[Coco] OT: Networking problem
Aaron Wolfe
aawolfe at gmail.com
Mon Nov 26 19:42:56 EST 2012
On Mon, Nov 26, 2012 at 6:59 PM, Aaron Banerjee <spam_proof at verizon.net> wrote:
> This is a little off-topic, but is something people here probably have more
> experience with than I do.
>
> I'm trying to "partition" off my network into multiple networks (e.g. for
> experimental purposes/parental control/etc). I have a DSL modem and a
> router. I thought the following configuration would work, but it doesn't.
>
>
> ----
> | | <--------------------------> {other device with
> static 192.168.1.n IP}
> {internet} <-------> | | "1.2.168.1.x" network
> | | static IPs ----
> | | <--------------------------> | R |
> "192.168.0.y" network (using DCHP from router)
> ---- | O |
> DSL Modem | U |
> <------------> device 1
> 192.168.1.1 | T |
> <------------> device 2
> | E |
> <------------> device 3
> | R |
> ----
> 192.168.1.101 / 192.168.0.1
> netmask 255.255.0.0
>
> Sorry about the '80s era graphics, but I didn't want to have to attach a
> file -- and besides, I'm from the '80s era (at least when it comes to
> computers).
>
> 1. I'd like to have the device 1,2,3 be able to "ping" or summarily see the
> modem. I think this should work, but it doesn't. What did I do wrong (or
> not do right)?
>
> The router's address to its clients is 192.168.0.1. It is statically set to
> 192.168.1.101 for purposes of the modem (which doesn't use DCHP). The
> router then uses its own DCHP to doll out addresses to its client as it sees
> fit (in particular it starts with .100).
>
> For experimental purposes, I took down the firewall completely in order to
> eliminate that as a source of the problem. I'm getting a "no route to host"
> when I ping 192.168.1.1 from the devices on the "0" net (e.g. device 1, 2,
> or 3). I don't have "ping" blocked at the modem or router just for good
> measure, and don't think I'm masking out the "1". Even a few desperado
> attempts using DMZs didn't work, and eventually messed up my network until I
> could undo all that I had done.
>
> I'm obviously missing something very simple and elementary and will probably
> kick myself when someone points it out to me. I just haven't done this type
> of thing in a long while.
>
> Thanks in advance for your help.
>
> - Aaron
If I understand your diagram correctly, your netmask on the
192.168.0.0 network is wrong. It should be 24 bits ie 255.255.255.0,
not 16. By setting it to 255.255.0.0, you are telling your clients
in 192.168.0.x that they can directly reach *all* hosts on
192.168.X.X, while in truth they cannot and need to route for all
hosts except those on 192.168.0.x.
It's possible that is all you need to fix.
You did not mention whether your "router" is doing NAT. That changes
things quite a bit. Assuming it is a typical home router, it probably
is. That means that all requests from the 192.168.0.x network will be
translated to the 192.168.1.101 interface of the router as they travel
through. This eliminates the need for a specific route between
192.168.1 and 192.168.0 on the DSL modem, but it also means hosts in
192.168.1 will not be able to initiate communications with those in
192.168.0 unless you configure additional NAT rules (sometimes called
port forwarding). Maybe thats OK. the 0 folks will still be able to
initiate comm to any of the 1 folks, just not the other way around.
If your router is not doing NAT, then you will need to add one
additional route to the DSL modem to direct traffic from the 1 folks
to the 0 folks via 192.168.1.101 (the router's 1 side interface).
Another option would be static routes on the clients, in the case that
your DSL modem doesn't let you add static/manual routing.
hth
-Aaron also
More information about the Coco
mailing list