ping request not forwarded in one direction

Question

Edit: I solved my issue just as I was finishing this insanely long post. I had simply not enable ping reply in my windows firewall which is why I could not ping a computer on network 0 from network 1 or 2 (see below). And of course, when I tried to ping the internet router on network 0, it didn't work because I neglected to setup the non-default gateways on it like I did my windows.

So, I give you the 'right' way to setup a linux box as a simple gateway between subnets. Just remember to setup all your gateways on the clients correctly (simple rule: default gateway should be the route to the internet, then setup 1 gateway for every subnet attached to other gateways in your subnet.

I am creating a test network with an Ubuntu linux box connecting 3 subnets. Here is my topology:

               ***********************
               * Internet Router     *
               *    192.168.2.1      *
               ***********************
                         *                   ***************
                         *                   *  Client 0   *
                   ***************           *192.168.2.117*
                   * Switch      * * * * * * *  Windows    *
                   ***************           ***************
                         *                               
                         *  192.168.2.0/24 = Network 0
                         *
 Network 1         ***************        Network 2
192.168.1.0/24     *    eth0     *       10.25.0.0/16
       * * * * * * *             * * * * * * * 
      *            *eth1     eth2*           * 
      *            *             *           * 
      *            *             *           * 
*************      * Ubuntu Srvr *      *************
*192.168.1.5*      ***************      * 10.25.0.5 *
*           *                           *           *
* client 1  *                           * client 2  *
*           *                           *           *
*************                           *************

My ubuntu server's /etc/network/interfaces file is:

auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
    address 192.168.2.192
    network 192.168.2.0
    netmask 255.255.255.0
    broadcast 192.168.2.255
    gateway 192.168.2.1

# Subnet 1
auto eth1
iface eth1 inet static
    address 192.168.1.1
    network 192.168.1.0
    netmask 255.255.255.0
    broadcast 192.168.1.255

auto eth2
iface eth2 inet static
    address 10.25.0.1
    network 10.25.0.0
    netmask 255.255.0.0
    broadcast 10.25.255.255

I have uncommented net.ipv4.ip_forward=1 in /etc/sysctl.conf

I also ran the command echo 1 > /proc/sys/net/ipv4/ip_forward

Client 1's default gateway is 192.168.1.1

Client 2's default gateway is 10.25.0.1

Client 0 on network 0 has 3 gateways:

Default: 192.168.2.1 (internet router)
192.168.1.0/24: 192.168.2.192 (ubuntu eth0)
10.25.0.0/16: 192.168.2.192 (ubuntu eth0)

I am testing this setup with ping.

I can ping any computer on any network from network 0.
I can ping any computer on network 1 or 2 form network 1 or 2.
The problem is I cannot ping any computer on network 0 from network 1 or 2

Using iptraf, I see the ping req coming from, say, 192.168.1.5 to 192.168.2.117 on eth1

I don't, however, see a response.

... Just figured it out (see edit at beginning). If you made it this far, sorry to disappoint.

When you manage to figure out the problem yourself, you can feel free to answer your own question by clicking the Answer button below. (New users need to wait 8 hours before marking the answer as accepted, though.) Welcome to Server Fault! — Michael Hampton, Nov 28 '12 at 18:02
Yah, I tried that, but am twiddling my thumbs for the next 7 hours... — Peter Lieber, Nov 28 '12 at 18:03
+1 for a well phrased question and drawing. You seldom see them nowadays. — Sandokan, Nov 28 '12 at 18:03
I believe that restriction goes away at 10 reputation, so .. try it now. :) — Michael Hampton, Nov 28 '12 at 18:07

score 1 · Answer 1 · answered Nov 28 '12 at 18:08

I solved my issue just as I was finishing this insanely long post. I had simply not enable ping reply in my windows firewall which is why I could not ping a computer on network 0 from network 1 or 2 (see below). And of course, when I tried to ping the internet router on network 0, it didn't work because I neglected to setup the non-default gateways on it like I did my windows.

So, I give you the 'right' way to setup a linux box as a simple gateway between subnets. Just remember to setup all your gateways on the clients correctly (simple rule: default gateway should be the route to the internet, then setup 1 gateway for every subnet attached to other gateways in your subnet.

I was just coming here to suggest that you needed to check you had icmp allowed on all the devices. — J Baron, Nov 28 '12 at 20:00

ping request not forwarded in one direction

1 Answers1