networking nightmare revisited
Scott Howell
showell at lrxms.net
Sat Oct 19 22:34:55 EDT 2002
Folks,
After posting my rant on the issues I was having, I have some updates
here.
I looked over the current configuration for lrxms which is the slackware
box that is currently acting as a firewall and server.
The Debian box I am attempting to configure as my new firewall is zoose.
I haven't loooked over the Slackware box's configuration for some time
because there was no real reason to do so being as it worked.
Now what I stumbled over and had forgotten about is in the slackware box
known as lrxms which lives on the lrxms.net domain; has two interface
cards. eth0 is my external interface and eth1 internal.
What I noticed is in the script that brings up the interface, eth0 I
provided the ip address, netmask, broadcast address, and gateway.
Now on eth1 I provided the ip address, netmask, broadcast, and no
gateway.
However, on the Debian box named zoose, it has in the
/etc/network/interfaces file for eth0 and eth1 the ip addresses for the
corrisponding interfaces as well as the netmask, broadcast address for
both, and gateway addresses for both.
I wonder if this could very well be my problem.
I didn't attempt to add a gateway address to lrxms and thought perhaps
if I remove that from zoose it'll work.
I'll give that a try, but I was curious about the route output from
zoose. I don't know what made me name a box as my domain name, but well
aside from that odd thought, I thought the route output was most
curious. this is the route output from zoose when I removed lrxms from
the network and put zoose in its place. Zoose at this point was to be
acting as the firewall for my domain/network.
Here is what it said and I'd love to know where it got the name for
lrxms when its name is zoose.
This output came directly after I brought up the box and prior to me
running the firewall which by the way I did not use for any of these
tests.
Gateway Genmask Flags MSS Window irtt Iface
66.92.147.1 0.0.0.0 255.255.255.255 UH 40 0 0
eth0
66.92.147.0 0.0.0.0 255.255.255.0 U 40 0 0
eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0
eth1
0.0.0.0 192.168.1.1 0.0.0.0 UG 40 0 0
eth1
0.0.0.0 66.92.147.1 0.0.0.0 UG 40 0 0
eth0
Now I was getting connection time out messages from named and ncftp. I
then tried forcing the route to eth0 as a default gateway. This probably
only added to the mess, but here is what I got from route after doing
this.
Gateway Genmask Flags MSS Window irtt Iface
66.92.147.1 0.0.0.0 255.255.255.255 UH 40 0 0
eth0
66.92.147.0 0.0.0.0 255.255.255.0 U 40 0 0
eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0
eth1
0.0.0.0 192.168.1.1 0.0.0.0 UG 40 0 0
eth1
0.0.0.0 66.92.147.1 0.0.0.0 UG 40 0 0 eth0
Now one final note. When I have lrxms back in its working position, I
ran the route command and here is wht I got.
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
localnet * 255.255.255.0 U 0 0 0
eth0
192.168.1.0 * 255.255.255.0 U 0 0 0
eth1
loopback * 255.0.0.0 U 0 0 0
lo
default gw-081-147.dsl. 0.0.0.0 UG 1 0 0 eth0
Now that certainly looks different from any of the above and it
obviously is correct. SO, this must mean then there's a route problem
with zoose and so any thoughts would be very much appreciated.
I thought at the very least I could go somewhere using ncftp and an ip
address, but get the famous no route to host error message from ncftp.
Btw, I did find the ping problem at least for lrxms, it seems that I
must be blocking outbound pings, but for the life of me can't find this
in the ipchains script.
Any assistance/advice greatfully accepted and appreciated. I'll keep
looking into to this as I go along and am confident I'll resolve these
issues somehow.
Scott
More information about the Speakup
mailing list