1

Updated at the bottom

I'm using Centos as a router, and just replaced the routing system at work. I've got 2 routers to send data around. For the most part it's working. On one router I have 2 network ranges that are on the same nic (eth1). We have a server on one range, and anyone in the other cannot SSH to it. But, it can be pinged.

Here's a quick layout:

Internet Link:

eth0 - 192.168.144.50 (link between routers)
eth1 - 10.10.10.254 - 255.255.254.0 (10.10.10.x and 10.10.11.x ranges)
eth2 - internet

Router 2:

eth0 - 192.168.144.24 (link between routers)
eth1 - 98.0.0.1 & 10.98.0.1 ranges (yes, I know 98.0.0.0 is not for private use, this is a legacy setup that we haven't been able to remove yet)

Here is the ip route printout:

98.0.0.0/24 dev eth1  proto kernel  scope link  src 98.0.0.1
192.168.144.0/24 dev eth0  proto kernel  scope link  src 192.168.144.24
10.98.0.0/24 dev eth1  proto kernel  scope link  src 10.98.0.1
default via 192.168.144.50 dev eth0

The server is on 98.0.0.6. I have a laptop running on 10.98.0.165. I get a response from the command: ping 98.0.0.6. But, when I try to ssh to it, I get nothing. Through doing some tcpdump commands on my routers, I'm seeing that the packets for the ssh command are going from the laptop, to the internet router (192.168.144.50) and back to the correct router.

My iptables list is empty. You can see my ip route output above. Any ideas? I've been staring at this all day. The way I understand it, is that the router should send the packet back through eth1 for 98.0.0.6 to pick up. Thanks.

Edit: Scratched out the bouncing part. I realized that I was seeing ssh traffic from my ssh session into the router, and attributed it to my ssh request.

Update I separated my setup. Now 98.0.0.x is on eth1 and 10.98.0.x is on eth2. What I'm seeing isn't making much sense though.

When I ping the 98.0.0.6 server from my 10.98.0.165 laptop, I get a reply. The route it is taking is odd. It goes through the default route to 192.168.144.50 (internet router) and back through to 98.0.0.6. (tcpdump on eth0 of the internet router found this)

One tidbit. When I started the project, I was trying to do policy routing to make 2 internet providers work. Is there something related that could be doing this?

Here's my updated layout for the second router

eth0 - 192.168.144.24 (router link)
eth1 - 98.0.0.1 / 24
eth2 - 10.98.0.1 /24

and ip route show

98.0.0.0/24 dev eth1  proto kernel  scope link  src 98.0.0.1
192.168.144.0/24 dev eth0  proto kernel  scope link  src 192.168.144.24
10.98.0.0/24 dev eth2  proto kernel  scope link  src 10.98.0.1
default via 192.168.144.50 dev eth0
Improve this question

2 Answers 2

Reset to default
0

As you are telling like you are getting ping replies from server, then it might be possible that iptables rules applied on your server, so that the server dropping ssh connection.

If you are authorized to see the server iptables rule then check it. There would be a rule for dropping ssh connection.

Improve this answer
4
  • No, because people in the 98 range have no problem. Nor do we have issues connecting from the other router. Commented Feb 19, 2013 at 4:52
  • it might be possible they are dropping only input ssh connections.... Commented Feb 19, 2013 at 4:57
  • No. The iptables on this system are flushed at boot to make sure nothing like that happens. They are completely empty. Commented Feb 19, 2013 at 5:08
  • in fact, if I use the default rc.local script without flushing, nothing works correctly. Commented Feb 19, 2013 at 13:18
0

I found the answer. I added NAT to each nic:

iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE

Once I did this, everything started working correctly. Thanks everyone!

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.