[nos-bbs] jnos 2 IP routing help request

Jay Nugent jjn at nuge.com
Tue Apr 3 17:02:12 EDT 2012 

Greetings,

On Tue, 3 Apr 2012, Joey STANFORD wrote:

> Hi Gang,
>
> I have a brand new JNOS 2.0j node running on a 64-bit Ubuntu Linux
> machine. I used the installer to get it set up correctly.   JNOS runs
> and I can ping across the tunnel to the computer.  I can ping across
> the tunnel to JNOS.  I can telnet across the tunnel on the host
> machine to JNOS.   Excellent, no issues there.
>
> Here's where I'm looking for help....
>
> 1) JNOS can't ping past the host machine. I can't get to the internet
> or any other machines on the intranet.  The default route in JNOS is
> setup so I would assume this means that I need some sort of "ip route
> add" command on the host.  ipv4.forwarding is set to true.

    As I teach my students, they must "Think like a Packet, in *BOTH* 
directions".   You indeed probably passed a packet out onto the Internet, 
and it probably even made it to the destination machine.  But now you have 
to think like a packet in the reverse direction.  Does the destination 
machine have any clue whatsoever how to get a packet back to you!?!?!?

    Your SOURCE address likely was 44.x.y.z.  The destination machine is 
going to respond to the packets you sent it, by trying to snd back to 
44.x.y.z which will likely get caught by the 44/8 route that will direct 
it back to UCSDin California.  Unless AMPRgateway/Mirrorshades *knows* how 
to reach YOU via an ENCAP tunnel.... well... let's just say the packet 
dies a silent death...


>
> 2) Other machines on the intranet can't ping JNOS. I suspect I need
> some sort of "arp" command.

    A'yup.  Same situation.  Machines on your local LAN have no idea how to 
route back to a 44 address.  You *will* need to configure them to route 
your 44 addr back to the hosting Linux box -- which will then have to 
accept it and know to pass it up the TUN interface to the JNOS 
application.

    Again, "Think like a packet, in BOTH directions"


> 3) I need a sanity check the ip items in my autoexec.nos file please
> because I played around with them a bit (they work as above but may
> not be the most appropriate).
>
> Host computer: 10.10.10.90  mask 255.255.255.0
> JSOS IP: 10.10.1.1 mask 255.255.255.0
> ifconfig tun0 10.10.10.90 pointopoint 10.10.1.1 mtu 1500 up

    Is the JNOS application actually running a Net-10 address?  Or is this 
just the IP address of the JNOS end of the TUNNEL?


       --- Jay Nugent   WB8TKL

         () ascii ribbon campaign in
         /\ support of plain text e-mail

"No free man shall ever be debarred the use of arms. The strongest
reason for the people to retain the right to keep and bear arms is, as a
last resort, to protect themselves against tyranny in government"--
Thomas Jefferson, 1 Thomas Jefferson Papers, 334
+------------------------------------------------------------------------+
| Jay Nugent   jjn at nuge.com    (734)484-5105    (734)649-0850/Cell       |
|   Nugent Telecommunications  [www.nuge.com]                            |
|   Internet Consulting/Linux SysAdmin/Engineering & Design/ISP Reseller |
| ISP Monitoring [www.ispmonitor.org] ISP & Modem Performance Monitoring |
| Web-Pegasus    [www.webpegasus.com] Web Hosting/DNS Hosting/Shell Accts|
+------------------------------------------------------------------------+
  16:01:01 up 4 days,  1:41,  5 users,  load average: 0.38, 0.17, 0.16

More information about the nos-bbs mailing list