[ previous ] [ next ] [ threads ]
 
 From:  Fred Weston <fred dot weston at daytonawan dot com>
 To:  Christiaens Joachim <jchristi at oce dot be>
 Cc:  =?ISO-8859-1?Q?=27Kurt_Inge_Sm=E5dal=27?= <kurt at emsp dot no>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Connection between two networks..
 Date:  Mon, 29 Mar 2004 11:33:29 -0500
Christiaens Joachim wrote:

>>-----Original Message-----

>>Sent: maandag 29 maart 2004 14:49
>>To: m0n0wall at lists dot m0n0 dot ch
>>Subject: RE: [m0n0wall] Connection between two networks..
>>
>>
>>Hi.. 
>>    
>>
>>>your subnet masks are too long, you should have set 10.1.1.0/8 and
>>>10.2.1.0/8 for your 2 networks to ping each other
>>>
>>>or you could have chosen a B private class (eg: 172.16.1.0/16 and
>>>172.16.2.0/16)
>>>      
>>>
>>I don't think this is the problem, since I've got a static 
>>route from the 10.1.1.0/24 net to the 10.2.1.0/24 net ..
>>
>>---
>>Thanks,
>>Kurt Inge
>>
>>    
>>
>
>Subnetting if fine this way, only not done in classic classes, which is
>irrelevant at this moment.
>
>Static routes on hosts in BOTH networks (as a ping reply needs to find its
>way too) NEED to be put on the hosts, as your default gateway for these
>hosts is not the m0n0wall, which is the gateway to the other network.
>
>Try this:
>
>At the 10.1.1.12, set a route to 10.2.1.0/24 over gateway 10.1.1.200
>
>At the 10.2.1.x (some host on the 10.2.1.0/24 network), set a route to
>10.1.1.0/24 over gateway 10.2.1.200
>
>Try to ping 10.1.1.12 from 10.2.1.x and vice versa... it should work.
>
>On a sidenote:
>You should be aware of the strange behaviour it will cause if you would ever
>add routes at you default gateways, with no static routes on your hosts.
>Since the gateway will be on the local subnet of the hosts using these
>gateways, you will get this: 
>
>ping from 10.1.1.12 to 10.2.1.34 (sent packets)
>10.1.1.12(host-a) -->  10.1.1.1(gateway-a) --> 10.1.1.200(m0n0) -->
>10.2.1.34(host-b)
>
>ping from 10.1.1.12 to 10.2.1.34 (replied packets)
>10.2.1.34(host-b) -->  10.2.1.1(gateway-b) --> 10.2.1.200(m0n0) -->
>10.2.1.12(host-a)
>
>as you can see, the packets follow different routes from and to, which won't
>work (statefull packetfilter, someone correct me if I'm wrong)...
>
>Some Windows OS'es will 'learn' that the next hop is on the local subnet and
>create a static route (non-persistent) automatically, which makes it even
>more complicated when looking for the cause of a problem in this matter!
>
>Regards,
>Joachim
>
>
>-----------------------------------------------
>MISSION STATEMENT 
>-----------------------------------------------

>effectively by offering innovative print and document management products
>and services for professional environments.
>
>-----------------------------------------------
>DISCLAIMER 
>-----------------------------------------------
>This e-mail message and any attachment are intended for the sole use of the
>recipient(s) named above and may contain information which is confidential
>and/or protected by intellectual property rights.
>Any use of the information contained herein (including, but not limited to,
>total or partial reproduction, communication or distribution in any form) by
>other persons than the designated recipient(s) is prohibited.
>
>If you have received this e-mail in error, please notify the sender either
>by telephone (0032-2-729.48.11) or by e-mail and delete the material from
>any computer.
>Oce-Belgium/Oce-Interservices is nor responsible for the correct and
>complete transfer of the contents of the sent e-mail, neither for the
>receipt on due time.  This e-mail message does not bring about a contractual
>obligation for Oce-Belgium/Oce-Interservices.
>
>Thank you for your cooperation.
>
>For further information about Oce-Belgium/Oce-Interservices please see our
>website at www.oce.be
>
>-----------------------------------------------
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>  
>
I must have missed part of the network configuration description.  I 
thought both networks used m0n0wall as their default gateway, in which 
case no static routes would be needed.  If the hosts on either network 
gateway to something else, then they would either need a static route, 
or the device they gateway to would need a static route to the m0n0wall 
(this would allow for easier administration).  Sorry about that.