internet <-> gentoo pppoe <-> netgear <-> LAN? - Networking

This is a discussion on internet <-> gentoo pppoe <-> netgear <-> LAN? - Networking ; Hi, I need to be able to have access to my LAN from a gentoo box which sits behind a netgear router (WGR614v9). My problem is I can ping gentoo from the LAN but not the LAN from gentoo box. ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: internet <-> gentoo pppoe <-> netgear <-> LAN?

  1. internet <-> gentoo pppoe <-> netgear <-> LAN?

    Hi,
    I need to be able to have access to my LAN from a gentoo box which sits
    behind a netgear router (WGR614v9). My problem is I can ping gentoo from
    the LAN but not the LAN from gentoo box.


    Below is the routing table of the gentoo (sabayon) box:

    sabayonx86 ~ # ip route ls
    10.64.64.65 dev ppp1 proto kernel scope link src 77.112.225.xxx
    10.0.0.2 dev ppp0 proto kernel scope link src 10.0.0.1
    192.168.0.0/24 via 10.0.0.2 dev ppp0
    127.0.0.0/8 dev lo scope link
    default via 10.64.64.65 dev ppp1

    The ping doesn't go through.

    sabayonx86 ~ # ping 192.168.0.2 -c 1
    PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.

    --- 192.168.0.2 ping statistics ---
    1 packets transmitted, 0 received, 100% packet loss, time 0ms



    From the 192.168.0.2 host:
    C:\>ping 10.0.0.1 -n 1

    Pinging 10.0.0.1 with 32 bytes of data:

    Reply from 10.0.0.1: bytes=32 time=4ms TTL=63

    Ping statistics for 10.0.0.1:
    Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 4ms, Average = 4ms

    I infer thath the problem sits in the netgear router.
    Setting the 192.168.0.2 as the DMZ host doesn't help a bit.

    where to look for solutions?

    Thanks for any input
    Agryppa


  2. Re: internet <-> gentoo pppoe <-> netgear <-> LAN?

    Agryppa wrote:
    > Hi,
    > I need to be able to have access to my LAN from a gentoo box which sits
    > behind a netgear router (WGR614v9). My problem is I can ping gentoo from
    > the LAN but not the LAN from gentoo box.


    > Below is the routing table of the gentoo (sabayon) box:


    > sabayonx86 ~ # ip route ls
    > 10.64.64.65 dev ppp1 proto kernel scope link src 77.112.225.xxx


    It appears sabayonx86 makes the PPPoE connection.

    > 10.0.0.2 dev ppp0 proto kernel scope link src 10.0.0.1
    > 192.168.0.0/24 via 10.0.0.2 dev ppp0


    This looks like an attempt to do the impossible.

    Does 10.0.0.2 refer to the IP of the netgear ethernet interface connecting
    to sabayonx86 and 10.0.0.1 to the IP of the sabayonx86 ethernet interface
    connecting to the netgear, with the netgear connecting to a 192.168.0.0/24
    LAN via another interface? If so then traffic from the LAN to 10.0.0.1
    might be routed through the netgear to sabayonx86 and ping replies from
    sabayonx86 should go back out by the same path and get to the LAN.

    Bottom line, try removing the last two routes above and adding

    ip route add 192.168.0.0/24 via 10.0.0.2 dev ethN

    where ethN is the sabayonx86 ethernet interface connecting to the netgear.

    --
    Clifford Kite
    /* In my book, the first poster to resort to personal abuse in a Usenet
    debate loses by default. - Rod Smith */


  3. Re: internet <-> gentoo pppoe <-> netgear <-> LAN?

    Clifford Kite pisze:

    > ip route add 192.168.0.0/24 via 10.0.0.2 dev ethN
    >
    > where ethN is the sabayonx86 ethernet interface connecting to the netgear.
    >

    sabayonx86 ~ # ip route ls
    10.64.64.65 dev ppp1 proto kernel scope link src 77.113.82.xxx
    10.0.0.2 dev ppp0 proto kernel scope link src 10.0.0.1
    127.0.0.0/8 dev lo scope link
    default via 10.64.64.65 dev ppp1

    sabayonx86 ~ # ip route add 192.168.0.0/24 via 10.0.0.2 dev eth0
    RTNETLINK answers: No such process

    Hi thanks for your suggestions.

    The ppp1 interface is the window to the world, the internet.
    The ppp0 interface is a pppoe link between Netgear and the sabayonx86 box.
    internet <-> gentoo pppoe <--pppoe--> Netgear <--ethernet--> LAN

    So basicaly I cannot use eth0 in the ip route command as it has no IP
    assigned.

    Agryppa

  4. Re: internet <-> gentoo pppoe <-> netgear <-> LAN?

    Agryppa wrote:

    > Hi thanks for your suggestions.


    > The ppp1 interface is the window to the world, the internet.
    > The ppp0 interface is a pppoe link between Netgear and the sabayonx86 box.
    > internet <-> gentoo pppoe <--pppoe--> Netgear <--ethernet--> LAN


    Okay, then I screwed up big-time.

    Sabayonx86 connecting to an ISP with PPPoE and also connecting to the
    Netgear with PPPoE is something I've not seen before. So the Netgear
    negotiates a PPPoE connection with sabayonx86 and sabayonx86 negotiates
    another one with the ISP. That will take me some time to digest.

    > So basicaly I cannot use eth0 in the ip route command as it has no IP
    > assigned.


    Right. And you have you used

    ip route add 192.168.0.0/24 via 10.0.0.2 dev ppp0

    without success.

    So, at the not insignificant risk of further embarassment, what does
    "hostname -i" show for sabayonx86?

    Cheers-
    --
    Clifford Kite
    /* Speak softly and carry a sucker rod (See man syslogd, footnote to
    recommendation 5 under SECURITY THREATS). */

  5. Re: internet <-> gentoo pppoe <-> netgear <-> LAN?

    Clifford Kite pisze:

    > So, at the not insignificant risk of further embarassment, what does
    > "hostname -i" show for sabayonx86?
    >
    > Cheers-


    sabayonx86 ~ # hostname -i
    127.0.0.1



    The two pppoe connections that go out from sabayonx86 are nothing fancy
    really. ppp1 is an HDSPA 7.2Mb GSM modem connecting sabayonx86 to the Net.
    the other pppoe is there becasue the internet port on the Netgear box
    speaks just that protocol, and since the line to start pppoe is really
    simple I chose Netgear to have this type of connections.


    I thought i could enjoy XDMCP or other protocols between sabayonx86 and
    the LAN, but it seems a no go.

    Sabayon has this in the iptables:


    iptables -L

    Chain INPUT (policy ACCEPT 141K packets, 60M bytes)
    pkts bytes target prot opt in out source
    destination
    25 1200 DROP tcp -- ppp1 any anywhere
    anywhere tcp flags:FIN,SYN,RST,ACK/SYN

    Chain FORWARD (policy ACCEPT 760K packets, 574M bytes)
    pkts bytes target prot opt in out source
    destination

    Chain OUTPUT (policy ACCEPT 177K packets, 78M bytes)
    pkts bytes target prot opt in out source
    destination


    I don't think it blocks anything on the ppp0 interface, does it?

    Agryppa

  6. Re: internet <-> gentoo pppoe <-> netgear <-> LAN?

    Agryppa wrote:

    > The two pppoe connections that go out from sabayonx86 are nothing fancy
    > really. ppp1 is an HDSPA 7.2Mb GSM modem connecting sabayonx86 to the Net.
    > the other pppoe is there becasue the internet port on the Netgear box
    > speaks just that protocol, and since the line to start pppoe is really
    > simple I chose Netgear to have this type of connections.


    Okay, the arrangement must work - with the exception of your problem,
    even though it seems very unusual. The absence of other replies might
    indicate that others also think it unusual.

    > I thought i could enjoy XDMCP or other protocols between sabayonx86 and
    > the LAN, but it seems a no go.


    > Sabayon has this in the iptables:



    > iptables -L


    > Chain INPUT (policy ACCEPT 141K packets, 60M bytes)
    > pkts bytes target prot opt in out source
    > destination
    > 25 1200 DROP tcp -- ppp1 any anywhere
    > anywhere tcp flags:FIN,SYN,RST,ACK/SYN


    > Chain FORWARD (policy ACCEPT 760K packets, 574M bytes)
    > pkts bytes target prot opt in out source
    > destination


    > Chain OUTPUT (policy ACCEPT 177K packets, 78M bytes)
    > pkts bytes target prot opt in out source
    > destination



    > I don't think it blocks anything on the ppp0 interface, does it?


    No, all it blocks are incoming properly formed SYNs to sabayonx86, i.e.,
    attempts to initiate a TCP connection to sabayon from the Internet.

    Does the LAN have Internet access? If so then it appears to me that
    SNAT on the Netgear would be required which could be the reason the ping
    from sabayonx86 to a LAN host fails. But Netgear SNAT would seem to
    mean SNAT to 10.0.0.2 and that would require SNAT on sabayonx86 as well.

    Bottom line, evidently I don't know enough about networking in general,
    or about your setup, or both, to identify with certainty what is causing
    the ping failure.

    Good Luck-
    --
    Clifford Kite
    /* !(my email addresses): hostmaster@bulkemailco.com
    admin@x-echo.com */

+ Reply to Thread