-   Linux - Networking (
-   -   Firewall WAN eth0 LAN eth1 self-bridges, eth0 does all routeing. (

Nichole_knc 07-28-2004 03:47 PM

Firewall WAN eth0 LAN eth1 self-bridges, eth0 does all routeing.
For several months I have had a machine up and running providing the 3 services to my "small" home network. Running Slackware 10
It provides:
1) firewall, between WAN router and LAN network.
2) auth DNS for my network.
3) Mail services.

Everything has been fine until yesterday when I shut it down to move it to make move for yet more machines. Now all traffic flows through eth0 (the WAN side) even for eth1. The server seems as if it bridged the network cards...

Layout of network.... prior to move

Inet----WAN router------server eth0-server eth1-------LAN switch-----computers

the above setup (correct) worked just fine. Traffic flowed through eth1 routed to eth0 and out to the www.... NOW this

Inet----WAN router------server eth0-server eth1--------LAN switch-------computers

The LAN switch now must be plugged into the WAN router for anything to work...
The firewall is bypassed.. the server eth0 answers eth1 pings, iptraf shows eth1 to be void of traffic and all traffic sent to eth1 is answered by eth0 both in and out. eth0 addy is different than eth1 as well as different hostnames bond to them. eth1 is the assigned gateway to my internal machines. eth1 also has the alias of the mail server and is the machine of A record for DNS. Yet all traffic passes both in and out to eth1 via eth0 the physical connection of eth1 shows no traffic. Now for even more interesting things... IF the network cable is unpluged from eth1 the network stops working. If you un plug eth0 of course it stops to. If you remove the "jumper" from the WAN router to the LAN switch the network stops.

No configuration changes have occured on this machine. eth1 netcard is working and its only shown traffic is from replies to windows netbios (samba running on this box also). Yet LAN traffic to WAN no longer passes through it.
I have tried with the firewall down and it is still the same. I have searched the machine over for any changes and have found none. I cannot find if the cards have "bridged" some where are not....

I am fustrated to the point of hack/slash/and burn to make another box and stick it in place. It is not as if I don't have another one to do it with.... To my right sits a FreeBSD box with nothing to do but sit there...

jhumeston 07-28-2004 07:16 PM

have you checked the route utility to see if the routing table is still intact? sounds like a routing failure.

Nichole_knc 07-28-2004 09:03 PM

mail-dn."mydomain" * UH 0 0 0 eth1
ns-dn."mydomain" * UH 0 0 0 eth1
SlackBox.dragon * UH 0 0 0 eth1 * U 0 0 0 eth0 * U 0 0 0 eth1
loopback * U 0 0 0 lo
default TheGate."mydomain" UG 1 0 0 eth0


jhumeston 07-29-2004 11:14 AM * U 0 0 0 eth1

I dont think this line should be in there. What that is saying is to route all traffic destin'd for 192.168.27.x to eth1. also the default route puts everything on eth0. That means that if there is not a specific route then it will be sent there.

RHELL 07-29-2004 02:51 PM

>> * U 0 0 0 eth0
>> * U 0 0 0 eth1

Doesn't eth1 need to be on a differenet subnet? This would appear to send the same traffic in both directions.

jhumeston 07-29-2004 03:33 PM

I agree, eth1 should be on the subnet of your WAN (DSL) link.

All times are GMT -5. The time now is 01:13 PM.