LAN question

Paul Newell pnewell at cs.cmu.edu
Sun Sep 21 22:54:20 UTC 2008 

Arthur Pemberton wrote:
> On Sun, Sep 21, 2008 at 12:49 AM, Paul Newell <pnewell at cs.cmu.edu> wrote:
>   
>> Arthur Pemberton wrote:
>>     
>>> On Sun, Sep 14, 2008 at 11:56 PM, Paul Newell <pnewell at cs.cmu.edu> wrote:
>>>
>>>       
>>>> Fedora:
>>>>
>>>> Before I switched to F9, all my FC5 machines were happily chatting with
>>>> each
>>>> other through a Linksys WRT54GL but none of them could see the net. I
>>>> upgraded one of them to F9 and it sees the net and can ssh to the others.
>>>> But the other two machines can no longer ssh into it F9 system. I tried
>>>> to
>>>> play with things to fix it, but the best I could do was kill the network
>>>> connection so that the F9 system can't see the other machine or the net.
>>>> In
>>>> other words, I screwed up. Since I can't figure out how to get the
>>>> network
>>>> back alive by restoring prior conditions, I am resigned to yet another
>>>> re-install (the price of learning is lots of starting over...)
>>>>
>>>>         
>>> For lack of time, I am abandoning the remaining information that you
>>> provided, sorry.
>>>
>>> Here is my suggestion...
>>>
>>> If you have GUI on that F9 box, install one of the many GUI firewall
>>> editing tools like firestarter, and use it to enable port forwarding,
>>> and likely network translation -- this assumes that the F9 box uses a
>>> different interface and IP to get to the internet than the one it uses
>>> to connect to the rest of the LAN, generally speaking you need two
>>> network cards for that.
>>>
>>> If you do not have GUI on that box, you'll have to read up on IPTABLES
>>> so you can set up the above manually.
>>>
>>> Have each of the other machines use than F9 box as their network gateway.
>>>
>>> This is a typical, relatively easy setup which should allow all the
>>> machines to have basic access to the internet and to each other.
>>>
>>> If this F9 machines happens to be a server, you may want to consider
>>> using Centos 5.2 on it instead
>>>       
>> Arthur:
>>
>> Once again, thanks for the reply earlier. I didn't get a chance to look into
>> this until weekend. From what I can tell scanning the firestarter site,
>> there is an assumption that one machine is providing the connection and all
>> machines route through that one machine. Nice model but it isn't what I
>> would like to get.
>>
>> That being said, I may be asking for more than current technology allows
>> (though I know I am a newbie on understanding that).
>>
>> I have three Linux boxes which I want to bring up to F9 (the other two are
>> on FC5). I want each one to be able to see the net and, if any one of the
>> others are powered up, to see them (as in my original comment of "happily
>> chatting"). No central machine, each one is independent.
>>
>> I do note that my Linksys router is set to disable DCHP as that worked great
>> when I couldn't get any of the three machines to see the net and I was happy
>> with each one seeing each other. That being said, since a default F9 install
>> has no problem with the net and seeing other machines, I have to think that
>> this isn't a Linksys issue.
>>
>> I tried manually installs of the network in which I forced an address for
>> the machine being kicked to F9 and that did not good, the network connection
>> never happened.
>>
>> I've re-installed F9 on the one machine to get me to a state of network
>> connectivity. I'd like to know what files / settings I need to send to this
>> list to try to understand how to get the other machines to see it. My gut is
>> that they just don't know the IP of the new machine and I have no idea how
>> to give it to them.
>>
>> I am prepared to kick a second machine to F9 to see if two F9 machines
>> behave better, but don't know if this is a red herring.
>>
>> I have two other replies form "Joel Rees" and "Nifty Fedora Mitch" that I am
>> still working on.
>>
>> Appreciate any advice, please assume that I near brain-dead on networking
>> (smile)
>>     
>
>
> Ok, I better understand what's going on, but not completely. I
> _thought_ only one machine had internet access.
>
> >From what you described, I'm guessing they all have internet access,
> but only the F9 machine happens to have the correct DNS servers in
> /etc/resolve.conf. Easy way to check that is do `ping google.com` on
> the F9 machine. Assuming it works, take note of the IP that was used
> to contact google, and try to ping that IP (not the hostname) from the
> other machines, if that ping works. Then I am right, and you just need
> to replicate /etc/resolv.cong to the other machines, or go back to
> using DHCP.
>
> If that doesn't work, then I suggest that you attach the output of
> `ifconfig from the F9 machine, and from one of the other net incapable
> machines.
>
>   
Arthur:

Actually, you had it right before. Only the F9 machine has access to the 
net and to the other machines. The two other FC5 machines can ssh each 
other but not the F9 machine. I was never able to figure out the 
networking for the FC5 and kept it as a local off-line LAN waiting for 
the day when I could figure it out. But since things work on F9, I am 
not concerned with FC5 inability as the goal is to get all machines on F9.

It should be noted that the machines came pre-installed and I have no 
boot disk or info on how they were set up, except that networking was 
disabled and machine name et al were predefined.

I have attached the original /etc/hosts from the three machines when 
they were all FC5 (FC5_hosts_{chalupa,chowder,parsnip}.txt). I am also 
attaching the new F9 /etc/hosts from chowder (F9_hosts_chowder.txt). 
Obviously, the "txt" extension is an addition that I added for keeping 
copies on Windows box for sending this email.

Further examinations showed that in the FC5 boxes, /etc/ssh/sshd_config 
has Port 22 uncommented but the default is to have it commented out. I 
tried that on the F9 box along with checking the two ssh entries under 
"Boolean" tab in the SELinux GUI ... no luck. The message I keep getting 
when trying to ssh from parsnip (one of the two machines still on FC5) 
is "ssh: connect to host {chowder,chowder.localhost,192.168.2.11} port 
22: No route to host"

I started looking at ifconfig (attached as 
F9_chowder_ifconfig_output.txt) as you suggested and immediately saw 
that it has a DHCP address of 192.168.2.103 which I just tried ssh-ing 
to from Parsnip and it worked (the prompt says chowder so I know I got 
the right one). Many thanks for this suggestion, at least I know that 
its a static addr versus DHCP issue right now (I am tempted to make the 
"many thanks" bold font "scream"). Note I still have Port 22 uncommented 
and the two ssh okayed in SELinux ...I need to backtrack taking them out 
one by one to see if they are needed or not.

So, I am back to not understanding how to force chowder to be 
192.168.2.11 given my attempts to install F9 specifying that in the 
network section failed and gave me no network access to Internet or 
local LAN.

I also note that had been working with the other two responses I got and 
had discovered that Mitch's note of "Link local sound like" what I had 
before is how the F9 system is set up (see attached F9_chowder_networks) 
... there is no /etc/networks file on the FC5 machines. I figured out 
the class A,B,C stuff for addresses, but am still looking into what this 
link local is.

Probably am giving way too much information here, but while still being 
in the dark about alot of this networking stuff I have to assume I don't 
know what is and isn't necessary. I'm heading back to seeing what I can 
back out of the sshd_config / SELinux changes I made and further 
understand the other two replies).

Thanks,
Paul
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: FC5_hosts_chalupa.txt
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080921/a36db905/attachment-0006.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: FC5_hosts_chowder.txt
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080921/a36db905/attachment-0007.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: FC5_hosts_parsnip.txt
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080921/a36db905/attachment-0008.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: F9_chowder_ifconfig_output.txt
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080921/a36db905/attachment-0009.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: F9_hosts_chowder.txt
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080921/a36db905/attachment-0010.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: F9_chowder_networks.txt
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080921/a36db905/attachment-0011.txt>

More information about the fedora-list mailing list