my second interface hme1 has a stange route

[chrispar]

Setting up my second interface to be in a DMZ, I find that I cannot ping the
router, snoop sees the packets leave, and from the router i cannot ping the
hme1....

Details :

ifconfig -a reports the following....

i/f ip netmask broadcast
--------------------------------------------------------------------
hme0: 192.168.1.5 255.255.255.0 192.168.1.255
hme1: 195.70.6.36 255.255.255.224 195.70.6.63
======================================


netstat -rn returns:

destination Gateway
--------------------------------------------------------------------
195.70.6.32 195.70.6.36 U hme1 --> Dont know where this comes from..
192.168.1.0 192.168.1.5 U hme0
224.0.0.0 192.168.1.5 U hme0
default 195.70.6.35 UG
127.0.0.1 127.0.0.1 UH lo0
===================================

Scenario:
As above if I ping the default router, (195.70.6.35, netmask 255.255.255.224)

I do not get an echo response, but through a snoop on hme1
I see the the traffic. after a while I get "No answer"

Now if I change the netmask, to be 255.255.255.0 I now ping,
immediatly I get back...

ICMP HOST UNREACHABLE ERROR

and the netstat -rn

195.70.6.0 195.70.6.36 U hme1
192.168.1.0 192.168.1.5 U hme0
224.0.0.0 192.168.1.5 U hme0
default 195.70.6.35 UG
127.0.0.1 127.0.0.1 UH lo0

So can anyone help, as I am pulling out my hair now !!!

Rgs

Chris

 

[SonGoku]

I dont know where does your router actually sits, but if you have your second interface configured inside a DMZ, it is quite normal that you cannot ping across (ICMP is usually blocked in the firewalls)

Hope this helps.

Marcos.

 

[chrispar]

Oh !!

I understand that, but why does nothing else seem to work.....

dns, mail, ssh...

Thx anyhow.. Hmmm !

Chris

 

[vkostovic]

Have you enabled IP forwarding?
If not you can do it with ndd command:
# ndd -set /dev/ip ip_forwarding 1

Vlad