Firstly, to all of you: Sorry about the messagelength this time.
Chris Knipe wrote:
>
> From: MONZ <monz@danbbs.dk>
>
> > > There is however options you can specify in your DHCP scope to 1)
> > > force all clients to ALWAYS use the default gateway for routing,
Tried, but that ensured w9x clients just couldn't go anywhere.
> > > and 2) you can force a broadcast address to be used, which means
> > > that you will be able to perhaps minimise the mess of broadcasts
This is where it started to ease up. I removed the 4x255 routes on each
interface and forced a broadcast address (network.255) on clints.
Now clients can get through to the world - mostly, because half the time
a website cannot be name resolved, it seems. However, after traceroute
to the same www-adress, which just about always goes through, the site
pops up with no problems.
Another thing is funny: ipchains -L takes a l-o-n-g time to finish
showing up masqueraded nets in the forward chain; they get through one
by one, 10-20 secs apart. Definitely seems related.
Dunno if dhcrelay on Linux in any ways can interfere with network
traffic?
I did some tcpdumps after correcting as described above. Doesn't look
too strange to me; however, in:
12:55:21.352565 B 10.13.0.11.netbios-dgm > 10.13.255.255.netbios-dgm:
NBT UDP (138)
12:55:57.244198 B arp who-has 10.0.0.1 tell 10.13.0.11
the 10.13.255.255.netbios-dgm makes me think about the broadcast-address
I've set to 10.13.0.255, maybe I've misunderstood something here, and it
should've been 10.13.255.255 ?
Apart from this, here's a dump approx. from beginning of a session (it's
an educational facility, they play games too, hence the ipx):
12:54:57.839747 B 10.13.0.11.netbios-dgm > 10.13.255.255.netbios-dgm:
NBT UDP (138)
12:54:57.839903 B 0.00:50:ba:d4:73:53.553 > 0.ff:ff:ff:ff:ff:ff.553:
ipx-#553 163
12:54:58.271795 B arp who-has studgw tell 10.13.0.11
12:54:58.271838 > arp reply studgw (0:80:c8:ca:9c:f3) is-at
0:80:c8:ca:9c:f3 (0:50:ba:d4:73:53)
12:54:58.271932 < 10.13.0.11.1026 > 212.130.19.187.38293: udp 16
12:54:58.320169 > 212.130.19.187.38293 > 10.13.0.11.1026: udp 462
12:54:58.774754 < 10.13.0.11.1025 > 212.130.19.187.1026: udp 390
12:54:58.845785 > 212.130.19.187.1026 > 10.13.0.11.1025: udp 20
12:55:03.312614 > arp who-has 10.13.0.11 tell studgw (0:80:c8:ca:9c:f3)
12:55:03.312735 < arp reply 10.13.0.11 is-at 0:50:ba:d4:73:53
(0:80:c8:ca:9c:f3)
12:55:07.683976 < 10.13.0.11.bootpc > studgw.bootps: xid:0x4a602827
flags:0x8000 C:10.13.0.11 [|bootp]
12:55:08.979162 B 0.0.0.0.bootpc > 255.255.255.255.bootps:
xid:0x4f252a7b [|bootp]
12:55:08.980064 > studgw > 10.13.0.11: icmp: echo request
12:55:09.973272 > 0:0:0:0:0:0 sap 10 > 0:80:c8:ca:9c:f3 sap 45 I
(s=0,r=36,C) len=324
0000 0000 1011 9570 0a0d 0001 0a0d 000b
0043 0044 0134 4ff0 0201 0600 4f25 2a7b
0000 0000 0000 0000 0a0d 000b 0a0d 0001
0000 0000 0050 bad4 7353 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000
12:55:09.973665 B 0.0.0.0.bootpc > 255.255.255.255.bootps:
xid:0x4f252a7b [|bootp]
12:55:09.977557 > 0:0:0:0:0:0 sap 10 > 0:80:c8:ca:9c:f3 sap 45 I
(s=0,r=36,C) len=324
0000 0000 1011 9570 0a0d 0001 0a0d 000b
0043 0044 0134 4cf0 0201 0600 4f25 2a7b
0000 0000 0000 0000 0a0d 000b 0a0d 0001
0000 0000 0050 bad4 7353 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000
12:55:09.977974 B arp who-has 10.13.0.11 tell 10.13.0.11
12:55:13.963631 B 10.13.0.11.netbios-ns > 10.13.255.255.netbios-ns:NBT
UDP PACKET(137): REGISTRATION; REQUE
ST; BROADCAST
> Hmmm, can you perhaps show me some examples where ping works and
> traceroute doens't? This is very weird in my books...
Turned out to be a just-before-closing-hours error of mine ,-
> As to the broadcasts... 10.x.x.x = Class A IP addresses... Those
> broadcasts are right to be on any IP address in the 10.x.x.x range if you
> use the entire subnet (255.0.0.0)
I use a 255.255.0.0 netmask.
> > I do specify a router on each segment, i.e. 10.13.0.1 for a
> > 10.13.0.0 net:
>
> Is the IP in the machine's ARP cache after it got a IP address (arp -a on
> Windows).... Also, whether the gateway is actually reachable. Also
> have a look at 'route print' and 'ipconfig' to check the IP
> configuration received from the DHCP servers...
>
> - - All subnets are local
Do you mean 'option all-subnets-local "1"' ? I fail to see what good
that one might do here. Hmm, I get errors trying it like this here.
> - - Always use Default Gateway
Dunno other ways than 'option routers', so...
> Those are options from NT's DHCP server... But if you can locate the
> option numbers (or the value they carry as DHCP options - HEX Number
> I believe), you will be able to configure this with Linux aswell...
> I'll have a look later, perhaps install DHCP on my NT quickly, and
> see if I can get the values for you.
Please do. These doesn't seem documented in man dhcp-options, but may
well be specified as hex-options.
Firewall resolv.conf :
search domain.dk
three nameserver entries
Firewall routing table:
Destination Gateway Genmask Flags MSS Window irtt
Iface
10.10.0.1 0.0.0.0 255.255.255.255 UH 0 0 0
eth0
10.1.0.1 0.0.0.0 255.255.255.255 UH 0 0 0
eth2
10.0.0.2 0.0.0.0 255.255.255.255 UH 0 0 0
eth1
10.12.0.1 0.0.0.0 255.255.255.255 UH 0 0 0
eth3
10.13.0.1 0.0.0.0 255.255.255.255 UH 0 0 0
eth4
10.0.0.0 0.0.0.0 255.255.0.0 U 0 0 0
eth1
10.1.0.0 0.0.0.0 255.255.0.0 U 0 0 0
eth2
10.10.0.0 0.0.0.0 255.255.0.0 U 0 0 0
eth0
10.12.0.0 0.0.0.0 255.255.0.0 U 0 0 0
eth3
10.13.0.0 0.0.0.0 255.255.0.0 U 0 0 0
eth4
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0
lo
0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0
eth1
Windows 98 IP-configuration :
0 Ethernet networkscard :
IP-adress . . . . . . . . . : 10.13.0.11
Subnetmask . . . . . . . . : 255.255.0.0
Defaultgateway . . . . . . : 10.13.0.1
route print :
Active routes:
Networkadress Netmask Gateway-adress Interface
Metric
0.0.0.0 0.0.0.0 10.13.0.1
10.13.0.11 1
10.13.0.0 255.255.0.0 10.13.0.11
10.13.0.11 1
10.13.0.11 255.255.255.255 127.0.0.1
127.0.0.1 1
10.255.255.255 255.255.255.255 10.13.0.11
10.13.0.11 1
127.0.0.0 255.0.0.0 127.0.0.1
127.0.0.1 1
224.0.0.0 224.0.0.0 10.13.0.11
10.13.0.11 1
255.255.255.255 255.255.255.255 10.13.0.11
10.13.0.11 1
arp -a :
Networkcard: 10.13.0.11 on Interface 0x1000002
Internet-adress Physical adress Type
10.13.0.1 00-80-c8-ca-9c-f3 dynamic
Part of dhcpd.conf :
authoritative;
option domain-name "domain.dk";
option domain-name-servers 195.129.12.122, 195.129.12.123,
195.129.12.114;
subnet 10.13.0.0 netmask 255.255.0.0 {
default-lease-time 86400; # One day
max-lease-time 604800; # seven days
range 10.13.0.10 10.13.0.250;
option subnet-mask 255.255.0.0;
option broadcast-address 10.13.0.255;
option routers 10.13.0.1;
}
> I hope it helps...
As always...
--
Regards,
Mogens Valentin
Networking - Security - Programming
Linux configuration and troubleshooting
http://www.danbbs.dk/~monz - monz@danbbs.dk
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
