowsxp.network_web)
Re: yet another vpn/routing question
... Route and that is the way it is supposed to look. ... RRAS and the problem has nothing to do with the Routing table. ... network is a single subnet private network, ... > with a internal network Nic and a Nic with Internet? ...
(microsoft.public.windows.server.networking)