Yes. 192.168.1.1 is my Linux router.

Alright, so I deleted the other route, which was:

route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.1.1 eth0

and instead use:

route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.1.8 eth0

I tried that before and it didn't work for me. I tried it again just now and I am still unable to ping.

Extended ping results:

TC-R1#ping

Protocol [ip]:

Target IP address: 192.168.1.1

Repeat count [5]: 50

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: 192.168.3.1

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 50, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Success rate is 100 percent (50/50), round-trip min/avg/max = 1/1/4 ms

TC-R1#

TC-R1#ping

Protocol [ip]:

Target IP address: 192.168.1.2

Repeat count [5]: 50

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: 192.168.3.1

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 50, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:

..................................................

Success rate is 0 percent (0/50)

TC-R1#

TC-R1#ping

Protocol [ip]:

Target IP address: 192.168.1.10

Repeat count [5]: 10

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: 192.168.3.1

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 10, 100-byte ICMP Echos to 192.168.1.10, timeout is 2 seconds:

..........

Success rate is 0 percent (0/10)

TC-R1#

Tavis,

what way do 192.168.1.10 and 2 send packets to 192.168.3.0/24? are they default routing through 192.168.1.1 or are do you have a route for the subnet through 192.168.1.8?

I concur with John in thinking that the linux router is at fault.

I suspect that you have default gateway on the 192.168.1.10 and .2 boxes set for .1 and that router is not forwarding traffic down the interface it rx'd it on. If you add to those boxes that 192.168.3.0/24 is available through 192.168.1.8 I reckon you'll be able to work around the problem.

HTH

Tony

Tony.

Any PC on the 192.168.1.0/24 subnet will send traffic to 192.168.1.1 if it needs to be routed to a different subnet/network.

I do not have any special secondary gateways setup on any PCs on 192.168.1.0/24.

Any PC on 192.168.1.0/24 can ping all the way through to 192.168.3.2

Check out these interesting tracerts:

C:\Documents and Settings\tavis.TC>tracert 192.168.3.2

Tracing route to TOSHIBA [192.168.3.2]

over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.1.1

2 1 ms 1 ms 1 ms 192.168.1.8

3 <1 ms <1 ms <1 ms TOSHIBA [192.168.3.2]

Trace complete.

C:\Documents and Settings\tavis>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : pentiumd-2800

Primary Dns Suffix . . . . . . . : tc.com

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : tc.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : tc.com

Description . . . . . . . . . . . : Marvell Yukon 88E8053 PCI-E Gigabit Ethe

net Controller

Physical Address. . . . . . . . . : (my MAC address)

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.170

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.2

192.168.1.10

Lease Obtained. . . . . . . . . . : Wednesday, August 19, 2009 5:08:10 PM

Lease Expires . . . . . . . . . . : Thursday, August 20, 2009 5:08:10 PM

C:\Documents and Settings\tavis.TC>tracert 192.168.3.2

Tracing route to TOSHIBA [192.168.3.2]

over a maximum of 30 hops:

1 1 ms 1 ms 1 ms 192.168.1.8

2 <1 ms 1 ms <1 ms TOSHIBA [192.168.3.2]

Trace complete.

C:\Documents and Settings\tavis.TC>

That's interesting. That to me looks like it worked. But your saying a ping won't..... Considering they are the same protocol It may be time to break out the protocol analyiser and see whats happening on the wire.

Tony

"I suspect that you have default gateway on the 192.168.1.10 and .2 boxes set for .1..."

You are correct here.

"...and that router is not forwarding traffic down the interface it rx'd it on. If you add to those boxes that 192.168.3.0/24 is available through 192.168.1.8 I reckon you'll be able to work around the problem."

I'm not sure how to do this in Windows. Bah...is it a secondary gateway or secondary IP?

Well, this will be a beating, but on every system in the 192.168.1.x subnet, you could add a route in Windows:

route add 192.168.3.0 255.255.255.0 192.168.1.8

syntax may be wrong, but I'm in Linux at the moment....

See if that at least works....

John

Ohhh I think you might be right!

Check it out...I added a second gateway to 192.168.1.170 (just the PC I'm sitting at right now) and now I can ping to 192.168.1.170 from 192.168.3.2.

ipconfig /all from 192.168.1.170:

IP Address. . . . . . . . . . . . : 192.168.1.170

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

192.168.1.8

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.2 192.168.1.10

Now the question is...how do I tell my Linux router to do this? Bah...

Adding an alternate gateway to each PC isn't really acceptable and I can't change or add the default gateway that is handed out with DHCP on IPCop. =(

Tavis,

I'm not sure why the linux router is doing what it's doing. the trace route you had earlier looked like it was doing things right.

As for adding a static route. a quick google found me option 33 on DHCP server, which adds a Static route to DHCP devices, which may be worth a look. another option may be to look at IRDP as an option. Though given IPCops apparent problems with ICMP it may not work either

Good luck

Tony

Do these look right to you guys?

Background: If I try to ping 192.168.1.10 from 192.168.3.2, the pings timeout. From my DNS sever at 192.168.1.10, I can ping 192.168.3.2 fine. Then suddenly the pings from 192.168.3.2 to 192.168.1.10 start working! But after a few minutes the pings from 192.168.3.2 to 192.168.1.10 stop working. So from 192.168.3.2, I ping using ping -s 4 192.168.1.10:

C:\Documents and Settings\Tavis>ping -s 4 192.168.1.10

Pinging 192.168.1.10 with 32 bytes of data:

Reply from 192.168.1.10: bytes=32 time=4ms TTL=127

Timestamp: 192.168.1.8 : 2157478746 ->

192.168.1.10 : 80938062 ->

192.168.3.1 : 2157478749

Reply from 192.168.1.10: bytes=32 time=4ms TTL=127

Timestamp: 192.168.1.8 : 2157479754 ->

192.168.1.10 : 80939078 ->

192.168.3.1 : 2157479756

Reply from 192.168.1.10: bytes=32 time=4ms TTL=127

Timestamp: 192.168.1.8 : 2157480760 ->

192.168.1.10 : 80940078 ->

192.168.3.1 : 2157480763

Reply from 192.168.1.10: bytes=32 time=4ms TTL=127

Timestamp: 192.168.1.8 : 2157481767 ->

192.168.1.10 : 80941093 ->

192.168.3.1 : 2157481770

Ping statistics for 192.168.1.10:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 4ms, Maximum = 4ms, Average = 4ms

I ping the same way on 192.168.1.10 to 192.168.3.2:

C:\Documents and Settings\tavis>ping -s 4 192.168.3.2

Pinging 192.168.3.2 with 32 bytes of data:

Reply from 192.168.3.2: bytes=32 time=4ms TTL=127

Timestamp: 192.168.1.1 : 80964411 ->

192.168.3.1 : 2157468563 ->

192.168.3.2 : 80965238 ->

192.168.1.8 : 2157468566

Reply from 192.168.3.2: bytes=32 time=4ms TTL=127

Timestamp: 192.168.1.1 : 80965412 ->

192.168.3.1 : 2157469564 ->

192.168.3.2 : 80966239 ->

192.168.1.8 : 2157469567

Reply from 192.168.3.2: bytes=32 time=6ms TTL=127

Timestamp: 192.168.3.1 : 2157470566 ->

192.168.3.2 : 80967240 ->

192.168.1.8 : 2157470568

Reply from 192.168.3.2: bytes=32 time=4ms TTL=127

Timestamp: 192.168.3.1 : 2157471564 ->

192.168.3.2 : 80968232 ->

192.168.1.8 : 2157471566

Ping statistics for 192.168.3.2:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 4ms, Maximum = 6ms, Average = 4ms

Linux Router routing table:

root@ipcop-tc:~ # route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

24.148.144.128 0.0.0.0 255.255.255.128 U 0 0 0 eth2

192.168.3.0 192.168.1.8 255.255.255.0 UG 0 0 0 eth0

192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1

0.0.0.0 24.148.144.129 0.0.0.0 UG 0 0 0 eth2

Tavis,

Didn't we figure out that the linux router was generally a bit sucky?

It all works better once that was out of the picture. ie putting a static route on hosts 192.168.1.0 subnet, for 192.168.3.0 doesn't it?

Tony

I wouldn't say "sucky". It suits my needs for an advanced server/workstation/network tech and my home-business PCs. I love it for that. But apparently doesn't play well with subnetworks and ICMP. My guess is something else needs to be configured on it. I'm primarily learning with this setup, but I would like to get it working.

I did add another default route in my 192.168.1.10 Windows DNS/AD server and it started working. Oddly enough it also allowed 192.168.3.2 to ping 192.168.1.2 WITHOUT adding the extra route on that system.

Anyway, I may change something with my primary gateway sometime and try again.

Tavis,

If it suits your requirements then ok.

I thought all you had to do was add a route for 192.168.3.0/24 in the hosts on 192.168.1.0/24 subnet that pointed to the cisco router rather than the Linux router, and it all came good.

I also thought that 192.168.1.0 was full of DHCP hosts that you didn't want to run around and install routes individually. There is an option 33 which installs static routes through DHCP that may be worth a look.

Anyway sorry I can't be of more assistance.

Tony

Sorry - double post.