IP forwarding working in one direction only !?

IP forwarding working in one direction only !?

Post by Hugo Ha » Wed, 24 Feb 1999 04:00:00



Hi.

I have a problem with IP forwarding: packets are forwarded from eth1 to
eth0, but not from eth0 to eth1!

I have the following configuration: (all the machines are in the same
subnet, subnet mask 255.255.255.0)

                   x.20 ----- ( x.4 --- x.3 ) ----- x.5
                                   Linux
                   PC 1         eth0   eth1         PC 2

I configured my Linux with IP forwarding, firewalling, etc, enabled.

If I try to ping PC 1 from PC 2, here is what happens:

                           req             req
                        <-------     <-------
                   PC 1           Linux          PC 2
                        ------->
                          reply

I used "ipchains -I forward -j ACCEPT -l" to log what the firewall sees, and
I got:
Packet log: forward ACCEPT eth0 PROTO=1 10.0.63.5:8 10.0.63.20:0 L=64 S=0x00
I=43632 F=0x0000 T=63
but I did not see anything about the ICMP echo reply sent by PC 1.

Does anybody see what can be wrong? I'm including my configuration file below:
ifconfig lo 127.0.0.1
route add -net 127.0.0.0
IPADDR0=161.71.63.4
IPADDR1=161.71.63.3
NETMASK=255.255.255.0
NETWORK=161.71.63.0
BROADCAST=161.71.63.255
PC1=161.71.63.20
PC2=161.71.63.5
ifconfig eth0 ${IPADDR0} pointopoint ${PC1} netmask ${NETMASK} broadcast
${BROADCAST}
ifconfig eth1 ${IPADDR1} pointopoint ${PC2} netmask ${NETMASK} broadcast
${BROADCAST}
route add -host ${IPADDR0} metric 1 dev eth0
route add -host ${IPADDR1} metric 1 dev eth1
route add -host ${PC1} metric 1 dev eth0
route add -host ${PC2} metric 1 dev eth0
arp -i eth0 -Ds ${PC2} eth0 pub
arp -i eth1 -Ds ${PC1} eth1 pub
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
(it actually seems that ifconfig's pointopoint does not do anything with a
2.2 kernel)

which gives me the following routing table:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
161.71.63.5     *               255.255.255.255 UH    1      0        0 eth1
161.71.63.4     *               255.255.255.255 UH    1      0        0 eth0
161.71.63.20    *               255.255.255.255 UH    1      0        0 eth0
161.71.63.3     *               255.255.255.255 UH    1      0        0 eth1
localnet        *               255.255.255.0   U     0      0        0 eth0
localnet        *               255.255.255.0   U     0      0        0 eth1
(routes to localnet are added automatically, but removing the does not
change anything)

I'm sure I made a stupid mistake somewhere, but I can't see what is wrong.

Thank you for any help.

Hugo

--
Hugo Haas (http://www.via.ecp.fr/~hugo/)

 
 
 

1. IP forwarding is only good for port forwarding of only one IP ?

I have two IP from my provider ( or two web address) and only one isdn line.
With linux and only one IP, I can masquerade all my local network to use
only that one IP.
Perfect up to now.

Then I want to forward the other IP to a NT server inside my local network.
(like 2 company on the same network).

ipfwadm 2.30 with linux 2.0.36 can not do that, because nobody know how to
do it (I read a lot of HowTo).
or may be it's not possible with ipfwadm. All people think that nobody want
that.

is-it true ?

2. Something rong

3. Help ! IP Forwarding only works one way :(

4. Anyone selling basic cheap Linux boxes?

5. ip-forwarding in both directions, local net, firewall

6. What exactly is wrong with the AHA-2940UW? 'AIC errors'?

7. Challenging Problem: TCP/IP slow in one direction

8. timout in TCP SACK

9. one-direction IP tunnel

10. Samba works - in one direction

11. NFS mounts only work in one direction

12. Host to host NIC bonding works only in one direction

13. IP Accounting doesn't work for PPP dial-ins :-(( ??