More help needed please

jim.marnell at cca-int.com jim.marnell at cca-int.com
Fri Jun 25 14:21:54 UTC 2004 

Bingo Jason thanks. I can now ping through the rh box to my main network. 
Turning on ip_forward I believe was the key (thanks Ed). 
I never thought to test from the client after that change - I guess I had 
distilled the basic problem down to not being able to ping from nic to nic 
on the same box.
I cannot fathom why it was coded that way in the networking os. Why is it 
that I can now ping from 10.10.30.1 into the 10.10.30.248 eth1 interface - 
through the rh box - and out the 204.62.134.209 eth0 interface onto my 
office network but yet I cannot ping from eth1 to eth0 - seems like a 
contradiction to me. Any takers on why that is?? I hate loose ends.
-Jim



Jason Staudenmayer <jasons at NJAQUARIUM.ORG> 
Sent by: redhat-list-bounces at redhat.com
06/25/2004 09:34 AM
Please respond to
General Red Hat Linux discussion list <redhat-list at redhat.com>


To
"'General Red Hat Linux discussion list'" <redhat-list at redhat.com>
cc

Subject
RE: More help needed please






I just tried that from my machine (similar setup) and that is the way it
should be.
[root at ns2 root]# ping -I eth0 207.106.229.230
PING 207.106.229.230 (207.106.229.230) from 192.168.1.231 eth0: 56(84) 
bytes
of data.
>From 192.168.1.231 icmp_seq=1 Destination Host Unreachable
>From 192.168.1.231 icmp_seq=2 Destination Host Unreachable
>From 192.168.1.231 icmp_seq=3 Destination Host Unreachable

Each interface is isolated from the other for security reasons. If they
could talk to each other
then there would be a problem. What I think you're tring to do is verify 
the
forwarding. If so the use a client machine and set it's route to the f/w
server then ping the outside NIC.

> -----Original Message-----
> From: jim.marnell at cca-int.com [mailto:jim.marnell at cca-int.com] 
> Sent: Friday, June 25, 2004 7:46 AM
> To: General Red Hat Linux discussion list
> Subject: RE: More help needed please
> 
> 
> Very sorry that I took so long to reply - had to leave early 
> yesterday...
> I don't know why there is no traffic on eth1 - I think that is the 
> fundamental question here. I will say that I only recently 
> activated the 
> nic to create a test network. The eth1 nic was present when I 
> installed 
> the os  - I just never activated it.
> I did remove the bad route as requested. As I said earlier I 
> added it just 
> to see if I could force eth1 to talk to eth0. I added it on the eth1 
> interface via the gui and then removed it via the gui but it 
> stayed in the 
> routing table leading me to claim that it may be a bug. The 
> only way to 
> remove it was with route del. I'm digressing - the route is 
> gone and as I 
> said earlier the firewall is empty. It's an internal machine 
> that I'm not 
> too worried about.
> 
> [root at redfish default]# route del 0.0.0.0 gw 204.62.134.209
> [root at redfish default]# netstat -nr
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags   MSS 
> Window  irtt 
> Iface
> 10.10.30.0      0.0.0.0         255.255.255.0   U         0 0 
>          0 
> eth1
> 204.62.134.0    0.0.0.0         255.255.255.0   U         0 0 
>          0 
> eth0
> 127.0.0.0       0.0.0.0         255.0.0.0       U         0 0 
>          0 
> lo
> 0.0.0.0         204.62.134.248  0.0.0.0         UG        0 0 
>          0 
> eth0
> [root at redfish default]# iptables -L
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination 
> 
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination 
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination 
> [root at redfish default]# ping -I eth1 204.62.134.209
> PING 204.62.134.209 (204.62.134.209) from 10.10.30.248 eth1: 
> 56(84) bytes 
> of data.
> >From 10.10.30.248 icmp_seq=1 Destination Host Unreachable
> >From 10.10.30.248 icmp_seq=2 Destination Host Unreachable
> >From 10.10.30.248 icmp_seq=3 Destination Host Unreachable
> CFrom 10.10.30.248 icmp_seq=4 Destination Host Unreachable
> >From 10.10.30.248 icmp_seq=5 Destination Host Unreachable
> >From 10.10.30.248 icmp_seq=6 Destination Host Unreachable
> 
> --- 204.62.134.209 ping statistics ---
> 7 packets transmitted, 0 received, +6 errors, 100% loss, time 6021ms
> , pipe 3
> [root at redfish default]# 
> 
> As you can see I still cannot ping from eth1 to eth0.
> Please let me know if you need more info and thanks again to 
> everyone!!
> -Jim
> 
> 
> 
> Jason Staudenmayer <jasons at NJAQUARIUM.ORG> 
> Sent by: redhat-list-bounces at redhat.com
> 06/24/2004 03:46 PM
> Please respond to
> General Red Hat Linux discussion list <redhat-list at redhat.com>
> 
> 
> To
> "'General Red Hat Linux discussion list'" <redhat-list at redhat.com>
> cc
> 
> Subject
> RE: More help needed please
> 
> 
> 
> 
> 
> 
> Why isn't there any traffic on eth1? No you don't need a 
> route for the NIC
> installed in the system.
> Remove that bad route and post your firewall settings.
> 
> > -----Original Message-----
> > From: jim.marnell at cca-int.com [mailto:jim.marnell at cca-int.com] 
> > Sent: Thursday, June 24, 2004 3:18 PM
> > To: General Red Hat Linux discussion list
> > Subject: Re: More help needed please
> > 
> > 
> > Thanks to all responders. Both nics are set to come up at 
> boot time. 
> > Here's more info...
> > [root at redfish root]# netstat -nr
> > Kernel IP routing table
> > Destination     Gateway         Genmask         Flags   MSS 
> > Window  irtt 
> > Iface
> > 0.0.0.0         204.62.134.209  255.255.255.255 UGH       0 0 
> >          0 
> > eth0
> > 10.10.30.0      0.0.0.0         255.255.255.0   U         0 0 
> >          0 
> > eth1
> > 204.62.134.0    0.0.0.0         255.255.255.0   U         0 0 
> >          0 
> > eth0
> > 127.0.0.0       0.0.0.0         255.0.0.0       U         0 0 
> >          0 
> > lo
> > 0.0.0.0         204.62.134.248  0.0.0.0         UG        0 0 
> >          0 
> > eth0
> > [root at redfish root]# ifconfig eth0
> > eth0      Link encap:Ethernet  HWaddr 00:10:5A:11:83:C0 
> >           inet addr:204.62.134.209  Bcast:204.62.134.255 
> > Mask:255.255.255.0
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           RX packets:5899 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:824 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:100 
> >           RX bytes:590413 (576.5 Kb)  TX bytes:94622 (92.4 Kb)
> >           Interrupt:10 Base address:0xe400 
> > 
> > [root at redfish root]# ifconfig eth1
> > eth1      Link encap:Ethernet  HWaddr 00:04:75:81:5A:01 
> >           inet addr:10.10.30.248  Bcast:10.10.30.255 
> > Mask:255.255.255.0
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:100 
> >           RX bytes:0 (0.0 b)  TX bytes:2880 (2.8 Kb)
> >           Interrupt:5 Base address:0xe800 
> > 
> > [root at redfish root]# 
> > That first routing entry should not be there and may be a 
> bug. In an 
> > attempt to solve this problem I added a route on the eth1 
> > interface via 
> > system settings/network. It didn't help so I removed it but 
> > it remains in 
> > my routing table.
> > My real default route is the last entry.
> > Do I need any routing in place for one nic to talk to the 
> other in rh 
> > land?
> > -Jim
> > 
> > 
> > 
> > Ed Wilts <ewilts at ewilts.org> 
> > Sent by: redhat-list-bounces at redhat.com
> > 06/24/2004 02:57 PM
> > Please respond to
> > General Red Hat Linux discussion list <redhat-list at redhat.com>
> > 
> > 
> > To
> > General Red Hat Linux discussion list <redhat-list at redhat.com>
> > cc
> > 
> > Subject
> > Re: More help needed please
> > 
> > 
> > 
> > 
> > 
> > 
> > On Thu, Jun 24, 2004 at 02:37:39PM -0400, 
> > jim.marnell at cca-int.com wrote:
> > > Anyone else care to take a stab at why my rh 8 box with 2 
> > nics cannot 
> > talk 
> > > to each other. I'll try anything.
> > > eth0 can ping itself
> > > eth1 can ping itself
> > > eth0 can ping eth1
> > > eth1 CANNOT ping eth0
> > > 
> > > ip_forward has been set to 1
> > 
> > Do you have routes to get from where you are to where you 
> want to go? 
> > 
> > # netstat -rn
> > 
> > -- 
> > Ed Wilts, RHCE
> > Mounds View, MN, USA
> > mailto:ewilts at ewilts.org
> > Member #1, Red Hat Community Ambassador Program
> > 
> > 
> > -- 
> > redhat-list mailing list
> > unsubscribe 
> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> > 
> > 
> > 
> > -- 
> > redhat-list mailing list
> > unsubscribe 
> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> > 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 


-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

More information about the redhat-list mailing list