thank you Robbie, this time it is understandable that you send me
example. I will apply myself to make sure it works
I am sorry to disturb you while you have a lot of work
73s André ON4HU
Le 17/01/14 10:10, Robbie De Lise a écrit :
> (Please trim inclusions from previous messages)
> _______________________________________________
> Hello André,
>
> You currently have your default route set to your VDSL router.
> Since this router does not know amprnet the outbound traffic is still
> send and blackholed to the internet.
>
> You have 2 options:
>
> 1) If you only want to make the box reachable from amprnet (44.x.x.x)
> you can add a static route:
> Destination: 44.0.0.0/8
> Gateway: 44.144.11.129
>
> This can be done with eg the command:
>
> route add -net 44.0.0.0/8 gw 44.144.11.129
>
> Please beware that this command does not persist a reboot. Please
> consult the documentation of your linux distribution to find out how
> to add persistent static routes.
>
>
> 2) If you want the make the box reachable from amprnet and the public
> internet on its 44.144.11.136 address, you need to change the default
> gateway. Since we advertise 44.144 via BGP to the internet you can
> then use the 44.144.11.136 address instead of
on4hu.dyndns.org for
> access from the internet.
> BEWARE: As stated before you are advised to put a firewall in place to
> only open needed ports to the public internet !!!!
>
> This can be done with eg the commands:
>
> route del default
> route add default gw 44.144.11.129
>
> Please beware that this command does not persist a reboot. Please
> consult the documentation of your linux distribution to find out how
> to change the default gateway.
>
>
> 73s
> Robbie
> ON4SAX
>
>
>
>
>
>
>
> On Thu, Jan 16, 2014 at 9:04 PM, on4hu <on4hu.0(a)gmail.com> wrote:
>> (Please trim inclusions from previous messages)
>> _______________________________________________
>> Robies below my table wheel, what should I do to make as gateway
>> 44.144.11.129
>>
>>
<http://www.google.com/url?source=transpromo&rs=rsmf&q=http://translate.google.com/globalmarketfinder/%3Flocale%3Dfr>
>> [root@localhost on4hu]# route -n
>> Table de routage IP du noyau
>> Destination Passerelle Genmask Indic Metric Ref Use Iface
>> 0.0.0.0 192.168.1.1 0.0.0.0 UG 10 0 0 eth1
>> 44.144.11.128 0.0.0.0 255.255.255.240 U 10 0 0 eth0
>> 169.254.0.0 0.0.0.0 255.255.0.0 U 10 0 0 eth1
>> 169.254.0.0 0.0.0.0 255.255.0.0 U 10 0 0 eth0
>> 192.168.1.0 0.0.0.0 255.255.255.0 U 10 0 0 eth1
>> [root@localhost on4hu]#
>> [root@localhost on4hu]# arp -n
>> Address HWtype HWaddress Flags Mask
>> Iface
>> 44.144.11.129 ether d4:ca:6d:b6:c6:87 C
>> eth0
>> 192.168.1.1 ether 1c:df:0f:e5:10:d6 C
>> eth1
>> 192.168.1.4 ether 00:26:2d:2b:7e:62 C
>> eth1
>> 192.168.1.2 ether 00:24:21:52:81:22 C
>> eth1
>> [root@localhost on4hu]#
>>
>> André ON4HU
>>
>>
>> Le 16/01/14 20:08, Robbie De Lise a écrit :
>>
>>> (Please trim inclusions from previous messages)
>>> _______________________________________________
>>> Dear Andre,
>>>
>>> I have fixed the configuration for you:
>>>
>>> [robbie@on4hu] /ip route> set 0 gateway=44.144.4.1
>>> [robbie@on4hu] /ip route> enable 0
>>> [robbie@on4hu] /ip route> pr detail
>>> Flags: X - disabled, A - active, D - dynamic,
>>> C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
>>> B - blackhole, U - unreachable, P - prohibit
>>> 0 A S dst-address=0.0.0.0/0 gateway=44.144.4.1
>>> gateway-status=44.144.4.1 reachable via ovpn-adc
>>> distance=1 scope=30 target-scope=10 routing-mark=via_amprnet
>>>
>>> 1 ADS dst-address=0.0.0.0/0 gateway=192.168.1.1
>>> gateway-status=192.168.1.1 reachable via ether1-gateway
>>> distance=1 scope=30 target-scope=10 vrf-interface=ether1-gateway
>>>
>>> 2 ADC dst-address=44.144.4.0/24 pref-src=44.144.4.2 gateway=ovpn-adc
>>> gateway-status=ovpn-adc reachable
>>> distance=0 scope=10
>>>
>>> 3 ADC dst-address=44.144.11.128/28 pref-src=44.144.11.129
>>> gateway=bridge-local
>>> gateway-status=bridge-local reachable distance=0 scope=10
>>>
>>> 4 ADC dst-address=192.168.1.0/24 pref-src=192.168.1.100
>>> gateway=ether1-gateway
>>> gateway-status=ether1-gateway reachable distance=0 scope=10
>>>
>>> I am now able to ping your router on 44.144.11.129 and 44.144.4.2
>>> However still not able to ping or access 44.144.11.136
>>>
>>> Are you sure you have set the default gateway on this machine to
>>> 44.144.11.129 ?
>>>
>>> 73s
>>> Robbie
>>>
>>>
>>>
>>>
>>> On Thu, Jan 16, 2014 at 7:44 PM, on4hu <on4hu.0(a)gmail.com> wrote:
>>>> (Please trim inclusions from previous messages)
>>>> _______________________________________________
>>>> hello Robbie
>>>> I did absolutely nothing changed, I sent you an email on this subject,
>>>> which
>>>> you probably have not answered for lack of time
>>>> I feel that the restoration on this router does not restore anything,
>>>> I'll
>>>> still make a new backup for you as I had already report without
>>>> documentation in my native language I am unable to change anything and I
>>>> do
>>>> not touch
>>>> can you confirm me about the backup otherwise how??
>>>> is what I am connectable or not ... that is the question Robbies
>>>> 73s
>>>> André ON4HU
>>>>
>>>> Le 16/01/14 19:20, Robbie De Lise a écrit :
>>>>
>>>>> (Please trim inclusions from previous messages)
>>>>> _______________________________________________
>>>>> Dear Andre,
>>>>>
>>>>> You have disabled the route back to the network:
>>>>>
>>>>> [robbie@on4hu] > ip route print detail
>>>>> Flags: X - disabled, A - active, D - dynamic,
>>>>> C - connect, S - static, r - rip, b - bgp, o - ospf, m - m
>>>>> B - blackhole, U - unreachable, P - prohibit
>>>>> 0 X S dst-address=0.0.0.0/0 gateway=44.144.11.129
>>>>> gateway-status=44.144.11.129 inactive distance=1 s
>>>>> target-scope=10 routing-mark=via_amprnet
>>>>>
>>>>> 1 ADS dst-address=0.0.0.0/0 gateway=192.168.1.1
>>>>> gateway-status=192.168.1.1 reachable via ether1-g
>>>>> scope=30 target-scope=10 vrf-interface=ether1-gate
>>>>>
>>>>> 2 ADC dst-address=44.144.4.0/24 pref-src=44.144.4.2 gate
>>>>> gateway-status=ovpn-adc reachable distance=0 scope
>>>>>
>>>>> 3 ADC dst-address=44.144.11.128/28 pref-src=44.144.11.12
>>>>> gateway-status=bridge-local reachable distance=0 s
>>>>>
>>>>> 4 ADC dst-address=192.168.1.0/24 pref-src=192.168.1.100
>>>>> gateway-status=ether1-gateway reachable distance=0
>>>>>
>>>>>
>>>>> 1) The gateway for rule 0 should be 44.144.4.1 and not your local
router
>>>>> ip.
>>>>> 2) You have disabled rule 0, meaning that all your outbound traffic
is
>>>>> being sent through your VDSL provider which does not know amprnet
and
>>>>> thus the packets die a lonely death in a blackhole on the internet.
>>>>> 3) FYI: There is a mangle rule that uses rule 0, just to be clear;
>>>>>
>>>>> [robbie@on4hu] > ip firewall mangle print
>>>>> Flags: X - disabled, I - invalid, D - dynamic
>>>>> 0 chain=prerouting action=mark-routing
new-routing-mark=via_amprnet
>>>>> passthrough=yes in-interface=bridge-local
>>>>>
>>>>> 1 chain=output action=mark-routing
new-routing-mark=via_amprnet
>>>>> passthrough=yes src-address=44.144.0.0/16
>>>>> dst-address=!44.144.11.128/28
>>>>>
>>>>> 2 chain=prerouting action=mark-connection
>>>>> new-connection-mark=from_vpn
>>>>> passthrough=yes in-interface=ovpn-adc
>>>>>
>>>>> 3 chain=prerouting action=mark-routing
new-routing-mark=via_amprnet
>>>>> passthrough=yes connection-mark=from_vpn
>>>>>
>>>>>
>>>>>
>>>>> So since this route is disabled and misconfigured, no traffic is
>>>>> flowing back through the VPN to amprnet.
>>>>>
>>>>>
>>>>>
>>>>> 73s
>>>>> Robbie
>>>>>
>>>>> On Thu, Jan 16, 2014 at 7:05 PM, <sp2lob(a)tlen.pl> wrote:
>>>>>> (Please trim inclusions from previous messages)
>>>>>> _______________________________________________
>>>>>> Marius,
>>>>>>
>>>>>> Besides, 44.144.11.136 reachability I checked additionally via
AMPRNet
>>>>>> VPN
>>>>>> generously provided by OH7LZB.
>>>>>>
>>>>>>
>>>>>> Best regards.
>>>>>> Tom - sp2lob
>>>>>>
>>>>>> _________________________________________
>>>>>> 44Net mailing list
>>>>>> 44Net(a)hamradio.ucsd.edu
>>>>>>
http://hamradio.ucsd.edu/mailman/listinfo/44net
>>>>> _________________________________________
>>>>> 44Net mailing list
>>>>> 44Net(a)hamradio.ucsd.edu
>>>>>
http://hamradio.ucsd.edu/mailman/listinfo/44net
>>>>
>>>>
>>>> --
>>>> forum =>
http://on4hu.be/phpbb/ inscrivez vous? New MediaWiki =>
>>>>
http://on4hu.be/MediaWiki http://on4hu.dyndns.org:81/
>>>>
http://www.on4hu.be/
>>>> ftp://ftp.on4hu.be/ ou
ftp://on4hu.dyndns.org/ COMPUTERS ARE LIKE
>>>> AIR-CONDITIONERS THEY STOP WORKING PROPERLY AS SOON AS YOU OPEN WINDOWS.
>>>>
>>>> _________________________________________
>>>> 44Net mailing list
>>>> 44Net(a)hamradio.ucsd.edu
>>>>
http://hamradio.ucsd.edu/mailman/listinfo/44net
>>> _________________________________________
>>> 44Net mailing list
>>> 44Net(a)hamradio.ucsd.edu
>>>
http://hamradio.ucsd.edu/mailman/listinfo/44net
>>
>>
>> --
>> forum =>
http://on4hu.be/phpbb/ inscrivez vous? New MediaWiki =>
>>
http://on4hu.be/MediaWiki http://on4hu.dyndns.org:81/ http://www.on4hu.be/
>> ftp://ftp.on4hu.be/ ou
ftp://on4hu.dyndns.org/ COMPUTERS ARE LIKE
>> AIR-CONDITIONERS THEY STOP WORKING PROPERLY AS SOON AS YOU OPEN WINDOWS.
>>
>>