[CentOS] Re: centos] OT: routing between eth0 and ppp0 WITHOUT NAT

James Pifer jep at obrien-pifer.com
Mon Mar 13 17:34:49 UTC 2006 

>  	/sbin/service iptables stop && /sbin/service iptables save
>  	/sbin/chkconfig iptables off
> 
> and then want to see the ip assignments and routes when you 
> think you have it runningL
> 
>  	netstat -rn
> 
> on the Linux side, and a statement of what the remote IP and 
> destination subnet and mask are.
> 
> Then, remember that tcpdump is a good friend -- some 
> techinques for use are toward the top of:
> 
>  	http://www.owlriver.com/tips/
> 
> in a mail context, but there is an ICMP example in there as 
> well which will help.

# cat /etc/sysctl.conf
kernel.sysrq=0
net.ipv4.ip_forward=1
net.ipv4.conf.default.accept_source_route=0
net.ipv4.conf.default.rp_filter=1
kernel.core_uses_pid=1

I have already tried disabling iptables, but when pptpclient makes the
connection it readds rules to iptables. I ran the commands you
suggested, I still have to manually go in and flush after pptpclient
runs.

The routes are there when I run netstat -rn.

Looking at tcpdump and how I should run it, but ehre's what I've tried
so far:

**** Try 1 ****
I tried running it with, host is the machine on my network initiating a
ping to something on the remote side, eth0 local interface on router:
tcpdump -i eth0 -nN -xX -s 1500 host 192.168.1.30

I can see in tcpdump that it gets the request, but no response ever
comes through.
****

**** Try 2 ****
Next, host is the machine on my network initiating a ping to something
on the remote side, ppp0 is VPN interface on router:
tcpdump -i ppp0 -nN -xX -s 1500 host 192.168.1.30

>From a client I try to ping something on the other side and I can see in
tcpdump that it gets the request, but no response ever comes through.
****

**** Try 3 ****
Next, host is the machine that I'm trying to ping on the remote side,
ppp0 is VPN interface on router:
tcpdump -i ppp0 -nN -xX -s 1500 host 10.96.10.1

>From a client I try to ping something on the other side and I can see in
tcpdump that it gets the request, but no response ever comes through.
****

Does this mean that the FC3 machine IS definitely routing from eth0 to
ppp0 and that the problem is the routing on the remote side? It's not
correctly routing back to my network?

Thanks,
James

More information about the CentOS mailing list