Route adding

xlancealotx · August 15, 2008, 9:22pm

Still new to the distro, but having a route question/problem.

At the office, we have a point to point VPN working, the office we have a 10.10.5.x local, the vpn is on the public internet. One of the servers has a 2nd nice on a private network 10.10.17.0 which he can see fine.

I should have no problem getting to it using that server (I would think), yet when I try this at the command line;

route add -net 10.10.17.0 gw x.x.x.x netmask 255.255.255.0

I get the following;
SIOCADDRT: No such process

So can I route to that private throught that machine (I would think so), and if so, what’s the correct syntax. The box on the other side is a CentOS box.

ken_yap · August 15, 2008, 11:29pm

A search on the net shows that the message SIOCADDRT no such process is a very badly misnamed message. It generally means the gateway is not reachable with your current routes. This would happen if the gateway address is not covered by any subnet reachable by your interface settings. You may need to put in a host route to the gateway first.

lornix · August 16, 2008, 2:51am

On Fri, 15 Aug 2008 19:26:02 GMT
xlancealotx <xlancealotx@no-mx.forums.opensuse.org> wrote:

>
> Still new to the distro, but having a route question/problem.
>
> At the office, we have a point to point VPN working, the office we have
> a 10.10.5.x local, the vpn is on the public internet. One of the
> servers has a 2nd nice on a private network 10.10.17.0 which he can see
> fine.
>
> I should have no problem getting to it using that server (I would
> think), yet when I try this at the command line;
>
> route add -net 10.10.17.0 gw x.x.x.x netmask 255.255.255.0
>
> I get the following;
> SIOCADDRT: No such process
>
> So can I route to that private throught that machine (I would think
> so), and if so, what’s the correct syntax. The box on the other side
> is a CentOS box.
>
>

Usually, you need to have a nic on that subnet too…

If the SERVER has a second nic, you cannot access the network on that nic
without permissions (and routing) being performed on the server.

I doubt that the 10.10.5.x and 10.10.17.x subnets are running on the same
wire, but it’s quite possible to do so.

IF they ARE both on the same wire, AND you have a valid IP address to use,
you COULD add another gateway/route.

The irony being, IF you had a valid IP address on the 10.10.17.x subnet, you
would ALREADY have a valid route/gateway setup.

(if you don’t possess a valid IP for that subnet, you shouldn’t be playing
with it anyways… bad things happen when you cause address collisions on
someone’s private network… ever read BOFH?)

Obviously, the admins don’t want you on the 10.10.17.x subnet, and it was
segregated to another nic/wire to prevent that.

Loni

–
L R Nix
lornix@lornix.com

xlancealotx · August 18, 2008, 5:08am

Thanks for the replies. lornix, the message I wrote was well written due to so many “help me” etc. that I made sure I was pretty clear, but to recap, they are not on the same wire, if so I could have added an alias IP or other ways to get to it.

But, if more info is needed, I already explained, at the local office we are on a 10.10.5.x network. We have a co-lo where our servers are. We are setup on a point to point VPN, so I can see one subnet of the network (a public 38.x network). But… I have a management network at the co-lo on a 10.10.17.x network with some APC PDU’s and a few other devices. I have ssh forwarding on a machine there, so I can ssh -X over, x-forward some of the management app’s, but one is java based and extremely slow. So, since I am on a point to point, from my desktop, if I tracert the 10.10.17.x it goes to my local gateway, then out the public internet naturally dying out.

I wanted to say, add a route. If you want to goto the 10.10.17.0, goto the 38.x (the x being the IP of the server with a nic on that subnet), but when I tried to add that route add I got the error mentioned earlier.

Lastly, and I quote…

Obviously, the admins don’t want you on the 10.10.17.x subnet, and it was
segregated to another nic/wire to prevent that."
Who ever said there were admins, permissions, etc. It was already stated that there was an office and VPN so the reason it was segmented, well I didn’t feel like running cat5 50+ miles to the co-lo! But thanks for the time to reply!