[CentOS] OT: Setting a CentOS to gateway a private IP address

Tue Oct 21 19:02:36 UTC 2008
James B. Byrne <byrnejb at harte-lyne.ca>

This is mildly off topic since it has more to do with TCP/IP networking
than with CentOS per se.  However, at the risk of ruffling a few feathers
I would like some advice on how to resolve the following routing problem:

Given:
dual homed host running CentOS-5.2 with
eth0 = 2xx.yyy.zzz.23
eth1 = 192.168.219.1

and a Cisco gateway at 2xx.1xx.y7y.1 with the following networks:

interface FastEthernet0/1
 description connected to EthernetLAN
 ip address 10.0.0.1 255.0.0.0 secondary
 ip address 172.16.0.1 255.240.0.0 secondary
 ip address 192.168.71.1 255.255.255.0 secondary
 ip address 192.168.0.1 255.255.0.0 secondary
 ip address 2xx.yyy.zzz.1 255.255.255.0
 ip access-group 101 in
 ip inspect FastEthernet_0_1 in
 speed 100
 full-duplex
!
router rip
 version 2
 passive-interface FastEthernet0/0
 network 10.0.0.0
 network 172.16.0.0
 network 192.168.0.0
 network 2xx.yyy.zzz.0
 no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

and with the following routes on the CentOS host:

# route
Kernel IP routing table
Destination     Gateway       Genmask         Flags Metric Ref    Use Iface
192.168.219.0   *             255.255.255.0   U     0      0        0 eth1
2xx.yyy.zzz.0   *             255.255.255.0   U     0      0        0 eth0
169.254.0.0     *             255.255.0.0     U     0      0        0 eth1
default         gw-fibrewire  0.0.0.0         UG    0      0        0 eth0
# ip route
192.168.219.0/24 dev eth1  proto kernel  scope link  src 192.168.219.1
2xx.yyy.zzz.0/24 dev eth0  proto kernel  scope link  src 2xx.yyy.zzz.23
169.254.0.0/16 dev eth1  scope link
default via 2xx.yyy.zzz.1 dev eth0


The situation is this.

>From the host itself I can ping 192.168.218.102 on 192.168.219.0/24

>From any other host on 2xx.1xx.y7y.0/24 I can ping 192.168.219.1

>From any other host on 2xx.1xx.y7y.0/24 I cannot ping 192.168.219.102

What setup steps on the CentOS host have I overlooked or what
configuration errors have I committed?

As I am a digest subscriber please use "reply all" so that I get an
immediate copy of any replies.

Regards,

-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3