Need help setting up a linux box as a router

[kcantrel]

---

I Linux have boxes A, B and C with B having multiple VLAN interfaces. I'm trying to get A to be able to talk to C. Here are the specific setup:

A:
Eth0 IP Address: 10.26.89.225/24
Default Route 10.26.89.1
Eth1.102 (VLAN 102) IP Address: 192.168.102.101/24
Route add -net 192.168.103.0/24 gw 192.168.102.1

B:
Eth0 IP Address: 10.26.89.226/24
Default Route 10.26.89.1
IP_Forwarding Enabled
Eth1.102 IP Address: 192.168.102.1/24
Eth1.103 IP Address: 192.168.103.1/24

C:
Eth0 IP Address: 10.26.89.227/24
Default Route 10.26.89.1
Eth1.103 IP Address: 192.168.103.101/24
route add -net 192.168.102.0/24 gw 192.168.103.1

This all seems fine, and I can 'ping' from A to C, but I am getting odd behavior when I try and do anything more meaningful, like ssh:
TestSUSE:~ # ping 192.168.103.101
PING 192.168.103.101 (192.168.103.101) 56(84) bytes of data.
64 bytes from 192.168.103.101: icmp_seq=1 ttl=254 time=5.32 ms
64 bytes from 192.168.103.101: icmp_seq=2 ttl=254 time=0.540 ms
^C
--- 192.168.103.101 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1003ms
rtt min/avg/max/mdev = 0.540/2.932/5.325/2.393 ms

TestSUSE:~ # ssh 192.168.103.101
ssh: connect to host 192.168.103.101 port 22: No route to host

(Huh? I just pinged it, how can there be no route?)

Using 'traceroute' it also seems odd:
TestSUSE:~ # traceroute 192.168.103.101
traceroute to 192.168.103.101 (192.168.103.101), 30 hops max, 40 byte packets using UDP
1 192.168.102.1 (192.168.102.1) 0.622 ms 0.325 ms 0.195 ms
2 192.168.102.1 (192.168.102.1)(H!) 0.223 ms (H!) 0.190 ms (H!) 0.181 ms

If I go to machine B I can ping and traceroute to either A or C without the (H!).

So, any ideas why machine B is sending out "can't route to host" ICMP packets (I assume that is what is going on).

[alf55]

Have you tried:

Code:

# On system A:
route add -net 192.168.103.0/24 gw 192.168.102.1 Eth1.102

# On system C:
route add -net 192.168.102.0/24 gw 192.168.103.1 eth1.103

Off the top of my head, I do not believe that you will need to use IPTABLE on B.

[kcantrel]

While I didn't specify the interface for the route to use, apparently Linux figured it out:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.102.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2.102
192.168.103.0 192.168.102.1 255.255.255.0 UG 0 0 0 eth2.102
10.26.89.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

I went ahead and removed the route and added it back, but I still got the same results:

TestSUSE:~ # ping 192.168.103.101
PING 192.168.103.101 (192.168.103.101) 56(84) bytes of data.
64 bytes from 192.168.103.101: icmp_seq=1 ttl=254 time=0.902 ms
64 bytes from 192.168.103.101: icmp_seq=2 ttl=254 time=0.524 ms
64 bytes from 192.168.103.101: icmp_seq=3 ttl=254 time=0.502 ms
^C
--- 192.168.103.101 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.502/0.642/0.902/0.185 ms
TestSUSE:~ # traceroute 192.168.103.101
traceroute to 192.168.103.101 (192.168.103.101), 30 hops max, 40 byte packets using UDP
1 192.168.102.1 (192.168.102.1) 0.355 ms 0.242 ms 0.169 ms
2 192.168.102.1 (192.168.102.1)(H!) 0.174 ms (H!) 0.174 ms (H!) 0.160 ms
TestSUSE:~ # ssh !$
ssh 192.168.103.101
ssh: connect to host 192.168.103.101 port 22: No route to host

I ended up downloading and installing yvatta and that seems to be working. So, the problem is clearly something to do with the "B" machine. Note that all machines are VMware virtuals. I would prefer to get the Linux solution to work instead of vyatta, so if you, or anyone else have any other ideas, I'd love to hear them.