[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] [OT]router howto



see reply below...

Terrell Prudé, Jr. wrote:
First, we've got to see if your routing parameters in your DHCP scope are right. Have your DHCP clients ping the router that is upstream from your GNU/Linux router; this will be your ISP's router, probably a Cisco or Juniper router of some sort. I'm assuming here that your GNU/Linux router is directly connected to your ISP with nothing else (cable modem, DSL router, other firewall, etc.) in between. If that doesn't work, then make sure that your GNU/Linux router can get to it; if it can't, then nothing will be able to. If it can, though, then check your IP Masquerading rules. This assumes you're using RFC 1918 "private" IP addresses; if not, then don't worry about masquerading rules.

Once all that's working, then we've got to try connectivity past your ISP's router. Try pinging an IP address instead of a domain name. A good one is 198.6.1.2, which is one of UUNet's main DNS servers. If you can, then the problem probably is the DNS server parameters in your DHCP scope.
Terrell,
My client and server can ping 198.6.1.2 and 66.94.234.13(a yahoo.com address) but my client cannot ping yahoo.com. Thus it appears to be a dns issue. Below is a copy of my dhcpd.conf, iptables, and route. What other info would be useful to post?


Thanks,

Dale


[root rlm ~]# cat /etc/dhcpd.conf ddns-update-style ad-hoc; subnet 10.0.0.0 netmask 255.255.255.0 { option broadcast-address 10.0.0.255; deny bootp; option domain-name "robert.morton"; option domain-name-servers 10.0.0.1; default-lease-time 86400; max-lease-time 604800;

        option subnet-mask      255.255.255.0;
        range   10.0.0.10 10.0.0.100;
        option routers 10.0.0.1;
}

[root rlm ~]# service iptables status
Table: nat
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  0.0.0.0/0            0.0.0.0/0           MARK match 0x9

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Table: mangle
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
MARK       all  --  0.0.0.0/0            0.0.0.0/0           MARK set 0x9

Table: filter
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited


[root rlm ~]#
[root rlm ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.177.0 * 255.255.255.0 U 0 0 0 eth0
10.0.0.0 * 255.255.255.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
default tux.stannecc.or 0.0.0.0 UG 0 0 0 eth0
[root rlm ~]#



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]