My problem fixed itself. Yes, I know that this is incredible, but it's true. I'm currently investigating whether the recent rains (the first in about 6 months) brought some kind of aura over my computers. ;-) Another guess as to what happened is that my DHCP server's iptables rejected pings, including pings that were supposed to be forwarded, hence the appearance of lack of connectivity. When I turned off iptables, I lost its forwarding capabilities so nothing appeared to have changed: I was still not connected. But the reason why I didn't have connectivity changed. So my conclusion that turning iptables off had no effect was both correct and wrong. I also changed iptable's dropping of ICMP packets to accepting them, but limiting the rate at which they would be accepted. That might also have had an effect. --- Vladimir ------------------------------------------------------------------------ Vladimir G. Ivanovic http://leonora.org/~vladimir 2770 Cowper St. vladimir@xxxxxxx Palo Alto, CA 94306-2447 +1 650 678 8014 >>>>> "vgi" == Vladimir G Ivanovic <vladimir@xxxxxxx> writes: vgi> I can't get my laptops to connect to the outside world, although they vgi> reach their DHCP server just fine. vgi> vgi> I've not comprehended some facet or I must not haven't done something vgi> (properly), but for the life of me I don't know what it could be. vgi> Googling around has been helpful in getting to this point, but I'm vgi> missing something. Your help is appreciated. vgi> vgi> Here's where I am currently. vgi> vgi> Two laptops, the DHCP server, some other machines and a DSL modem are all vgi> connected to a 10/100 Mb Ethernet hub with the following IP addresses: vgi> vgi> network: 64.166.134.112 vgi> netmask: 255.255.255.248 vgi> DHCPserver: 64.166.134.117 (RH9) vgi> DSLmodem: 64.166.134.118 vgi> vgi> network: 192.168.10.0 vgi> netmask: 255.255.255.0 vgi> laptop1: 192.168.10.109 (RH9) vgi> laptop2: 192.168.10.127 (WinXP) vgi> vgi> I set up the DHCP server's routing table with three commands in /etc/rc.local: vgi> vgi> ifconfig eth0:1 192.168.10.1 vgi> route add -host 192.168.10.1 eth0:1 vgi> route add -net 192.168.10.0 netmask 255.255.255.0 eth0:1 vgi> vgi> which gives this routing table: vgi> vgi> Destination Gateway Genmask Flags Metric Ref Use Iface vgi> 64.166.134.117 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 vgi> 192.168.10.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 vgi> 64.166.134.112 0.0.0.0 255.255.255.248 U 0 0 0 eth0 vgi> 192.168.10.0 64.166.134.117 255.255.255.0 UG 0 0 0 eth0 vgi> 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 vgi> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo vgi> 0.0.0.0 64.166.134.118 0.0.0.0 UG 0 0 0 eth0 vgi> vgi> The DHCP server's Ethernet network interface: vgi> vgi> eth0 Link encap:Ethernet HWaddr 00:E0:18:05:A9:68 vgi> inet addr:64.166.134.117 Bcast:64.166.134.119 Mask:255.255.255.248 vgi> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 vgi> RX packets:440089 errors:0 dropped:0 overruns:0 frame:0 vgi> TX packets:409012 errors:0 dropped:0 overruns:1 carrier:0 vgi> collisions:0 txqueuelen:100 vgi> RX bytes:272871106 (260.2 Mb) TX bytes:94124015 (89.7 Mb) vgi> Interrupt:10 Base address:0xa800 Memory:ee800000-ee800038 vgi> vgi> eth0:1 Link encap:Ethernet HWaddr 00:E0:18:05:A9:68 vgi> inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0 vgi> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 vgi> RX packets:440089 errors:0 dropped:0 overruns:0 frame:0 vgi> TX packets:409012 errors:0 dropped:0 overruns:1 carrier:0 vgi> collisions:0 txqueuelen:100 vgi> RX bytes:272871106 (260.2 Mb) TX bytes:94124015 (89.7 Mb) vgi> Interrupt:10 Base address:0xa800 Memory:ee800000-ee800038 vgi> vgi> and IP forwarding is turned on: vgi> vgi> # sysctl net.ipv4.ip_forward vgi> net.ipv4.ip_forward = 1 vgi> vgi> DHCP is setup thusly (/etc/dhcpd.conf): vgi> vgi> default-lease-time 600; vgi> max-lease-time 7200; vgi> option subnet-mask 255.255.255.0; vgi> option broadcast-address 192.168.10.255; vgi> option routers 192.168.10.1; vgi> option domain-name-servers 64.166.134.117, 206.13.12.28, 206.13.31.12; vgi> option domain-name "leonora.org"; vgi> ddns-update-style ad-hoc; vgi> vgi> subnet 192.168.10.0 netmask 255.255.255.0 { vgi> range 192.168.10.2 192.168.10.254; vgi> host laptop1 { vgi> hardware ethernet 00:0b:db:1b:ca:5a; vgi> fixed-address 192.168.10.109; vgi> } vgi> host laptop2 { vgi> hardware ethernet 00:10:a4:03:dc:45; vgi> fixed-address 192.168.10.127; vgi> } vgi> } vgi> vgi> I've entered the necessary mumbo-jumbo for iptables to work with my new vgi> eth0:1 interface, but I get the same behavior (no access from laptops vgi> to the Internet) even if I turn iptables off. vgi> vgi> Concentrating on laptop1, the Linux laptop, for the moment... The last vgi> entry in laptop1's dhcp lease looks like this: vgi> vgi> lease { vgi> interface "eth0"; vgi> fixed-address 192.168.10.109; vgi> option subnet-mask 255.255.255.0; vgi> option routers 192.168.10.1; vgi> option dhcp-lease-time 600; vgi> option dhcp-message-type 5; vgi> option domain-name-servers 64.166.134.117,206.13.12.28,206.13.31.12; vgi> option dhcp-server-identifier 64.166.134.117; vgi> option broadcast-address 192.168.10.255; vgi> option domain-name "leonora.org"; vgi> renew 0 2003/11/9 19:22:16; vgi> rebind 0 2003/11/9 19:26:27; vgi> expire 0 2003/11/9 19:27:42; vgi> } vgi> vgi> Its Ethernet interface is: vgi> vgi> eth0 Link encap:Ethernet HWaddr 00:0B:DB:1B:CA:5A vgi> inet addr:192.168.10.109 Bcast:192.168.10.255 Mask:255.255.255.0 vgi> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 vgi> RX packets:128741 errors:0 dropped:0 overruns:0 frame:0 vgi> TX packets:228979 errors:0 dropped:0 overruns:0 carrier:2 vgi> collisions:0 txqueuelen:100 vgi> RX bytes:10101993 (9.6 Mb) TX bytes:287682017 (274.3 Mb) vgi> Interrupt:10 Memory:e0100000-e0101080 vgi> vgi> and its routing table is: vgi> vgi> Destination Gateway Genmask Flags Metric Ref Use Iface vgi> 192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 vgi> 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 vgi> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo vgi> 0.0.0.0 192.168.10.1 0.0.0.0 UG 0 0 0 eth0 vgi> vgi> Hmmm. no host entry, but adding one with vgi> vgi> route add -host 192.168.10.109 eth0 vgi> vgi> didn't change any behavior I could detect. vgi> vgi> So, everything looks OK to me and I've exhausted my knowledge. Any suggestions? vgi> vgi> --- Vladimir vgi> vgi> ------------------------------------------------------------------------ vgi> Vladimir G. Ivanovic http://leonora.org/~vladimir vgi> 2770 Cowper St. vladimir@xxxxxxx vgi> Palo Alto, CA 94306-2447 +1 650 678 8014 vgi> vgi> vgi> -- vgi> Shrike-list mailing list vgi> Shrike-list@xxxxxxxxxx vgi> https://www.redhat.com/mailman/listinfo/shrike-list vgi> -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
