Bingo Jason thanks. I can now ping through the rh box to my main network. Turning on ip_forward I believe was the key (thanks Ed). I never thought to test from the client after that change - I guess I had distilled the basic problem down to not being able to ping from nic to nic on the same box. I cannot fathom why it was coded that way in the networking os. Why is it that I can now ping from 10.10.30.1 into the 10.10.30.248 eth1 interface - through the rh box - and out the 204.62.134.209 eth0 interface onto my office network but yet I cannot ping from eth1 to eth0 - seems like a contradiction to me. Any takers on why that is?? I hate loose ends. -Jim Jason Staudenmayer <jasons@xxxxxxxxxxxxxx> Sent by: redhat-list-bounces@xxxxxxxxxx 06/25/2004 09:34 AM Please respond to General Red Hat Linux discussion list <redhat-list@xxxxxxxxxx> To "'General Red Hat Linux discussion list'" <redhat-list@xxxxxxxxxx> cc Subject RE: More help needed please I just tried that from my machine (similar setup) and that is the way it should be. [root@ns2 root]# ping -I eth0 207.106.229.230 PING 207.106.229.230 (207.106.229.230) from 192.168.1.231 eth0: 56(84) bytes of data. >From 192.168.1.231 icmp_seq=1 Destination Host Unreachable >From 192.168.1.231 icmp_seq=2 Destination Host Unreachable >From 192.168.1.231 icmp_seq=3 Destination Host Unreachable Each interface is isolated from the other for security reasons. If they could talk to each other then there would be a problem. What I think you're tring to do is verify the forwarding. If so the use a client machine and set it's route to the f/w server then ping the outside NIC. > -----Original Message----- > From: jim.marnell@xxxxxxxxxxx [mailto:jim.marnell@xxxxxxxxxxx] > Sent: Friday, June 25, 2004 7:46 AM > To: General Red Hat Linux discussion list > Subject: RE: More help needed please > > > Very sorry that I took so long to reply - had to leave early > yesterday... > I don't know why there is no traffic on eth1 - I think that is the > fundamental question here. I will say that I only recently > activated the > nic to create a test network. The eth1 nic was present when I > installed > the os - I just never activated it. > I did remove the bad route as requested. As I said earlier I > added it just > to see if I could force eth1 to talk to eth0. I added it on the eth1 > interface via the gui and then removed it via the gui but it > stayed in the > routing table leading me to claim that it may be a bug. The > only way to > remove it was with route del. I'm digressing - the route is > gone and as I > said earlier the firewall is empty. It's an internal machine > that I'm not > too worried about. > > [root@redfish default]# route del 0.0.0.0 gw 204.62.134.209 > [root@redfish default]# netstat -nr > Kernel IP routing table > Destination Gateway Genmask Flags MSS > Window irtt > Iface > 10.10.30.0 0.0.0.0 255.255.255.0 U 0 0 > 0 > eth1 > 204.62.134.0 0.0.0.0 255.255.255.0 U 0 0 > 0 > eth0 > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 > 0 > lo > 0.0.0.0 204.62.134.248 0.0.0.0 UG 0 0 > 0 > eth0 > [root@redfish default]# iptables -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > [root@redfish default]# ping -I eth1 204.62.134.209 > PING 204.62.134.209 (204.62.134.209) from 10.10.30.248 eth1: > 56(84) bytes > of data. > >From 10.10.30.248 icmp_seq=1 Destination Host Unreachable > >From 10.10.30.248 icmp_seq=2 Destination Host Unreachable > >From 10.10.30.248 icmp_seq=3 Destination Host Unreachable > CFrom 10.10.30.248 icmp_seq=4 Destination Host Unreachable > >From 10.10.30.248 icmp_seq=5 Destination Host Unreachable > >From 10.10.30.248 icmp_seq=6 Destination Host Unreachable > > --- 204.62.134.209 ping statistics --- > 7 packets transmitted, 0 received, +6 errors, 100% loss, time 6021ms > , pipe 3 > [root@redfish default]# > > As you can see I still cannot ping from eth1 to eth0. > Please let me know if you need more info and thanks again to > everyone!! > -Jim > > > > Jason Staudenmayer <jasons@xxxxxxxxxxxxxx> > Sent by: redhat-list-bounces@xxxxxxxxxx > 06/24/2004 03:46 PM > Please respond to > General Red Hat Linux discussion list <redhat-list@xxxxxxxxxx> > > > To > "'General Red Hat Linux discussion list'" <redhat-list@xxxxxxxxxx> > cc > > Subject > RE: More help needed please > > > > > > > Why isn't there any traffic on eth1? No you don't need a > route for the NIC > installed in the system. > Remove that bad route and post your firewall settings. > > > -----Original Message----- > > From: jim.marnell@xxxxxxxxxxx [mailto:jim.marnell@xxxxxxxxxxx] > > Sent: Thursday, June 24, 2004 3:18 PM > > To: General Red Hat Linux discussion list > > Subject: Re: More help needed please > > > > > > Thanks to all responders. Both nics are set to come up at > boot time. > > Here's more info... > > [root@redfish root]# netstat -nr > > Kernel IP routing table > > Destination Gateway Genmask Flags MSS > > Window irtt > > Iface > > 0.0.0.0 204.62.134.209 255.255.255.255 UGH 0 0 > > 0 > > eth0 > > 10.10.30.0 0.0.0.0 255.255.255.0 U 0 0 > > 0 > > eth1 > > 204.62.134.0 0.0.0.0 255.255.255.0 U 0 0 > > 0 > > eth0 > > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 > > 0 > > lo > > 0.0.0.0 204.62.134.248 0.0.0.0 UG 0 0 > > 0 > > eth0 > > [root@redfish root]# ifconfig eth0 > > eth0 Link encap:Ethernet HWaddr 00:10:5A:11:83:C0 > > inet addr:204.62.134.209 Bcast:204.62.134.255 > > Mask:255.255.255.0 > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > RX packets:5899 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:824 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:100 > > RX bytes:590413 (576.5 Kb) TX bytes:94622 (92.4 Kb) > > Interrupt:10 Base address:0xe400 > > > > [root@redfish root]# ifconfig eth1 > > eth1 Link encap:Ethernet HWaddr 00:04:75:81:5A:01 > > inet addr:10.10.30.248 Bcast:10.10.30.255 > > Mask:255.255.255.0 > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:48 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:100 > > RX bytes:0 (0.0 b) TX bytes:2880 (2.8 Kb) > > Interrupt:5 Base address:0xe800 > > > > [root@redfish root]# > > That first routing entry should not be there and may be a > bug. In an > > attempt to solve this problem I added a route on the eth1 > > interface via > > system settings/network. It didn't help so I removed it but > > it remains in > > my routing table. > > My real default route is the last entry. > > Do I need any routing in place for one nic to talk to the > other in rh > > land? > > -Jim > > > > > > > > Ed Wilts <ewilts@xxxxxxxxxx> > > Sent by: redhat-list-bounces@xxxxxxxxxx > > 06/24/2004 02:57 PM > > Please respond to > > General Red Hat Linux discussion list <redhat-list@xxxxxxxxxx> > > > > > > To > > General Red Hat Linux discussion list <redhat-list@xxxxxxxxxx> > > cc > > > > Subject > > Re: More help needed please > > > > > > > > > > > > > > On Thu, Jun 24, 2004 at 02:37:39PM -0400, > > jim.marnell@xxxxxxxxxxx wrote: > > > Anyone else care to take a stab at why my rh 8 box with 2 > > nics cannot > > talk > > > to each other. I'll try anything. > > > eth0 can ping itself > > > eth1 can ping itself > > > eth0 can ping eth1 > > > eth1 CANNOT ping eth0 > > > > > > ip_forward has been set to 1 > > > > Do you have routes to get from where you are to where you > want to go? > > > > # netstat -rn > > > > -- > > Ed Wilts, RHCE > > Mounds View, MN, USA > > mailto:ewilts@xxxxxxxxxx > > Member #1, Red Hat Community Ambassador Program > > > > > > -- > > redhat-list mailing list > > unsubscribe > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > > > > -- > > redhat-list mailing list > > unsubscribe > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
