I want to implement routing using fedora 14.
Okay, first let me explain the situation :

The following is how i arrange my computers -

[PC1]<=======>[ROUTER]<=======>[PC2]

And the following are the configuration -

PC1 : (Tiny Core Linux)
eth0 192.168.2.2/24 (netmask 255.255.255.0)

ROUTER (FC14)
eth0 192.168.2.1/24 (netmask 255.255.255.0)
eth1 192.168.4.1/24 (netmask 255.255.255.0)

PC2 (Tiny Core Linux)
eth0 192.168.4.2/24 (netmask 255.255.255.0)

On the ROUTER i have set the ip_forward=1 and eth0.proxy_arp=1 and eth1.proxy_arp=1
then i run the following command :

route add -net 192.168.2.0/24 gw 192.168.2.1 dev eth0
route add -net 192.168.4.0/24 gw 192.168.4.1 dev eth1

On PC1 i executed the following :

route add -net 192.168.4.0/24 gw 192.168.2.1 dev eth0

and for PC2 i run the following

route add -net 192.168.2.0/24 gw 192.168.4.1 dev eth0

after doing those things, i can't ping between PC1 and PC2... but both can ping the router...
i am not an expert, so what did i missed??
can anyone correct it?

Thanks in Advance

See if disabling the firewall makes it work:

su -
service iptables stop

Also try it without the router lines:

route add -net 192.168.2.0/24 gw 192.168.2.1 dev eth0
route add -net 192.168.4.0/24 gw 192.168.4.1 dev eth1

Because when you set the ip address and subnet mask on each interface the router routes packets that way by default.

See if disabling the firewall makes it work:

su -
service iptables stop


I have tried this already. But no luck.



Also try it without the router lines:

route add -net 192.168.2.0/24 gw 192.168.2.1 dev eth0
route add -net 192.168.4.0/24 gw 192.168.4.1 dev eth1



Not sure whether it's going to work. But i'll give it a try.



Because when you set the ip address and subnet mask on each interface the router routes packets that way by default.



Im not sure what did you meant by that. Did normal fedora configuration will forward the packet if there are no pre-set route ??

Thanks anyway for the help

I am not an expert in networking, but both of your computers are on different subnets. The easiest thing you could do would be to change one of the computer's IP address so that it is on the same subnet as the other.

what do you mean they was on different subnet? isn't the subnet mask already the same?

thanks anyway for your insight

I really haven't done it this way. Seems like the hard way to me. Easier to buy a wireless router with NAT, but if this will strain your budget, see if the following is any help.

http://www.fs-security.com/docs/connection-sharing.php

Here are a couple more articles that may help.
http://www.ubuntugeek.com/sharing-internet-connection-in-ubuntu.html
http://www.gyre.co.uk/help/broadband/connection_sharing.php

im still trying to make it using your given suggestion, i'll let you know if it work.
meanwhile if theres any other idea, i would happily welcome them

what do you mean they was on different subnet? isn't the subnet mask already the same?

thanks anyway for your insight

Yes, both subnet masks are the same, but subnet mask only spits the IP address into a subnet. For the PC with the IP 192.168.2.0, the subnet is 192.168.2 and the PC's address on this subnet is 2. For the one with 192.168.4.2, the subnet is 192.168.4 and the PC's address on this subnet is 2. So, you have two different subnets, 192.168.2 and 192.168.4. It is possible to connect the two subnets, but it would be a lot easier to put both PC's on the same subnet. If you change the one that is 192.168.4.2 to 192.168.2.3, then you would probably have better luck. With the same subnet mask, you could have IPs all the way up to 192.168.2.254 and they would all be on the same subnet.

Yes, both subnet masks are the same, but subnet mask only spits the IP address into a subnet. For the PC with the IP 192.168.2.0, the subnet is 192.168.2 and the PC's address on this subnet is 2. For the one with 192.168.4.2, the subnet is 192.168.4 and the PC's address on this subnet is 2. So, you have two different subnets, 192.168.2 and 192.168.4. It is possible to connect the two subnets, but it would be a lot easier to put both PC's on the same subnet. If you change the one that is 192.168.4.2 to 192.168.2.3, then you would probably have better luck. With the same subnet mask, you could have IPs all the way up to 192.168.2.254 and they would all be on the same subnet.

I see, but i'm afraid this wouldn't be called as routing. it is more like a Local Area Network configuration. My objective is to make 2 different network with same subnet to be able to communicate each other. and i don't want to use conventional routing device as sold in the market, because what i am doing was and assignment for my Data Communication and Networking subject. Formerly, i was able to do this using Window. but not in linux, yet

Most of the little bit of networking experience that I have is in Windows too. Does your assignment specify which IP addresses you have to use? If you have to use these addresses, you can also change the subnet masks to 255.255.31.0 and this would also put them both on the same subnet.

If you have to use the IPs and subnet masks that you have listed, then I would have to do some research to figure out how to do this.

Fortunately, my lecturer eased off on the IP. so i can choose any ip that i want. as long as the routing works. do you have any suggestion?

There were extra info, im really sorry i forgot to tell you guys about this -- im using virtual machines. PC1 and PC2 were the one who run as virtual machine. FYI, i used VirtualBox, and i've setup both VM to use host-only connection to the host (vboxnet adapter) so in my case, eth0 is actually vboxnet0 and eth1 is vboxnet1. and i didn't use virtualbox's NAT

"Im not sure what did you meant by that. Did normal fedora configuration will forward the packet if there are no pre-set route ??"

It will if you set net.ipv4.ip_forward = 1 in /etc/sysctl.conf and don't have a firewall rule blocking packet forwards. It would be more useful if you gave the actual commands you were issuing instead of saying "i have set the ip_forward=1 and eth0.proxy_arp=1 and eth1.proxy_arp=1"
because an error there could cause it to not forward packets.

It would be more useful if you gave the actual commands you were issuing instead of saying "i have set the ip_forward=1 and eth0.proxy_arp=1 and eth1.proxy_arp=1"
because an error there could cause it to not forward packets.
Sorry, my bad. Here goes the command i used:

sysctl net.ipv4.ip_forward=1 (actually i did change the value of /proc/sys/net/ipv4/ip_forward from 0 to 1 directly too, in addition to the previous command)

sysctl net.ipv4.conf.eth0.proxy_arp=1 (i think i made a mistake here but im not sure where)

sysctl net.ipv4.conf.eth1.proxy_arp=1 (i think i made a mistake here but im not sure where)

Guys, i've found the source of the problem, THE FIREWALL!!... :] the iptable script of ROUTER was too confusing, so i just disabled the firewall and everything works!.... Really, thanks guy for helping... I really appreciate all the helps. I hope later i can help other members in case like this...

what do you mean they was on different subnet? isn't the subnet mask already the same?

thanks anyway for your insight

Actually they are not on the same subnet. your 192.168.2.xx has 254 usable addresses and your 192.168.4.xx has another 254 usable address and they do not speak to each other without an interpretor like router RIP configuration or router OFPF configuration and yet another router configuration and that is EIGRP configuration.

your pc#1 should ping your router and your PC#2 also should ping the router but if you do not setup a router configuration the link between PC1 and PC2 will not work totally different "VLANs"

Guys, i've found the source of the problem, THE FIREWALL!!... :] the iptable script of ROUTER was too confusing, so i just disabled the firewall and everything works!.... Really, thanks guy for helping... I really appreciate all the helps. I hope later i can help other members in case like this...

Disabling your firewall is a very bad idea. You should be able to configure the firewall to allow the two subnets to talk to each other.

Actually they are not on the same subnet. your 192.168.2.xx has 254 usable addresses and your 192.168.4.xx has another 254 usable address and they do not speak to each other without an interpretor like router RIP configuration or router OFPF configuration and yet another router configuration and that is EIGRP configuration.

your pc#1 should ping your router and your PC#2 also should ping the router but if you do not setup a router configuration the link between PC1 and PC2 will not work totally different "VLANs"

Sorry this looks like a duplicate on one of your answers. I was also looking at my Cisco books to see if I can help you in that direction.

---------- Post added at 11:18 AM ---------- Previous post was at 09:43 AM ----------

Guys, i've found the source of the problem, THE FIREWALL!!... :] the iptable script of ROUTER was too confusing, so i just disabled the firewall and everything works!.... Really, thanks guy for helping... I really appreciate all the helps. I hope later i can help other members in case like this...

I have a question, Why don't you use something like untangle, smoothwall, m0n0wall or another OS that is configured to be a firewall / router to safeguard your systems within your network ?? It would be a lot easier to setup one of those?

I have a question, Why don't you use something like untangle, smoothwall, m0n0wall or another OS that is configured to be a firewall / router to safeguard your systems within your network ?? It would be a lot easier to setup one of those?



Disabling your firewall is a very bad idea. You should be able to configure the firewall to allow the two subnets to talk to each other.


I'm sorry about this, i am not yet to be expert in networking in linux. especially in working with iptables. but im in a stage of exploring it.