headers
Ketil Froyn | 1 May 2003 11:04

Re: Routing Issue?

If you are running linux, make sure you have this on the routing boxes:

# echo 1 > /proc/sys/net/ipv4/ip_forward

and/or

# grep FORWARD_IPV4 /etc/sysconfig/network
FORWARD_IPV4="yes"

and/or

# grep ipv4.ip_forward /etc/sysctl.conf
net.ipv4.ip_forward = 1

They all do the same, but the first will only last until you 
reboot/restart networking, and I don't know which of the other will take 
precedence.

Ketil Froyn
ketil <at> froyn.name
http://ketil.froyn.name/

On Wed, 30 Apr 2003, xvx wrote:

> Hello there,
> 
> 	Im using OpenVPN 1.3.2 from source.  I have a problem where i can
> ping back and forth to the tun's ip address, I can also ping the
> interfaces I setup for the route on the internal lan. But then i cant ping
> anything on the other side. ie
> 
> 	tun interface
> 
> 	10.4.0.1 <=======> 10.4.0.2
> 	i can ping back and forth
> 
> 	internal interfaces
> 
> 	192.168.1.1 <=======> 10.90.10.3
> 	i can ping back and forth
> 
> 	192.168.1.1 <xxxxxxx> 10.90.10.1
> 	i cant ping
> 
> 	192.168.1.254 <xxxxxxx> 10.90.10.3
> 	i cant ping
> 
> My routing table is as so
> 
> 192.168.1.1
> 
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> 10.4.0.2        *               255.255.255.255 UH    0      0        0 tun1
> 192.168.1.0     *               255.255.255.0   U     0      0        0 eth1
> 10.90.10.0      10.4.0.2        255.255.255.0   UG    0      0        0 tun1
> loopback        *               255.0.0.0       U     0      0        0 lo
> 
> 10.90.10.0
> 
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 10.4.0.1        *               255.255.255.255 UH    0      0        0 tun0
> 192.168.1.0     10.4.0.1        255.255.255.0   UG    0      0        0 tun0
> 10.90.10.0      *               255.255.255.0   U     0      0        0 eth1
> loopback        *               255.0.0.0       U     0      0        0 lo
> 
> /proc/sys/net/ipv4/ip_forward is set to one
> 
> One of them is running a firewall, but i see no errors being dropped to
> log, I can also ssh from one to the other over the tunnel.  When i
> traceroute from one end to the other it looks like
> 
> traceroute to 10.90.10.1 (10.90.10.1), 30 hops max, 38 byte packets
>  1  10.4.0.2 (10.4.0.2)  52.231 ms  45.279 ms  45.166 ms
>  2  * * *
>  3  * * *
>  ...
>  30 * * *
> 
> and on the other end
> 
> traceroute to 192.168.1.1 (192.168.1.1), 30 hops max, 38 byte packets
>  1  10.4.0.1 (10.4.0.1)  27.183 ms  22.182 ms  22.701 ms
>  2  * * *
>  ...
>  30 * * *
> 
> Each machine has its own IP directly on the Internet, no NATS, and the
> internal interfaces.
> 
> If you could help me out I would greatly appreciate the help.
> 
> Thank you,
> 
> Sean
> 
> 
> 
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users <at> lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
> 

-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
Permalink | Reply |

Gmane