arp problem? Howto fix

Craig White craigwhite at azapple.com
Fri Jul 23 02:13:17 UTC 2004 

On Thu, 2004-07-22 at 14:18, Gene Heskett wrote:
> Greetings all;
> 
> I apologize if this is a duplicate post, but the first one has not come back 
> in something like 20 minutes.
> 
> Now I have a new problem that seems to be iptables or arp related.
> 
> My network here consists of:
> dsl modem<->router<-eth0(firewall box(gene))<->iptables<->eth1(firewall box(gene))<->netgear switch port1
> netgear switch port 2<->main box(coyote)
> netgear switch port 3<->shop box(shop)
> 
> I've just re-configured the 'main box' with the motherboards LAN connection, an nforce2
> setup using the forcedeth driver.  I was formerly running a D-Link RTL-8139too
> card in that box.
> 
> I can ping anywhere on the local net, or ssh into all of it, but cannot even ping
> the router from gene, but I can ping gene from coyote or vice-versa  in
> sub-millisecond timeings..
> 
> >From shop, I can ping the world, from gene I can ping the world, but I cannot
> seem to get thru iptables from coyote, my main box.  All ip addresses are as 
> they were before the card switch.
> 
> Nothing in the network configuration was changed here on gene, which is where
> I'm posting this from.   The only thing changed on coyote is the bogus MAC address
> of the nforce network port since its not hard coded into the chips, but is a bios entry.
> 
> iptables hasn't changed here, but everything has been either power cycled or
> restarted except this box itself, which has a 72 day uptime ATM.  I see no reason
> to do it since the shop box goes thru the same NAT and MASQUERADE in iptables
> as coyote should be using.  In fact, the shop box is not being named in a
> PORTFORWARD rule but is getting thru anyway.
----
don't know if you've solved this and not entirely sure which FC we are
talking about but I would check for the wrong module being assigned to
the switched NIC in the following places...
/etc/modules.conf
/etc/modprobe.conf
/etc/sysconfig/network-scripts/ifcfg-ethX

I would remove the 'old' module ... rmmod rtl8139too or whatever it was
and insmod the new module if known or simply run kudzu and then restart
network service.

Craig

More information about the fedora-list mailing list