On 6/13/2011 1:02 PM, m.roth@xxxxxxxxx wrote:
> We just went to replace the bridge/firewall services one one server with
> the same on another. It's pretty simple, and I literally cloned (w/ rsync)
> a third server that does this onto the one that will be the new one. Then
> copied the /etc/sysconfig/iptables from the one being replaced, and
> brought it up this morning.
>
> Nope. We had to put everything back the way it was.
>
> The new one sees the two or three servers behind the firewall, and we can
> ping them, from the new box. On one, we see IPP broadcasts; in fact, we
> see lots of broadcast packets using tcpdump. From outside, though, you
> can't see the servers. Trying to ping them, they see nothing. It seems to
> be the case that tcp and icmp packets are blocked, and we can't figure out
> why.
>
> CentOS 5.6.
>
> ifcfg-eth0
>
> DEVICE=eth0
> BRIDGE=br3
> BOOTPROTO=dhcp
> HWADDR=aa:bb:cc:dd:ee:ff
> ONBOOT=yes
>
> ifcfg-eth1
>
> DEVICE=eth1
> BRIDGE=br3
> HWADDR=aa:bb:cc:dd:ee:gg
> ONBOOT=yes
>
> ifcfg-br3
>
> DEVICE=br3
> ONBOOT=yes
> TYPE=Bridge
> BOOTPROTO=static
> IPADDR=<our ip>
> NETMASK=255.255.254.0
> NETWORK=<our nw>
> GATEWAY=<our gw>
>
> Any ideas?
Are the HWADDR= entries fixed up to match the actual hardware after the
copy? And does ifconfig show that your config actually set up what you
expected? CentOS isn't very predictable in terms of which NIC gets
which interface name.
--
Les Mikesell
lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
