0

I'm trying to bring up a little box on my network. I just reflashed the firmware and it's supposed to come up as 192.168.1.1 by default. My router is a DSL modem at 192.168.0.1; it usually uses a netmask of 255.255.255.0, so I can't talk to the new box.

I telnet into the router and use ifconfig to change the netmask to 255.255.0.0, but I still can't ping 192.168.1.1. (Apparently I'm supposed to use ip now, but I know ifconfig better.)

I figure maybe iptables is getting in my way, so I try this: iptables -F; iptables -X; iptables -t nat -F; iptables -t nat -X; iptables -t mangle -F; iptables -t mangle -X; iptables -P INPUT ACCEPT; iptables -P OUTPUT ACCEPT; iptables -P FORWARD ACCEPT and sure enough now I see:

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Which looks good to me, but still when I try ping 192.168.1.1 I get no reply.

But if I do this while running # tcpdump -n -i br0 -v host 192.168.1.1, I see this:

tcpdump: listening on br0, link-type EN10MB (Ethernet), capture size 68 bytes
15:09:21.057458 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.0.1 > 192.168.1.1: ICMP echo request, id 26859, seq 1, length 64
15:09:25.036912 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.1.1 tell 192.168.0.1, length 28
15:09:25.037321 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.1.1 is-at 00:18:39:2c:9c:30, length 46

That arp reply has a MAC address matching my new box! So why can't my packets get there and back?

# ip route show
205.171.X.X via 72.160.X.1 dev ppp0 
72.160.X.X dev ppp0  proto kernel  scope link  src 72.160.X.X 
205.141.X.X via 72.160.X.1 dev ppp0 
192.168.0.0/16 dev br0  proto kernel  scope link  src 192.168.0.1 
default via 72.160.X.1 dev ppp0

I'm pretty sure it's a problem with the router, not the target box. What could it be?

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
Adam Bliss
  • 131
  • 4
  • Here is another detail that I *think* should have no bearing on the question. There is another WIFI router on the network, with IP address 192.168.0.2, which is giving out DHCP leases of 192.168.1.X on its own WLAN. But I'm pretty sure that should be totally invisible to me on the DSL modem at 192.168.0.1. – Adam Bliss Sep 15 '14 at 23:25
  • 1
    Sounds like you changed the netmask on one end but not on the other end. Changing the netmask from `255.255.255.0` to `255.255.0.0` isn't going to help if the other end of the connection stil uses `255.255.255.0`. This is one of those things that I find easier to handle with IPv6. Try `ping6 -c2 -n ff02::1%br0` to see if the device has an IPv6 address you can connect to. – kasperd Sep 15 '14 at 23:32

1 Answers1

0

@kasperd was right -- the target box had a netmask of 255.255.255.0. I was able to communicate by giving br0 a new ip address: 

# ip addr add 192.168.1.2/24 dev br0
# ip addr show br0
8: br0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/ether 10:7b:ef:92:ca:af brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/24 brd 192.168.0.255 scope global br0
inet 192.168.1.2/24 scope global br0
# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1): 56 data bytes
64 bytes from 192.168.1.1: seq=0 ttl=64 time=31.187 ms
Adam Bliss
  • 131
  • 4