• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

Routing/Gateway Problem

ChinaMan

Gawd
Joined
Jul 9, 2001
Messages
706
Network guru's! Looking for another set of eyes on this. We’re doing some charitable work for a local school and have run into some routing problems. Below is a network diagram of what we’re trying to accomplish. The T1 has been in place for some time, but isn’t being utilized until now. I can ping all the way through from a client machine at the remote site back to the internet router and out through the L3 link without problem, however I can’t ping or reach any of the servers at the MOB from Remote. Here are the routes that are in place.

Routes on Internet Router
ip route 10.245.101.0 255.255.255.0 10.0.10.2
ip route 10.246.101.0 255.255.255.0 10.0.10.2
ip router 10.0.10.0 255.255.255.0 eth0(10.0.10.1)
ip route x.x.x.x 255.255.255.0 eth1(x.x.x.x)

Routes on FDCSB1-2621
ip route 10.246.101.0 255.255.255.0 10.245.101.2
ip route 10.0.10.0 255.255.255.0 10.0.10.1
ip route 0.0.0.0 0.0.0.0 10.0.10.1

Routes on FDCSB2-2621
ip route 10.246.101.0 255.255.255.0 10.245.101.1
ip route 10.0.10.0 255.255.255.0 10.245.101.1
ip router 0.0.0.0 0.0.0.0 10.245.101.1

ndg0.jpg
 
Do those 2621's have switchport modules installed or what are you using for Layer 2 connectivity to the router for all those hosts?
 
Do those 2621's have switchport modules installed or what are you using for Layer 2 connectivity to the router for all those hosts?

There's workgroup switches gluing it all together. Linksys i think.
 
I set this up in Packet tracer and I'm able to ping both ways. Check your default gateways on the MOB side, and make sure they're set for the ethernet interface ip of 10.0.10.2.
 
I set this up in Packet tracer and I'm able to ping both ways. Check your default gateways on the MOB side, and make sure they're set for the ethernet interface ip of 10.0.10.2.

Thanks for investigating! I'm headed there tonight to tinker around. I'll let you know my findings.
 
yeah, your route statements look okay. Don't need the ip router 10.0.10.0 255.255.255.0 eth0(10.0.10.1) on the internet router, though, since it is a connected network. My guess is you have a default gateway configured wrong somewhere or an IP address typed wrong maybe.
 
If I try to ping 10.0.10.53 (a server at MOB) from the remote router or remote host, I get timeout. However, I can ping 10.0.10.1 successfully from the remote router and remote host. I can successfully ping 10.246.101.10 (remote server) from 10.0.10.53 (MOB server). I captured some info below.


Traceroute from 10.246.101.10 to 10.0.10.53
1 1 ms 1 ms 1 ms 10.246.101.1
2 7 ms 2 ms 2 ms 10.245.101.1
3 * * * Request timed out.

show ip route on FDCSB1-2621

Gateway of last resort is 10.0.10.1 to network 0.0.0.0
10.0.0.0/24 is subnetted, 3 subnets
C 10.0.10.0 is directly connected, FastEthernet0/0
S 10.246.101.0 [1/0] via 10.245.101.2
C 10.245.101.0 is directly connected, Serial0/0
S* 0.0.0.0/0 [1/0] via 10.0.10.1


show ip route on FDCSB2-2621

Gateway of last resort is 10.245.101.1 to network 0.0.0.0
10.0.0.0/24 is subnetted, 3 subnets
S 10.0.10.0 [1/0] via 10.245.101.1
C 10.246.101.0 is directly connected, FastEthernet1/0
C 10.245.101.0 is directly connected, Serial0/0
S* 0.0.0.0/0 [1/0] via 10.245.101.1


route on internet router

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
(L3)x.x.x.0 * 255.255.255.0 U 0 0 0 eth1
10.245.101.0 10.0.10.2 255.255.255.0 UG 0 0 0 eth0
10.0.10.0 * 255.255.255.0 U 0 0 0 eth0
10.246.101.0 10.0.10.2 255.255.255.0 UG 0 0 0 eth0
default L3livewater 0.0.0.0 UG 0 0 0 eth1
 
Code:
Routes on FDCSB1-2621
ip route 10.246.101.0 255.255.255.0 10.245.101.2

should be
Code:
ip route 10.246.101.0 255.255.255.0 10.0.10.2

just remember that gateway is another name for router - without a router nothing gets routed. The gateway must be on the same subnet!

Also you don't need "ip route 10.246.101.0 255.255.255.0 10.245.101.1" on FDCSB2 (plus it is incorrect, see above), since FDCSBS2 just forwards everything to FDCSBS1. It is FDCSBS1 that does the business FDCSBS2 doesn't need to know, just pass it on. Take it from me (as a developer) the more code you give a computer the more chances you have to mess up - especially if it is redundant.
 
Back
Top