FC 4 Networking bridge

Mark mark at lumison.net
Sun Jan 29 04:48:02 UTC 2006 

Thanks for the replies.

The idea was to try and test the throughput from server 1 to server 2 
via the cisco and still be able to access the cisco on its public IP as 
another thing we want to test is pptp vpn and ipsec access (doing that 
using NAT and server 1 as the access IP would create more headaches than 
solve.

We would have rpeferred to all the testing with the server nicely racked 
up with all being able to do everything remotely, but I think I may give 
that up as a bad idea and do the vpn testing and throughput testing as 2 
separate set ups.

Ah well, back to the drawing board for me. :)

Thanks again

Mark



Jeff Vian wrote:

>On Sat, 2006-01-28 at 07:03 +0000, Mark wrote:
>  
>
>>Hi all
>>
>>Perhaps I am being a lil dim here as a new linux sysadmin personage 
>>(previous preference was for windows, emphasis on "was")
>>
>>For some reason I have not been able to get a working network along the 
>>following lines.
>>
>>NOTE this network is purely for systems testing, bandwidth etc, hence 
>>the daisy chain effect.
>>
>>I have 2 servers, both running FC4 and a cisco router.
>>
>>The aim is to test throughput from one server to the other via the cisco.
>>
>>My proposed solution is as follows:
>>Both servers have 2 gigE nics
>>Cisco has 2 interfaces which I have named ciscoLan and ciscoWan
>>
>>Basically I want server 1 with eth0 connected to my DMZ network (and the 
>>world at large) witha  public IP address
>>I then want to configure eth1 with another public IP to connect directly 
>>to the ciscoWan
>>
>>I already have the cisco connected via ciscoLan to server 2 using NAT 
>>and private IPs but I cannot get eth1 on server 1 to come up with the IP 
>>address I need and then talk to the cisco.
>>
>>I think the issue may be that I need to enable bridging of sorts between 
>>the 2 NICs, as MS does with ICS etc.
>>
>>So the question is, how do I acheive that?
>>
>>As far as I can tell, I have all the interfaces configured correctly.
>>
>>I can`t give the actual IPs here, but I will give an example:
>>All Xs give the same subnet
>>
>>Server 1
>>/etc/sysconfig/network
>>NETWORKING=yes
>>HOSTNAME=test-server-01.domain.net
>>GATEWAY=X.X.X.33
>>
>>/etc/sysconfig/network-scripts/ifcfg-eth0
>>DEVICE=eth0
>>BOOTPROTO=none
>>HWADDR=00:14:22:22:04:1A
>>ONBOOT=yes
>>TYPE=Ethernet
>>IPADDR=X.X.X.41
>>NETMASK=255.255.255.224
>>GATEWAY=X.X.X.33
>>
>>/etc/sysconfig/network-scripts/ifcfg-eth1
>>DEVICE=eth1
>>HWADDR=00:14:22:22:04:1A
>>ONBOOT=yes
>>TYPE=Ethernet
>>NETMASK=255.255.255.224
>>IPADDR=X.X.X.42
>>GATEWAY=217.30.126.33  <- is this a problem????
>>
>>Have I really missed something and thats why this server can`t talk to 
>>my cisco on eth1?  By the way, the cisco has an IP of X.X.X.62
>>
>>    
>>
>
>1)  You should not have the default gateway defined in 3 places. In my
>experience it seems best in /etc/sysconfig/network.  It may not get
>defined at all if the sequence of reading/processing the files is not
>what you want.  You can also only have *one* default gateway.  If those
>in the other two files are the correct one, then certainly the one in
>ifcfg-eth1 is a problem.
>
>2)  You should *not* have 2 different interfaces on the same machine on
>the same subnet.  Many problems are related to having this type setup,
>which causes the system to get confused about which adapter to use for
>what. (slow communications, lost packets, routing messed up, to name a
>few.)
>
>3) What is the output of "route -n"?  Which device has the default
>gateway defined (eth0 or eth1)? Is it what you expected (X.X.X.33) or
>the other one (217.30.126.33)?
>
>Why are you trying to have this machine talk to the cisco on the same
>subnet as is used on the other interface?  Nothing is gained and a lot
>is lost by trying this.  If you are connecting directly to the cisco
>with no other connections on that network segment, why not use one of
>the private network addresses for both the cisco and this server on
>eth1?
>
>  
>
>>I am trying to have both eth0 and eth1 having IPs only 1 apart and the 
>>gateway for eth1 is set to the same as eth0.  Is this adding to the 
>>problems?
>>
>>    
>>
>Yes, see 1 & 2 above.
>
>  
>
>>I can solve it fairly easily by installing windows on server 1 and 
>>configure ICS etc, but I would rather avoid that for 2 reasons:
>>- having FC4 on the server is beneficial for us after this roject
>>- I don`t want to give in to this problem, I would rather solve it.
>>
>>    
>>
>I am not sure I understand completely.  
>Are you connecting both servers to the internet with a single public IP?
>If so iptables and setting up nat is the best way to go. (This works
>similarly to ICS but has much more functionality.) That is exactly what
>I use for my connections at home.  A Cable modem with one IP available
>and my home network has 4 PCs (using a private IP network) that access
>the internet at any time.  Server 1 would have one interface with a
>public IP and the other interface would have a LAN ip, similar to what a
>router does.
>
>If the cisco is the connection to the internet and you are sharing the
>local LAN with all machines accessing the internet through the cisco
>then all should be on the same network segment/subnet.
>
>If you are using multiple public IPs then each should be connected
>directly and not in the way that ICS works from M$.
>
>  
>
>>Thanks in advnace.
>>
>>Mark
>>    
>>
>
>  
>

-- 

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed.  
If you have received this email in error please notify the sender. Any 
offers or quotation of service are subject to formal specification.  
Errors and omissions excepted.  Please note that any views or opinions 
presented in this email are solely those of the author and do not 
necessarily represent those of Lumison, nplusone or lightershade ltd.  
Finally, the recipient should check this email and any attachments for the 
presence of viruses.  Lumison, nplusone and lightershade ltd accepts no 
liability for any damage caused by any virus transmitted by this email.

-- 

-- 
Virus scanned by Lumison.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060129/60909acb/attachment-0001.htm>

More information about the fedora-list mailing list