Topic: SME v6.5 won't route!

[smacf]

I have two subnets on my network and I want SME to route between them.  I use another router for one subnet at 192.168.3.125.

From Configuration Review:

[Review configuration
Networking Parameters
Server Mode   servergateway
Local IP address / subnet mask   192.168.3.126/255.255.255.128
External IP address / subnet mask   24.xx7.xxx.xxx
Additional local networks   192.168.3.0/255.255.255.128
192.168.1.0/255.255.255.0 via 192.168.3.125
DHCP server   disabled
Server names
DNS server   192.168.3.126
<<truncated>>

from a windoze box on the 192.168.3.0 network trying to tracert to the router on the 192.168.1.0 network:

C:\Documents and Settings\Steven>tracert 192.168.1.253

Tracing route to 192.168.1.253 over a maximum of 30 hops

  1   <10 ms   <10 ms   <10 ms  SNAP [192.168.3.126]
  2     *        *        *     Request timed out.
  3     *        *        *     Request timed out.

ROUTE from SME:

[root@snap root]# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.3.0     *               255.255.255.128 U     0      0        0 eth0
24.117.148.0    *               255.255.255.0   U     0      0        0 eth1
192.168.1.0     string.9d8      255.255.255.0   UG    0      0        0 eth0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         24-xx7-xxx-x.cp 0.0.0.0         UG    0      0        0 eth1

Note: I was bothered that a hostname appeared (especially a made up one -- something like pc-00128) instead of an IP address for Gateway, so I made some entries in the host file.  Before I made the entries, traceroute from SME to a destination on the 192.168.1.0 network would get sent out over the eth1 interface to the public network!  Now they just '*' on me.

Here is what appears in my Hostnames and addresses table:

Hostname     Visibility     Location     Local IP     Global IP     Ethernet address     Action
ftp.9d8    Local    Self                   Modify    Remove
lentil.9d8    Local    Local    192.168.3.15         00:10:4b:ca:xx:xx   Modify    Remove
mail.9d8    Local    Self                   Modify    Remove
pot.9d8    Local    Local    192.168.3.3         00:90:27:fd:xx:xx    Modify    Remove
proxy.9d8    Local    Self                   Modify    Remove
snap.9d8    Local    Self                        
string.9d8    Local    Local    192.168.3.125         00:01:02:28:xx:xx    Modify    Remove
wpad.9d8    Local    Self                   Modify    Remove
www.9d8    Local    Self                   Modify    Remove

Any help would obviously be much welcomed, I have gone blind starring at this one.

Regards,

Steve

[CharlieBrady]

I have two subnets on my network and I want SME to route between them.  I use another router for one subnet at 192.168.3.125.
...
Local IP address / subnet mask   192.168.3.126/255.255.255.128

Why do you have such a strange subnet mask? I suspect that will be the root of your problem.

Note: I was bothered that a hostname appeared (especially a made up one -- something like pc-00128) instead of an IP address for Gateway, so I made some entries in the host file.

Adding entries to /etc/hosts is just likely to confuse us all.

Before I made the entries, traceroute from SME to a destination on the 192.168.1.0 network would get sent out over the eth1 interface to the public network!

Adding /etc/hosts entries is very unlikely to change the routing behaviour of your system.

[smacf]

Why do you have such a strange subnet mask? I suspect that will be the root of your problem.

I can change that if it will help.  Originally I had 192.168.3.0/255.255.255.128 and 192.168.3.128/255.255.255.128 but my other router didn't like that so I put one subnet off onto 192.168.1.0/255.255.255.0 and left the other one alone.

Adding /etc/hosts entries is very unlikely to change the routing behaviour of your system.

I didn't edit /etc/hosts directly, I used the web interface for SME. Strangely it did change the behavior somewhat.  Before changing the name, any packet from the 192.168.3.0 subnet bound for the 192.168.1.0 subnet was sent out over eth1 (instead of eth0).  Now I can't tell what is happening to them - progress, eh?

Thank you for the clarifying comments.  I'll move my 192.168.3.0 subnet to a full 255.255.255.0 one and try again.[/quote]

[CharlieBrady]

Local IP address / subnet mask   192.168.3.126/255.255.255.128
...
lentil.9d8    Local    Local    192.168.3.15         00:10:4b:ca:xx:xx   Modify    Remove
mail.9d8    Local    Self                   Modify    Remove
pot.9d8    Local    Local    192.168.3.3         00:90:27:fd:xx:xx    Modify    Remove

Note that because of the strange netmask you have that 192.168.3.15 and 192.168.3.3 are *not* on your local network. Hence any packets that the SME server has to send to those addresses will be sent via the default gateway.

Out of interest, why did you choose such an unusual netmask, rather than 255.255.255.0?

[smacf]

Ok, changed my network around, now here is my Review Configurtion:


Networking Parameters
Server Mode   servergateway
Local IP address / subnet mask   192.168.3.254/255.255.255.0
External IP address / subnet mask   24.xx7.x.xxx
Additional local networks   192.168.3.0/255.255.255.0
192.168.1.0/255.255.255.0 via 192.168.3.253
DHCP server   disabled
Server names
DNS server   192.168.3.254

And my SME box still won't pass traffic, from the 192.168.1.0 network, onto the internet.  The 192.168.3.0 network is fine (though it is the one the SME box is in.

I don't see any clues in /var/log/messages either...

I can ping 192.168.3.254 (SME Server) from 192.168.1.99 (WinXP box) but can't ping my ISP's DNS server from that same WinXP box - but I can from other machines (including the SME box on the 192.168.3.0 network.

Note that because of the strange netmask you have that 192.168.3.15 and 192.168.3.3 are *not* on your local network. Hence any packets that the SME server has to send to those addresses will be sent via the default gateway.

Out of interest, why did you choose such an unusual netmask, rather than 255.255.255.0?

Charlie - what I thought I was accomplishing was practicing the art of not using more than I needed.  I thought I could make two subnets out of my existing 192.168.3.0 network.  There were no pressing reasons to have done it this way but I am surprised it didn't work.  I had 192.168.3.0/255.255.255.128 with network address of 192.168.3.0 and broadcast at 192.168.3.127 and 192.168.3.128/255.255.255.128 with broadcast of 192.168.3.255.  I abandoned it when my cheapy 802.11x router (but with the nice time-control feature!) wouldn't support that funky subnet.  The rest of the network seemed fine with it - except, of course, the SME box.

Charlie - thank you for the explanation regarding why those packets were being sent to the internet.  I don't understand it (yet) but will endeavor to.

Regards,

Steve

[CharlieBrady]

And my SME box still won't pass traffic, from the 192.168.1.0 network, onto the internet.

Are you quite sure of that? Does it actually receive traffic destined for the Internet from the 192.168.1.0 network?

I can ping 192.168.3.254 (SME Server) from 192.168.1.99 (WinXP box) but can't ping my ISP's DNS server from that same WinXP box

The most likely cause of that is that the WinXP box is not routing via the SME Server. The WinXP box's default route must be the router, and the router's default route must be the SME Server.

Charlie - what I thought I was accomplishing was practicing the art of not using more than I needed.  I thought I could make two subnets out of my existing 192.168.3.0 network.

You can, but only if you really know what you are doing. You have no need to be so frugal with networks, so don't bother.