[opensuse] dumb network routing question
Ok i been fooling around with this, and suspect I am missing something dumb... I have the following SOHO network configuration - Internet | Router A 169.254.1.1 | |-----169.254.1.200 Router B 192.168.20.1 --------- 192.168.20.100 Machine A | 169.254.1.100 (eth0) OpenSuSE Gateway Machine with SuSEFirewall 192.168.10.1 (eth1) | | 192.168.10.20 Machine B So how do I set up the SuSEFirewall and the network routing tables on the OpenSuSE Gateway to allow Machine B to see Machine A? I did set up a route in the Routing Table in YaST2 for the network interfaces as follows - Destination 192.168.20.0 Genmask 255.255.255.0 Gateway 169.254.1.200 Device eth0 The gateway address for Machine A is set to 192.168.20.1 The gateway address for Machine B is set to 192.168.10.1 The gateway address for the OpenSuSE Gateway Machine is set to 169.254.1.1 So far I have been unable to get Machine B to even ping Machine A. Is the SuSEFirewall interfering and if so what do I have to do to make it behave? I tried a few things with it also, but so far no joy. Gotta be something dumb I am missing, appreciate and thanks in advance for a bit of help.. Marc... -- "The Truth is out there" - Spooky -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Mon, 05 Aug 2013 22:18:34 -0700, Marc Chamberlin <marc@marcchamberlin.com> said:
Marc> Ok i been fooling around with this, and suspect I am missing Marc> something dumb... I have the following SOHO network configuration - Marc> Internet Marc> | Marc> Router A Marc> 169.254.1.1 Marc> | Marc> |-----169.254.1.200 Router B 192.168.20.1 --------- 192.168.20.100 Marc> Machine A Marc> | Marc> 169.254.1.100 (eth0) Marc> OpenSuSE Gateway Machine with SuSEFirewall Marc> 192.168.10.1 (eth1) Marc> | Marc> | Marc> 192.168.10.20 Marc> Machine B Marc> So how do I set up the SuSEFirewall and the network routing tables Marc> on the OpenSuSE Gateway to allow Machine B to see Machine A? I did Marc> set up a route in the Routing Table in YaST2 for the network Marc> interfaces as follows - You need to set the ip address correctly 169.254.x.x will not work. So there is misconfigured network. Once you configure it it should be fairly easy. -- Life is endless possibilities -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Marc Chamberlin wrote:
Ok i been fooling around with this, and suspect I am missing something dumb... I have the following SOHO network configuration -
Internet | Router A 169.254.1.1
Why are you using 169.254.x.x link local addresses? They are not supposed to be routable. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, Aug 6, 2013 at 1:18 AM, Marc Chamberlin <marc@marcchamberlin.com> wrote:
Ok i been fooling around with this, and suspect I am missing something dumb... I have the following SOHO network configuration -
Internet | Router A 169.254.1.1 | |-----169.254.1.200 Router B 192.168.20.1 --------- 192.168.20.100 Machine A | 169.254.1.100 (eth0) OpenSuSE Gateway Machine with SuSEFirewall 192.168.10.1 (eth1) | | 192.168.10.20 Machine B
So how do I set up the SuSEFirewall and the network routing tables on the OpenSuSE Gateway to allow Machine B to see Machine A? I did set up a route in the Routing Table in YaST2 for the network interfaces as follows -
Destination 192.168.20.0 Genmask 255.255.255.0 Gateway 169.254.1.200 Device eth0
The gateway address for Machine A is set to 192.168.20.1 The gateway address for Machine B is set to 192.168.10.1 The gateway address for the OpenSuSE Gateway Machine is set to 169.254.1.1
So far I have been unable to get Machine B to even ping Machine A. Is the SuSEFirewall interfering and if so what do I have to do to make it behave? I tried a few things with it also, but so far no joy.
Gotta be something dumb I am missing, appreciate and thanks in advance for a bit of help..
Marc...
You need to rephrase your question: You have 2 separate default non-routable networks setup with a suse gateway router between them and you're asking how to have the suse gateway router route the default non-routable traffic between them. I don't know how to override the default lack of routing of 169.254.x.x and 192.168.x.x addresses in the suse gateway router, but I'd be shocked if you can't be done easily. Hopefully someone else knows how to override the default behavior and route those IPs. fyi: This is not a "dumb" question. You have setup a more complex network, but companies do similar things all the time. If a company is lucky enough to have their own class A, class B, class C's, Then they can do it all with routable IPs. The reality today is most companies don't have that luxury, so the do use multiple non-routable networks so they can do things such as have a 10.x.x.x for the main network and a 192.168.x.x for a wireless guest network, etc. To accommodate that routers have override options to allow those IP ranges to be routed. I just have never been the one responsible for setting that up, so I don't know any details of how to do the override. Greg Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Greg Freemyer wrote:
You have 2 separate default non-routable networks setup with a suse gateway router between them and you're asking how to have the suse gateway router route the default non-routable traffic between them.
Actually, only the 169.254 network is not routable. The 192.168 network is routable, but not on the public internet. So, if he were to choose a different network, according to RFC1918, instead of the 169.254 network, he should be able to do what he wants. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, Aug 6, 2013 at 11:12 AM, James Knott <james.knott@rogers.com> wrote:
Greg Freemyer wrote:
You have 2 separate default non-routable networks setup with a suse gateway router between them and you're asking how to have the suse gateway router route the default non-routable traffic between them.
Actually, only the 169.254 network is not routable. The 192.168 network is routable, but not on the public internet. So, if he were to choose a different network, according to RFC1918, instead of the 169.254 network, he should be able to do what he wants.
Thanks James. For my clarity, is this right? 192.168.x.x is for private networks / sub-nets only and is not allowed on the Internet proper. There are router settings that allow it to be routed in a private network. The opensuse default routing settings allow it to be routed? 169.254.x.x is non-routable and there are no overrides to allow it to be routed. Thanks Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Greg Freemyer wrote:
Thanks James. For my clarity, is this right?
That is correct. The addresses listed in RFC1918 can be routed internally, but not onto the public Internet. In fact my ISP uses addresses in the 10.x.y.z range within their network. The 169.254 range is called "link local" and cannot be routed, even locally. It's purpose is to allow for file sharing etc. on a local network without having to configure IP addresses. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, 2013-08-06 at 11:33 -0400, James Knott wrote:
Greg Freemyer wrote:
Thanks James. For my clarity, is this right?
That is correct. The addresses listed in RFC1918 can be routed internally, but not onto the public Internet. In fact my ISP uses addresses in the 10.x.y.z range within their network. The 169.254 range is called "link local" and cannot be routed, even locally. It's purpose is to allow for file sharing etc. on a local network without having to configure IP addresses.
Just to clarify only the part of internet routing you mentioned (separated from routing inside of organizations[so-called enterprise routing], and I haven't read the original email of the problem) as someone who works for an ISP, RFC1918 ranges are not routable over the internet because there is no route for any super subnets including those ranges on the internet. 4.4.4.2 is routed to Level3's network because they advertises 4.0.0.0/8 to the internet (to their peering ISPs) and it's exhaustively distributed all over the world including our border routers. Also there is no default route 0.0.0.0/0 on the internet so if you send a packet destined to like 192.168.1.1 to your ISP's internet circuit, there is no way for their device to forward that packet to forward to. So it would be discarded. Not because your ISP is identifying it as an IP in private ranges. Just no route. Toshi -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 8/6/2013 8:03 AM, Greg Freemyer wrote:
On Tue, Aug 6, 2013 at 1:18 AM, Marc Chamberlin <marc@marcchamberlin.com> wrote:
Ok i been fooling around with this, and suspect I am missing something dumb... I have the following SOHO network configuration -
Internet | Router A 169.254.1.1 | |-----169.254.1.200 Router B 192.168.20.1 --------- 192.168.20.100 Machine A | 169.254.1.100 (eth0) OpenSuSE Gateway Machine with SuSEFirewall 192.168.10.1 (eth1) | | 192.168.10.20 Machine B
So how do I set up the SuSEFirewall and the network routing tables on the OpenSuSE Gateway to allow Machine B to see Machine A? I did set up a route in the Routing Table in YaST2 for the network interfaces as follows -
Destination 192.168.20.0 Genmask 255.255.255.0 Gateway 169.254.1.200 Device eth0
The gateway address for Machine A is set to 192.168.20.1 The gateway address for Machine B is set to 192.168.10.1 The gateway address for the OpenSuSE Gateway Machine is set to 169.254.1.1
So far I have been unable to get Machine B to even ping Machine A. Is the SuSEFirewall interfering and if so what do I have to do to make it behave? I tried a few things with it also, but so far no joy.
Gotta be something dumb I am missing, appreciate and thanks in advance for a bit of help..
Marc... You need to rephrase your question:
You have 2 separate default non-routable networks setup with a suse gateway router between them and you're asking how to have the suse gateway router route the default non-routable traffic between them.
I don't know how to override the default lack of routing of 169.254.x.x and 192.168.x.x addresses in the suse gateway router, but I'd be shocked if you can't be done easily. Hopefully someone else knows how to override the default behavior and route those IPs.
fyi: This is not a "dumb" question. You have setup a more complex network, but companies do similar things all the time. If a company is lucky enough to have their own class A, class B, class C's, Then they can do it all with routable IPs.
The reality today is most companies don't have that luxury, so the do use multiple non-routable networks so they can do things such as have a 10.x.x.x for the main network and a 192.168.x.x for a wireless guest network, etc.
To accommodate that routers have override options to allow those IP ranges to be routed. I just have never been the one responsible for setting that up, so I don't know any details of how to do the override.
Greg
Thanks Togan, James, Greg for your replies. Togan, James, you both pointed out the same thing, which I was kinda afraid of, that the 169.254.x.x network is a non-routable IP address range. I have encountered issues with this before and so far have not come up with a good answer. My trouble is that the devices on this network consist of some Motorola Canopy wireless access points and subscriber modules. These sit on towers and are not easily accessible, and the trouble is that if there is a power cycle, then these devices reboot and come up with a default IP address on the 169.254.x.x network. This is how I get my internet access to my SOHO network at home/business, I live way out in the woods! (I have tried to look into upgrading the firmware of these devices but so far no joy in figuring out how to do so, in order to get around this problem.) I set up the router B for the 192.168.20.x network to handle smart cell phones and some associated devices and get them off of the gateway computer and internal network (192.168.10.x) used for my home/business computers and servers. This is an attempt to improve phone call drops and intermittent issues we were having when the cell phones were on the same network as all the rest of our computers. Greg - Yes I think you see/understand what I am trying to do with having a separate network set up outside of my gateway computer. It sounds to me that from what you are saying, even if I could switch the 169.254.xx network address over to something like a 10.x.x.x network I would still have routing problems. Hmmmm, anyone got any ideas on how to go about solving this? Suggestions on wireless routers I can use? Right now I am using Rosewill wireless routers and I don't see any settings that allow me to override routing rules and still provide NAT capabilities. Marc... -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Marc Chamberlin wrote:
Togan, James, you both pointed out the same thing, which I was kinda afraid of, that the 169.254.x.x network is a non-routable IP address range. I have encountered issues with this before and so far have not come up with a good answer. My trouble is that the devices on this network consist of some Motorola Canopy wireless access points and subscriber modules. These sit on towers and are not easily accessible, and the trouble is that if there is a power cycle, then these devices reboot and come up with a default IP address on the 169.254.x.x network. This is how I get my internet access to my SOHO network at home/business, I live way out in the woods! (I have tried to look into upgrading the firmware of these devices but so far no joy in figuring out how to do so, in order to get around this problem.)
Is there no non-volatile memory for storing configuration? If not, I'd consider those devices to be defective out of the box. There is absolutely no excuse for that sort of nonsense.
I set up the router B for the 192.168.20.x network to handle smart cell phones and some associated devices and get them off of the gateway computer and internal network (192.168.10.x) used for my home/business computers and servers. This is an attempt to improve phone call drops and intermittent issues we were having when the cell phones were on the same network as all the rest of our computers.
Greg - Yes I think you see/understand what I am trying to do with having a separate network set up outside of my gateway computer. It sounds to me that from what you are saying, even if I could switch the 169.254.xx network address over to something like a 10.x.x.x network I would still have routing problems. Hmmmm, anyone got any ideas on how to go about solving this? Suggestions on wireless routers I can use? Right now I am using Rosewill wireless routers and I don't see any settings that allow me to override routing rules and still provide NAT capabilities.
As I menitoned, RFC1918 addresses, which include 10.x.y.z, are routable. They just can't be routed over the public Internet. So, you'd just need NAT to resolve that issue. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Marc Chamberlin wrote:
Togan, James, you both pointed out the same thing, which I was kinda afraid of, that the 169.254.x.x network is a non-routable IP address range. I have encountered issues with this before and so far have not come up with a good answer. My trouble is that the devices on this network consist of some Motorola Canopy wireless access points and subscriber modules. These sit on towers and are not easily accessible, and the trouble is that if there is a power cycle, then these devices reboot and come up with a default IP address on the 169.254.x.x network. This is how I get my internet access to my SOHO network at home/business, I live way out in the woods! (I have tried to look into upgrading the firmware of these devices but so far no joy in figuring out how to do so, in order to get around this problem.) Is there no non-volatile memory for storing configuration? If not, I'd consider those devices to be defective out of the box. There is absolutely no excuse for that sort of nonsense.
Well that sucks... I will again see what I can do to upgrade the firmware on these Canopies, I tried once but ran into other issues. Yes
On 8/6/2013 9:02 AM, James Knott wrote: they do have non-volatile memory, just did not store the IP address in it on these early models. I may just have to live without it for awhile, getting/paying a guy to climb the towers is expensive. Marc... -- "The Truth is out there" - Spooky -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Marc Chamberlin wrote:
Well that sucks... I will again see what I can do to upgrade the firmware on these Canopies, I tried once but ran into other issues. Yes they do have non-volatile memory, just did not store the IP address in it on these early models. I may just have to live without it for awhile, getting/paying a guy to climb the towers is expensive.
Do they support DHCP? If so that would be a solution. You can map MAC addresses to specific IP addresses, if necessary. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 8/6/2013 3:27 PM, James Knott wrote:
Marc Chamberlin wrote:
Well that sucks... I will again see what I can do to upgrade the firmware on these Canopies, I tried once but ran into other issues. Yes they do have non-volatile memory, just did not store the IP address in it on these early models. I may just have to live without it for awhile, getting/paying a guy to climb the towers is expensive. Do they support DHCP? If so that would be a solution. You can map MAC addresses to specific IP addresses, if necessary.
Thanks James I will set your suggestion aside for the moment however as I am pursuing a test path at the moment. I have set up a test network identical to the way I showed it in my first email, and have switched the non-routable 169.254.x.x addresses in the network to a routable 10.10.10.x network. While the Canopies will not hold these 10.10.10.x address should there be a power cycle, I am just wanting to see if I now can get my Machine B to see/ping my Machine A. I modified my route table according... And no joy! Still cannot ping Machine A from Machine B. Any ideas? From your suggestion, are you implying that I need to turn off the NAT functionality of my router for the 192.168.20.x network? Marc.. -- "The Truth is out there" - Spooky -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Marc Chamberlin wrote:
Any ideas? From your suggestion, are you implying that I need to turn off the NAT functionality of my router for the 192.168.20.x network?
I have no idea if those 169.254 addresses will work with NAT. They're not supposed to be routed at all and I suspect that means NAT as well. The devices should not be attempting to use any router, including NAT, for those addresses. As far as I can tell, the only solution is to move off that address range. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 8/6/2013 7:03 PM, James Knott wrote:
Marc Chamberlin wrote:
Any ideas? From your suggestion, are you implying that I need to turn off the NAT functionality of my router for the 192.168.20.x network?
I have no idea if those 169.254 addresses will work with NAT. They're not supposed to be routed at all and I suspect that means NAT as well. The devices should not be attempting to use any router, including NAT, for those addresses. As far as I can tell, the only solution is to move off that address range.
I think you misunderstood my previous email James. I have set up a network such that it is not using the 169.254.x.x addresses. Instead it is now using 10.10.10.x addresses, which is routeable but still private IP addresses AFIK. I am still getting no joy getting my two private 192.168.x.x networks to see each other. Marc... -- "The Truth is out there" - Spooky -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, 06 Aug 2013 20:47:06 -0700, Marc Chamberlin <marc@marcchamberlin.com> said:
Marc> I think you misunderstood my previous email James. I have set up a Marc> network such that it is not using the 169.254.x.x addresses. Instead Marc> it is now using 10.10.10.x addresses, which is routeable but still Marc> private IP addresses AFIK. I am still getting no joy getting my two Marc> private 192.168.x.x networks to see each other. So you are saying without SuSEFirewall2 (or any other firewall/iptables) your two networks are not able to ping/(do what ever with) each other -- Life is endless possibilities -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Marc Chamberlin <marc@marcchamberlin.com> wrote:
On 8/6/2013 7:03 PM, James Knott wrote:
Marc Chamberlin wrote:
Any ideas? From your suggestion, are you implying that I need to turn off the NAT functionality of my router for the 192.168.20.x network?
I have no idea if those 169.254 addresses will work with NAT. They're not supposed to be routed at all and I suspect that means NAT as well. The devices should not be attempting to use any router, including NAT, for those addresses. As far as I can tell, the only solution is to move off that address range.
I think you misunderstood my previous email James. I have set up a network such that it is not using the 169.254.x.x addresses. Instead it
is now using 10.10.10.x addresses, which is routeable but still private
IP addresses AFIK. I am still getting no joy getting my two private 192.168.x.x networks to see each other.
Marc... I would assume my first email still applies. You need to override a default "don't route setting" for those private networks. Greg -- Sent from my Android phone with K-9 Mail. Please excuse my brevity. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Greg Freemyer wrote:
I would assume my first email still applies. You need to override a default "don't route setting" for those private networks.
In all the work I've done with routers, I've never seen that setting. While 169.254 traffic should never get to a router, proper routers will route those RFC1918 addresses just fine. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Wed, Aug 7, 2013 at 8:27 AM, James Knott <james.knott@rogers.com> wrote:
Greg Freemyer wrote:
I would assume my first email still applies. You need to override a default "don't route setting" for those private networks.
In all the work I've done with routers, I've never seen that setting. While 169.254 traffic should never get to a router, proper routers will route those RFC1918 addresses just fine.
James, It has been a long time since I worked at an ISP, but I am fairly confident the routers we bought dropped private IPs by default. Looking at wikipedia <http://simple.wikipedia.org/wiki/Private_network> I see "Public Internet Routers by default will not forward packets with RFC 1918 addresses. Unlike public Internet routers that need additional configuration to forward these packets, internal routers do not need any additional configuration to forward these packets." Thus it appears we could both be right depending on what the manufacturer (or opensuse engineer) thought was going to be the typical use for the router. Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Greg Freemyer wrote:
It has been a long time since I worked at an ISP, but I am fairly confident the routers we bought dropped private IPs by default.
Those routers would certainly be configured to block those ranges, but there's no specific setting. For example, on a Cisco router, you just add in the appropriate rules to the access list.. If you were an ISP, you'd have an input filter, using a standard access list with those ranges denied. On the other hand, you might be using that same router internally, where you want to pass those ranges, in which case you wouldn't block the ones you use. IPtables, as used in openSUSE also has rules for filtering, but they're generally hidden by Yast. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Greg Freemyer wrote:
"Public Internet Routers by default will not forward packets with RFC 1918 addresses. Unlike public Internet routers that need additional configuration to forward these packets, internal routers do not need any additional configuration to forward these packets."
As I mentioned, I have a lot of experience with routers, both industrial and consumer grade. An industrial grade does not have any such setting, as it has to be able to work anywhere and access lists or rules are used to determine what is passed or not. Consumer grade routers are limited in function in that they only do NAT and are nor capable of routing networks in the same manner as the industrial ones. With them, there would be no means of the local network addresses to be routed onto the Internet, as they don't support that function at all. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Marc Chamberlin wrote:
I think you misunderstood my previous email James. I have set up a network such that it is not using the 169.254.x.x addresses. Instead it is now using 10.10.10.x addresses, which is routeable but still private IP addresses AFIK. I am still getting no joy getting my two private 192.168.x.x networks to see each other.
What are you using for router A & B? A Linux based firewall has no problem routing private addresses. I have configured VPNs that use those private addresses and routed from them to my local network and onto the Internet. I have also done similar with commercial grade routers from Adtran. Have you got the routes set up properly? They can be tricky at first. . -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, 2013-08-06 at 16:21 -0700, Marc Chamberlin wrote:
Thanks James I will set your suggestion aside for the moment however as I am pursuing a test path at the moment. I have set up a test network identical to the way I showed it in my first email, and have switched the non-routable 169.254.x.x addresses in the network to a routable 10.10.10.x network. While the Canopies will not hold these 10.10.10.x address should there be a power cycle, I am just wanting to see if I now can get my Machine B to see/ping my Machine A. I modified my route table according... And no joy! Still cannot ping Machine A from Machine B.
Any ideas? From your suggestion, are you implying that I need to turn off the NAT functionality of my router for the 192.168.20.x network?
Marc, If you still can't make it work, please show us 1) routing table content on both Router A and B, and on the gateway SuSE box("ip route" or "route"). Then 2) traceroute result from/to Machine A to from Machine B, which Koenraad suggested. You need to turn off NAT on the GW machine if other part of your network want to send packets to 192.168.10.0/24 network. NAT will hide the subnet behind (192.168.10.0/24 your case) and only outside address of the GW box(10.10.10.?/32) is reachable and you need to set up port forwardings from the 10.10.10.? to each machine behind the GW. Toshi -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, 6 Aug 2013 08:44:53 Marc Chamberlin wrote:
[...] Togan, James, you both pointed out the same thing, which I was kinda afraid of, that the 169.254.x.x network is a non-routable IP address range. I have encountered issues with this before and so far have not come up with a good answer. My trouble is that the devices on this network consist of some Motorola Canopy wireless access points and subscriber modules. These sit on towers and are not easily accessible, and the trouble is that if there is a power cycle, then these devices reboot and come up with a default IP address on the 169.254.x.x network. This is how I get my internet access to my SOHO network at home/business, I live way out in the woods! (I have tried to look into upgrading the firmware of these devices but so far no joy in figuring out how to do so, in order to get around this problem.)
Marc, Those Canopy wireless units don't have "default plugs" left in them, do they? That will cause them to start up with factory detault settings on boot. It's used to access a device when its programmed IP address is unknown. They should never be left in after installation - they're a service tool. How have you tried to update the firmware? I've always done mine via the Canopy Network Updater Tool (CNUT) which will run on both Linux and Windows as it is written in Perl and Java. I have a laptop with openSuSE on it primarily for the CNUT, because I trust it more under oS than under Windows. Be aware though that firmware is no longer freely available on the web site - you must either have units that are still under warranty or have a current Motorola support agreement. I'm pretty sure too that you can't jump versions - they have to be upgraded in steps, from memory (or perhaps I'm confusing them with something else). Anyway, I'm rapidly drifting OT. The CNUT is available from the Canopy web site, here: http://www.cambiumnetworks.com/support/management-tools/cnut/ -- ============================================================== Rodney Baker VK5ZTV rodney.baker@iinet.net.au ============================================================== -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Op 06-08-13 07:18, Marc Chamberlin schreef:
Ok i been fooling around with this, and suspect I am missing something dumb... I have the following SOHO network configuration -
Internet | Router A 169.254.1.1 | |-----169.254.1.200 Router B 192.168.20.1 --------- 192.168.20.100 Machine A | 169.254.1.100 (eth0) OpenSuSE Gateway Machine with SuSEFirewall 192.168.10.1 (eth1) | | 192.168.10.20 Machine B
Hi, I'm no expert, but I think if you configure a route on the OS gateway for subnet 192.168.20.x to go to 169.254.1.200 and the counterpart (subnet 192.168.10.x to 169.254.1.100) on router B I think it should work. I believe traceroute will show on what device the problem is. But, like other people said, don't use 169.254.x.x addresses. My thoughts. Koenraad Lelong -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Koenraad Lelong wrote:
I'm no expert, but I think if you configure a route on the OS gateway for subnet 192.168.20.x to go to 169.254.1.200 and the counterpart (subnet 192.168.10.x to 169.254.1.100) on router B I think it should work. I believe traceroute will show on what device the problem is.
Any computer with a 169.254 address shouldn't even be attempting to use a router at all. That address range is called "link local" and it's specifically not routeable. The RFC1918 private address are routeable, though not over the public Internet. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (7)
-
Greg Freemyer -
James Knott -
Koenraad Lelong -
Marc Chamberlin -
Rodney Baker -
Togan Muftuoglu -
Toshi Esumi