Simple packet forwarding not working.

Post by NotExcessive » Tue Sep 27, 2011 3:33

Hi everyone.

I have a very simple experiment set up that for some reason isn't forwarding packets.

Here's the scenario:
On a subnet, say, I have several PCs. They can ping each other, and through a firewall ( they can access the Internet. Now, I take one of these machines (say and want to turn it into a router for an additional PC (let's call it the "remote" machine) which will be connected to it using a second NIC via a crossover ethernet cable.

In other words, the machine at connects to the existing network using eth0 with an address of, connects to the remote PC using eth1 with an address of say, and the remote machine has its NIC set to eth0 and


The routing table for the remote is set to use our router as the default gateway:

Code: Select all

netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface   U         0 0          0 eth0       UG        0 0          0 lo         UG        0 0          0 eth0
On the router ( /, ip forwarding is set:

Code: Select all

echo  1    >   /proc/sys/net/ipv4/ip_forward 
and the router has as its default gateway the firewall at which has a rule allowing ICMP packets from anywhere to anywhere.

Now, any machine on can ping any other, the router can ping the remote on, the remote can ping the router on or, but if I try and ping any of the other machines from the remote PC(eg or then nothing happens, not even an error message at the remote machine.

So I'm thinking I've left out something dumb and the router ( is not forwarding packets from the remote ( onto Either that or the firewall is blocking it, but I can't see how.

Can anybody point out what I've omitted? It's too simple not to work and it used to :)

Re: Simple packet forwarding not working.

Post by queria » Wed Oct 05, 2011 13:34

You had missed to add routing from your current network (10) to your new one (50).

So it should be enough to add it at your gw (firewall in this case),
something like:

Code: Select all

[email protected]# ip r add via

Code: Select all

[email protected]# route add -net gw
(Of course add it to your config files in proper form etc.)

Hope it helps ;)


