Routing problem

yaikun94 · October 27, 2016, 4:54am

I have 2 RB951G, let’s call it A and B.
RouterA:

ether1: wan
-ether2-5: lan with dhcp server (192.168.10.0/24)

RouterB:
-ether1-2: bridge received ip from routerA (192.168.10.254/24)
-ether3-5: lan with dhcp server (172.16.10.0/24)

client with ip 192.168.10.0/24 can’t ping client with ip 172.16.10.0/24 because they don’t have routes. After routing them (Dst. 172.16.10.0/24 , Gw.192.168.10.254) ip 192.168.10.0/24 can ping gateway 172.16.10.1 but still can’t ping client 172.16.10.0/24. Although client with ip 172.16.10.0/24 can ping client with ip 192.168.10.0/24 just fine.
Did i do something wrong?
Thanks in advance and sorry for my bad english.

yaikun94 · October 28, 2016, 4:34am

Anyone (

Rudios · October 28, 2016, 5:04am

are you using any NAT on the second router?
How about firewall, on both routers and the destination client?

yaikun94 · October 28, 2016, 7:32am

the 2nd router don’t have any NAT, try to add once but it’s the same result.
There is no firewall rules on both routers

Rudios · October 28, 2016, 11:45am

Can you please share your 2 configs.

miq · October 28, 2016, 6:16pm

Maybe you must add rule to forward chain?

skuykend · October 28, 2016, 11:27pm

If it’s a home version Windows pc you’re trying to ping, the default Windows firewall doesn’t allow ping responses to other subnets. Try temporarily disabling the firewall.

actrn · October 30, 2016, 4:32pm

you are in double nat, generally not good to surf with these, in any case you can try to add route from 172.x Lan to return icmp.

yaikun94 · October 31, 2016, 2:27am

Hi,
sorry for the late reply,
Here is my 2nd router config
***Router2:

-Bridge1 received ip from router1 (192.168.1.8 )
-Bridge2 created dhcp server and has 1 client (192.168.20.252)
***Router1:

-Try to ping router1 to client 192.168.20.252 but time out.
-Ping gateway 192.168.20.1 just fine

yaikun94 · October 31, 2016, 2:34am

Already disabled but still not work =.=!!

Could you pls show me how to do it

actrn · October 31, 2016, 7:28am

try to add:

172.16.10.0/24 gate 192.168.10.x ( your gateway )

miq · October 31, 2016, 9:56am

chain=forward action=accept src-address=0.0.0.0 dst-address=172.16.10.0/24 log=no log-prefix=""

Rudios · October 31, 2016, 4:29pm

Does your DHCP supply gateway address?

yaikun94 · November 1, 2016, 4:43am

already did it in router1. After route i can ping 172.16.10.1 but can’t ping client (ex.172.16.10.252)

yaikun94 · November 1, 2016, 4:45am

i’ll try it later tks.

yes it is

Rudios · November 1, 2016, 7:46am

I would first disable all firewall rules to see how that goes (maybe only let exist the masquerade rule on RouterA to have internet connection)

yaikun94 · November 1, 2016, 8:40am

Solved,
put my NAT rule masquerade for src.address 172.16.10.0/24 in router 2 to the top (just notice it behind other nat rules so it won’t work.) and it work like a charm. Gotta note it =.=!!
Thanks you guys for helping me all this time

Rudios · November 1, 2016, 8:42am

Good to hear you solved it, nevertheless I am curious about your config, because in one of the first posts you stated there was no NAT on RouterB

yaikun94 · November 2, 2016, 1:39am

yes i said that i tried to add and then remove NAT but there is no difference between 2 options. Turn out after add NAT i have to move it to the top so the rule can work properly