I have a very simple experiment set up that for some reason isn't forwarding packets.
Here's the scenario:
On a subnet, say 192.168.10.0/24, I have several PCs. They can ping each other, and through a firewall (192.168.10.1) they can access the Internet. Now, I take one of these machines (say 192.168.10.10) and want to turn it into a router for an additional PC (let's call it the "remote" machine) which will be connected to it using a second NIC via a crossover ethernet cable.
In other words, the machine at 192.168.10.10 connects to the existing network using eth0 with an address of 192.168.10.10, connects to the remote PC using eth1 with an address of say 192.168.50.1, and the remote machine has its NIC set to eth0 and 192.168.50.2.
[network 192.168.10.0/24]-------eth0 192.168.10.10[router]eth1 192.168.50.1---------eth0 192.168.50.2[remote]
The routing table for the remote is set to use our router as the default gateway:
- Code: Select all
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.50.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo
0.0.0.0 192.168.50.1 0.0.0.0 UG 0 0 0 eth0
On the router (192.168.10.10 /192.168.50.1), ip forwarding is set:
- Code: Select all
echo 1 > /proc/sys/net/ipv4/ip_forward
and the router has as its default gateway the firewall at 192.168.10.1 which has a rule allowing ICMP packets from anywhere to anywhere.
Now, any machine on 192.168.10.0/24 can ping any other, the router can ping the remote on 192.168.50.2, the remote can ping the router on 192.168.50.1 or 192.168.10.10, but if I try and ping any of the other machines from the remote PC(eg 192.168.10.1 or 192.168.10.5) then nothing happens, not even an error message at the remote machine.
So I'm thinking I've left out something dumb and the router (192.168.10.10) is not forwarding packets from the remote (192.168.50.2) onto 192.168.10.0/24. Either that or the firewall is blocking it, but I can't see how.
Can anybody point out what I've omitted? It's too simple not to work and it used to