networking nightmare revisited

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Folks,

After posting my rant on the issues I was having, I have some updates 
here.
I looked over the current configuration for lrxms which is the slackware 
box that is currently acting as a firewall and server.
The Debian box I am attempting to configure as my new firewall is zoose.
I haven't loooked over the Slackware box's configuration for some time 
because there was no real reason to do so being as it worked.
Now what I stumbled over and had forgotten about is in the slackware box 
known as lrxms which lives on the lrxms.net domain; has two interface 
cards. eth0 is my external interface and eth1 internal.
What I noticed is in the script that brings up the interface, eth0 I 
provided the ip address, netmask, broadcast address, and gateway.
Now on eth1 I provided the ip address, netmask, broadcast, and no 
gateway.

However, on the Debian box named zoose, it has in the 
/etc/network/interfaces file for eth0 and eth1 the ip addresses for the 
corrisponding interfaces as well as the netmask, broadcast address for 
both, and gateway addresses for both.
I wonder if this could very well be my problem.

I didn't attempt to add a gateway address to lrxms and thought perhaps 
if I remove that from zoose it'll work.
I'll give that a try, but I was curious about the route output from 
zoose. I don't know what made me name a box as my domain name, but well 
aside from that odd thought, I thought the route output was most 
curious. this is the route output from zoose when I removed lrxms from 
the network and put zoose in its place. Zoose at this point was to be 
acting as the firewall for my domain/network.
Here is what it said and I'd love to know where it got the name for 
lrxms when its name is zoose.
This output came directly after I brought up the box and prior to me 
running the firewall which by the way I did not use for any of these 
tests.
 
Gateway         Genmask         Flags   MSS Window  irtt Iface
66.92.147.1     0.0.0.0         255.255.255.255 UH       40 0          0 
eth0
66.92.147.0     0.0.0.0         255.255.255.0   U        40 0          0 
eth0
192.168.1.0     0.0.0.0         255.255.255.0   U        40 0          0 
eth1
0.0.0.0         192.168.1.1     0.0.0.0         UG       40 0          0 
eth1
0.0.0.0         66.92.147.1     0.0.0.0         UG       40 0          0 
eth0

Now I was getting connection time out messages from named and ncftp. I 
then tried forcing the route to eth0 as a default gateway. This probably 
only added to the mess, but here is what I got from route after doing 
this.

Gateway         Genmask         Flags   MSS Window  irtt Iface
66.92.147.1     0.0.0.0         255.255.255.255 UH       40 0          0 
eth0
66.92.147.0     0.0.0.0         255.255.255.0   U        40 0          0 
eth0
192.168.1.0     0.0.0.0         255.255.255.0   U        40 0          0 
eth1
0.0.0.0         192.168.1.1     0.0.0.0         UG       40 0          0 
eth1
0.0.0.0         66.92.147.1     0.0.0.0         UG       40 0          0 eth0

Now one final note. When I have lrxms back in its working position, I 
ran the route command and here is wht I got.

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use 
Iface
localnet        *               255.255.255.0   U     0      0        0 
eth0
192.168.1.0     *               255.255.255.0   U     0      0        0 
eth1
loopback        *               255.0.0.0       U     0      0        0 
lo
default         gw-081-147.dsl. 0.0.0.0         UG    1      0        0 eth0

Now that certainly looks different from any of the above and it 
obviously is correct. SO, this must mean then there's a route problem 
with zoose and so any thoughts would be very much appreciated.
I thought at the very least I could go somewhere using ncftp and an ip 
address, but get the famous no route to host error message from ncftp.

Btw, I did find the ping problem at least for lrxms, it seems that I 
must be blocking outbound pings, but for the life of me can't find this 
in the ipchains script.

Any assistance/advice greatfully accepted and appreciated. I'll keep 
looking into to this as I go along and am confident I'll resolve these 
issues somehow.

Scott





[Index of Archives]     [Linux for the Blind]     [Fedora Discussioin]     [Linux Kernel]     [Yosemite News]     [Big List of Linux Books]
  Powered by Linux