[MLB-WIRELESS] Routing Confusion!

David Ashburner d_ashburner at hotmail.com
Sat Jan 21 09:09:16 EST 2006


Hi Asela,

>From: "Asela Fernando"
>
>I've installed OpenWRT WhiteRussian RC4 on the R100, disabled the firewall,
>broke the bridge between the radio and the LAN ports and configured the WAN
>port.
Have you got IP forwarding configured?
cat /proc/net/ipv4/ip_forward should be 1
It may be that the init.d script that sets forwarding up is sopmeting you 
moved / disabled.
but more likely it's because other machines do not know that the R100 is a 
gateway between the two network segments.

>Until I hit this wall:
>A Computer connected to the R100 (via lan or radio), cannot communicate at
>all with a computer connected to the Wl500G, and vice versa.
>A Computer connected to the radio, cannot communicate with a computer on 
>the
>lan ports of the R100 and vice versa.
>This would be because each interface has different subnets.
>Now I just need to figure out how to route between them.
>
The problem is more likely not the router between the networks but the other 
machines oneither segment not knowing that the router is there.

ON your private LAN  the PC , Webserver etc. probably all use the WL500G as 
the default route.  They send packets to the 10.10.130.0 network to that 
machine for forwarding and it drops them ( or sends them down the cable 
connection) because it ddoes not know where the 10.10.x.x network is.

On your MW LAN ( the 10.10.130.0)  the machines you connect will probably 
have the R100 as the default route ( that's OK) so your ping etc.  gets 
routed to the destination machine but the response back gets lost.

>So I just need some step by step instructions to setup routes between the
>interfaces on the R100, and to get a firewall up to protect the WAN port of
>the R100 which links my home network to MW, setup DHCP to hand out IPs to
>clients connecting via the Senao and DNS and give access to port 80 on my
>webserver to people on MW.

Routing first.
Easiest thing to try is to set up a route entry on the WL500G so when it 
gets packets for 10.10.130.0 it knows where to send them.
first add the gateway machine to the table
route add -host 192.168.1.4  vlan1  <- or whatever the interface used for 
192.168.1.0 is
then add the network
route add -net 10.10.130.0 netmask 255.255.255.0  gw 192.168.1.4
then try to ping the 10.10.130.18 from the WL500G - that shoud now work
Other machines on your 192.168.1.0 network should also be able to 
communicate to the 10.,10.130.0 network. and vice versa.

Then the firewall.
Your set -up is exactly the same as mine ( well, I use 2 WRT54  ) . You 
could try the MW Router project hotspot package on the R100. It will set up 
yout iptables the way you need them and put in place the firewall between 
your MW (public) segment and your provate segment.

http://www.melbournewireless.org.au/wiki/?MWRPHotspot

I can walk you through installation and configuration, when you are ready to 
try it.

but not today - I'm off to the beach :)
cheers, dna





More information about the Melbwireless mailing list