Re: [44net] on4hu on line

Hello André, You currently have your default route set to your VDSL router. Since this router does not know amprnet the outbound traffic is still send and blackholed to the internet. You have 2 options: 1) If you only want to make the box reachable from amprnet (44.x.x.x) you can add a static route: Destination: 44.0.0.0/8 Gateway: 44.144.11.129 This can be done with eg the command: route add -net 44.0.0.0/8 gw 44.144.11.129 Please beware that this command does not persist a reboot. Please consult the documentation of your linux distribution to find out how to add persistent static routes. 2) If you want the make the box reachable from amprnet and the public internet on its 44.144.11.136 address, you need to change the default gateway. Since we advertise 44.144 via BGP to the internet you can then use the 44.144.11.136 address instead of on4hu.dyndns.org for access from the internet. BEWARE: As stated before you are advised to put a firewall in place to only open needed ports to the public internet !!!! This can be done with eg the commands: route del default route add default gw 44.144.11.129 Please beware that this command does not persist a reboot. Please consult the documentation of your linux distribution to find out how to change the default gateway. 73s Robbie ON4SAX On Thu, Jan 16, 2014 at 9:04 PM, on4hu &lt;on4hu.0(a)gmail.com&gt; wrote: > (Please trim inclusions from previous messages) > _______________________________________________ > Robies below my table wheel, what should I do to make as gateway > 44.144.11.129 > > <http://www.google.com/url?source=transpromo&rs=rsmf&q=http://translate.google.com/globalmarketfinder/%3Flocale%3Dfr> > [root@localhost on4hu]# route -n > Table de routage IP du noyau > Destination Passerelle Genmask Indic Metric Ref Use Iface > 0.0.0.0 192.168.1.1 0.0.0.0 UG 10 0 0 eth1 > 44.144.11.128 0.0.0.0 255.255.255.240 U 10 0 0 eth0 > 169.254.0.0 0.0.0.0 255.255.0.0 U 10 0 0 eth1 > 169.254.0.0 0.0.0.0 255.255.0.0 U 10 0 0 eth0 > 192.168.1.0 0.0.0.0 255.255.255.0 U 10 0 0 eth1 > [root@localhost on4hu]# > [root@localhost on4hu]# arp -n > Address HWtype HWaddress Flags Mask > Iface > 44.144.11.129 ether d4:ca:6d:b6:c6:87 C > eth0 > 192.168.1.1 ether 1c:df:0f:e5:10:d6 C > eth1 > 192.168.1.4 ether 00:26:2d:2b:7e:62 C > eth1 > 192.168.1.2 ether 00:24:21:52:81:22 C > eth1 > [root@localhost on4hu]# > > André ON4HU > > > Le 16/01/14 20:08, Robbie De Lise a écrit : > >> (Please trim inclusions from previous messages) >> _______________________________________________ >> Dear Andre, >> >> I have fixed the configuration for you: >> >> [robbie@on4hu] /ip route> set 0 gateway=44.144.4.1 >> [robbie@on4hu] /ip route> enable 0 >> [robbie@on4hu] /ip route> pr detail >> Flags: X - disabled, A - active, D - dynamic, >> C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, >> B - blackhole, U - unreachable, P - prohibit >> 0 A S dst-address=0.0.0.0/0 gateway=44.144.4.1 >> gateway-status=44.144.4.1 reachable via ovpn-adc >> distance=1 scope=30 target-scope=10 routing-mark=via_amprnet >> >> 1 ADS dst-address=0.0.0.0/0 gateway=192.168.1.1 >> gateway-status=192.168.1.1 reachable via ether1-gateway >> distance=1 scope=30 target-scope=10 vrf-interface=ether1-gateway >> >> 2 ADC dst-address=44.144.4.0/24 pref-src=44.144.4.2 gateway=ovpn-adc >> gateway-status=ovpn-adc reachable >> distance=0 scope=10 >> >> 3 ADC dst-address=44.144.11.128/28 pref-src=44.144.11.129 >> gateway=bridge-local >> gateway-status=bridge-local reachable distance=0 scope=10 >> >> 4 ADC dst-address=192.168.1.0/24 pref-src=192.168.1.100 >> gateway=ether1-gateway >> gateway-status=ether1-gateway reachable distance=0 scope=10 >> >> I am now able to ping your router on 44.144.11.129 and 44.144.4.2 >> However still not able to ping or access 44.144.11.136 >> >> Are you sure you have set the default gateway on this machine to >> 44.144.11.129 ? >> >> 73s >> Robbie >> >> >> >> >> On Thu, Jan 16, 2014 at 7:44 PM, on4hu &lt;on4hu.0(a)gmail.com&gt; wrote: >>> >>> (Please trim inclusions from previous messages) >>> _______________________________________________ >>> hello Robbie >>> I did absolutely nothing changed, I sent you an email on this subject, >>> which >>> you probably have not answered for lack of time >>> I feel that the restoration on this router does not restore anything, >>> I'll >>> still make a new backup for you as I had already report without >>> documentation in my native language I am unable to change anything and I >>> do >>> not touch >>> can you confirm me about the backup otherwise how?? >>> is what I am connectable or not ... that is the question Robbies >>> 73s >>> André ON4HU >>> >>> Le 16/01/14 19:20, Robbie De Lise a écrit : >>> >>>> (Please trim inclusions from previous messages) >>>> _______________________________________________ >>>> Dear Andre, >>>> >>>> You have disabled the route back to the network: >>>> >>>> [robbie@on4hu] > ip route print detail >>>> Flags: X - disabled, A - active, D - dynamic, >>>> C - connect, S - static, r - rip, b - bgp, o - ospf, m - m >>>> B - blackhole, U - unreachable, P - prohibit >>>> 0 X S dst-address=0.0.0.0/0 gateway=44.144.11.129 >>>> gateway-status=44.144.11.129 inactive distance=1 s >>>> target-scope=10 routing-mark=via_amprnet >>>> >>>> 1 ADS dst-address=0.0.0.0/0 gateway=192.168.1.1 >>>> gateway-status=192.168.1.1 reachable via ether1-g >>>> scope=30 target-scope=10 vrf-interface=ether1-gate >>>> >>>> 2 ADC dst-address=44.144.4.0/24 pref-src=44.144.4.2 gate >>>> gateway-status=ovpn-adc reachable distance=0 scope >>>> >>>> 3 ADC dst-address=44.144.11.128/28 pref-src=44.144.11.12 >>>> gateway-status=bridge-local reachable distance=0 s >>>> >>>> 4 ADC dst-address=192.168.1.0/24 pref-src=192.168.1.100 >>>> gateway-status=ether1-gateway reachable distance=0 >>>> >>>> >>>> 1) The gateway for rule 0 should be 44.144.4.1 and not your local router >>>> ip. >>>> 2) You have disabled rule 0, meaning that all your outbound traffic is >>>> being sent through your VDSL provider which does not know amprnet and >>>> thus the packets die a lonely death in a blackhole on the internet. >>>> 3) FYI: There is a mangle rule that uses rule 0, just to be clear; >>>> >>>> [robbie@on4hu] > ip firewall mangle print >>>> Flags: X - disabled, I - invalid, D - dynamic >>>> 0 chain=prerouting action=mark-routing new-routing-mark=via_amprnet >>>> passthrough=yes in-interface=bridge-local >>>> >>>> 1 chain=output action=mark-routing new-routing-mark=via_amprnet >>>> passthrough=yes src-address=44.144.0.0/16 >>>> dst-address=!44.144.11.128/28 >>>> >>>> 2 chain=prerouting action=mark-connection >>>> new-connection-mark=from_vpn >>>> passthrough=yes in-interface=ovpn-adc >>>> >>>> 3 chain=prerouting action=mark-routing new-routing-mark=via_amprnet >>>> passthrough=yes connection-mark=from_vpn >>>> >>>> >>>> >>>> So since this route is disabled and misconfigured, no traffic is >>>> flowing back through the VPN to amprnet. >>>> >>>> >>>> >>>> 73s >>>> Robbie >>>> >>>> On Thu, Jan 16, 2014 at 7:05 PM, &lt;sp2lob(a)tlen.pl&gt; wrote: >>>>> >>>>> (Please trim inclusions from previous messages) >>>>> _______________________________________________ >>>>> Marius, >>>>> >>>>> Besides, 44.144.11.136 reachability I checked additionally via AMPRNet >>>>> VPN >>>>> generously provided by OH7LZB. >>>>> >>>>> >>>>> Best regards. >>>>> Tom - sp2lob >>>>> >>>>> _________________________________________ >>>>> 44Net mailing list >>>>> 44Net(a)hamradio.ucsd.edu >>>>> http://hamradio.ucsd.edu/mailman/listinfo/44net >>>> >>>> _________________________________________ >>>> 44Net mailing list >>>> 44Net(a)hamradio.ucsd.edu >>>> http://hamradio.ucsd.edu/mailman/listinfo/44net >>> >>> >>> >>> -- >>> forum => http://on4hu.be/phpbb/ inscrivez vous? New MediaWiki => >>> http://on4hu.be/MediaWiki http://on4hu.dyndns.org:81/ >>> http://www.on4hu.be/ >>> ftp://ftp.on4hu.be/ ou ftp://on4hu.dyndns.org/ COMPUTERS ARE LIKE >>> AIR-CONDITIONERS THEY STOP WORKING PROPERLY AS SOON AS YOU OPEN WINDOWS. >>> >>> _________________________________________ >>> 44Net mailing list >>> 44Net(a)hamradio.ucsd.edu >>> http://hamradio.ucsd.edu/mailman/listinfo/44net >> >> _________________________________________ >> 44Net mailing list >> 44Net(a)hamradio.ucsd.edu >> http://hamradio.ucsd.edu/mailman/listinfo/44net > > > > -- > forum => http://on4hu.be/phpbb/ inscrivez vous? New MediaWiki => > http://on4hu.be/MediaWiki http://on4hu.dyndns.org:81/ http://www.on4hu.be/ > ftp://ftp.on4hu.be/ ou ftp://on4hu.dyndns.org/ COMPUTERS ARE LIKE > AIR-CONDITIONERS THEY STOP WORKING PROPERLY AS SOON AS YOU OPEN WINDOWS. > >