[rhelv6-list] network problem on RHEL6.3
John Haxby
john.haxby at gmail.com
Wed Jul 4 12:46:36 UTC 2012
On 4 July 2012 10:00, Tiziana Manfroni <manfroni at mat.uniroma3.it> wrote:
> I do some tests and I have problems with 192.168.114 private network .
> Infact if I connect from public network (193.204.165.*) or another private
> network (192.168.115.) it's all ok, but for example, if I connect from a
> host with IP address 192.168.114.30 in 'ssh -vvv www at 193.204.165.224' the
> output is "ssh: connect to 193.204.165.224 port 22: no route to host". When
> I connect with 'ssh -vvv www at 192.168.114.60' I see "www at 192.168.114.60's
> password:" I have this network problem for all services on server (http,
> https, mail) and not for only ssh. This server worked with RHEL5.8 but
> after upgrade to RHEL6.3 there is this problem.
>
>
>
I'm pretty sure you're tripping over reverse path filtering change. In
5.x, the "net.ipv4.conf.default.rp_filter = 1" means "[loose] reverse path
filtering". In 6.x (indeed any kernel after about 2.6.30) it leans
"strict reverse path filtering". See
/usr/share/doc/kernel-*/Documentation/networking/ip-sysctl.txt for more
details. If you want loose mode, then change the "1" to "2" and restart
everything.
Loose mode reverse path filtering isn't usually recommended, though, not
least because asymmetric routing can mess up TCP's flow control. I keep
hoping that someone will post a succinct guide to having packets route back
through the interface they came in on (I know it can be done, I've just
never sat down and worked it out in detail.)
jch
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/rhelv6-list/attachments/20120704/7e8a576c/attachment.htm>
More information about the rhelv6-list
mailing list