Re: (PM) Destination host unreachable

Josh Richards (josh@lucent.com)
Mon, 11 May 1998 13:59:24 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Josh Richards: "RE: (PM) Destination host unreachable"
Previous message: Terje Sten Bjerkseth: "RE: (PM) Destination host unreachable"

On 11 May 1998, Terje Sten Bjerkseth wrote:

> I'm 193.71.148.146. When I try to ping or traceroute 172.29.220.11, I
> get "destination host unreachable". traceroute shows:
>
> Tracing route to [172.29.220.11]
> over a maximum of 30 hops:
>
> 1 40 ms 20 ms 20 ms 193.71.148.10
> 2 193.71.148.10 reports: Destination host unreachable.

What does this look like from the other side (traceroute from
172.29.220.11)? Also, I assume you realize that 172.29.220.11 is not a
real network, since it is reserved by IANA for private networks and not
globally routable..

> When I go to our PM2 which is 193.71.148.10, it says:
>
> trf-pm2> show route 172.29.220.0
> Destination Mask Gateway Source Flag Met Interface
> ----------------- ---- -------------------- ------- ---- --- ---------
> 172.29.220.0 24 193.71.148.12 ospf/E2 ND 4 ether0
>
> From the 193.71.148.12 I can ping 172.29.220.11 without any problems,
> and it reports:
>
> trf-gw>show ip route 172.29.220.11
> Routing entry for 172.29.220.0/24
> Known via "ospf 1", distance 110, metric 2, type extern 2, forward
> metric 74
> Redistributing via ospf 1
> Last update from 193.71.150.15 on Serial0, 1d04h ago
> Routing Descriptor Blocks:
> * 193.71.150.15, from 193.71.150.20, 1d04h ago, via Serial0
> Route metric is 2, traffic share count is 1
>
> The PM2 (trf-pm2) has the following filters on the ethernet interface:
>
> trf-pm2> show filter ethernet.in
> 1 permit 193.71.148.0/24 0.0.0.0/0 ip
> 2 permit 193.71.150.0/24 0.0.0.0/0 ip
> 3 permit 193.71.148.0/24 0.0.0.0/0 icmp
> 4 permit 193.71.150.0/24 0.0.0.0/0 icmp
> 5 deny 0.0.0.0/0 0.0.0.0/0 ip log
> trf-pm2> show filter ethernet.out
> 1 permit 0.0.0.0/0 193.71.148.0/24 ip
> 2 permit 0.0.0.0/0 193.71.150.0/24 ip
> 3 permit 0.0.0.0/0 193.71.148.0/24 icmp
> 4 permit 0.0.0.0/0 193.71.150.0/24 icmp
> 5 deny 0.0.0.0/0 0.0.0.0/0 ip log

Well, if the packet is going to the pm2 and then supposed to be forwarded
to the Cisco, then you are going to have to permit 172.29.0.0/16 for
the ethernet.out filter which you are not doing above.

-jr

----
Josh Richards - <jrichard@livingston.com> - <josh@lucent.com>
[Beta Engineer] - LUCENT Technologies - Remote Access Business Unit
<URL:http://www.livingston.com/> * <URL:http://www.lucent.com/dns/>

-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>

Next message: Josh Richards: "RE: (PM) Destination host unreachable"
Previous message: Terje Sten Bjerkseth: "RE: (PM) Destination host unreachable"