Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
10-22-2004, 03:10 PM
|
#1
|
|
Senior Member
Registered: Nov 2002
Location: Edmonton AB, Canada
Distribution: Gentoo x86; Gentoo PPC; Gentoo Sparc64; FreeBSD; OS X; Solaris
Posts: 3,731
Rep: 
|
network not recognizing new node.
Hello All. Just went out and got a laptop today, and I am trying to install gentoo on it but I cannot get the networking to work. First of all, here is a crude ascii map of the network:
Code:
| to internet
Server: |
eth0 | public IP
----------------------------------------------------
eth1 | 192.168.0.1 eth2 | 192.168.0.3
| |
| |
workstation 192.168.0.2 laptop 192.168.0.4
Before was only the server and workstation, which has worked fine. Today I added the laptop and configured it to be 192.168.0.4 and use 192.168.0.3 as the default gw. All the interfaces are physically installed and up and running, but I cannot ping from server to laptop or vice versa.
Servers ifconfig is:
Code:
eth0 Link encap:Ethernet HWaddr 00:40:F4:5D:76:10
inet addr:[x.x.x.x edited] Bcast:255.255.255.255 Mask:255.255.252.0
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:622933 errors:0 dropped:0 overruns:0 frame:0
TX packets:594974 errors:0 dropped:0 overruns:0 carrier:0
collisions:4029 txqueuelen:1000
RX bytes:431501388 (411.5 Mb) TX bytes:222592242 (212.2 Mb)
Interrupt:9 Base address:0xb00
eth1 Link encap:Ethernet HWaddr 00:40:F4:39:9D:90
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:427589 errors:0 dropped:0 overruns:0 frame:0
TX packets:476408 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:58318191 (55.6 Mb) TX bytes:426609509 (406.8 Mb)
Interrupt:5 Base address:0x2a00
eth2 Link encap:Ethernet HWaddr 00:50:BF:A2:62:3F
inet addr:192.168.0.3 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:60 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5348 (5.2 Kb) TX bytes:336 (336.0 b)
Interrupt:11 Base address:0xf800
Servers route is:
Code:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
192.168.0.0 * 255.255.255.0 U 0 0 0 eth2
x.x.x.0 * 255.255.252.0 U 0 0 0 eth0
loopback localhost 255.0.0.0 UG 0 0 0 lo
default x.x.x.x 0.0.0.0 UG 0 0 0 eth0
Ifconfig of laptop is:
Code:
eth0 Link encap:Ethernet HWaddr 00:0F:B0:01:EF:AD
inet addr:192.168.0.4 Bcast:255.255.255.255 Mask:255.255.252.0
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:64 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:480 (480.0 b) TX bytes:7708 (7.5 Kb)
Interrupt:11 Base address:0xa000
route of laptop is:
Code:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
loopback localhost 255.0.0.0 UG 0 0 0 lo
default 192.168.0.3 0.0.0.0 UG 0 0 0 eth0
The server runs a NAT firewall for the workstation, so I basically doubled the rules for the laptop. I am not sure if this is the correct way to do this though. The new firewall script is:
Code:
EXTIF="eth0"
INTIF="eth1"
NBIF="eth2"
EXTIP="x.x.x.x"
INTNET="192.168.0.0/24"
INTIP="192.168.0.1"
NBIFIP="192.168.0.3"
UNIVERSE="0.0.0.0/0"
NBIP="192.168.0.4"
$IPTABLES -P INPUT DROP
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT DROP
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -F -t nat
$IPTABLES -X
$IPTABLES -Z
# INPUT chain
$IPTABLES -A INPUT -i eth1 -s 192.168.0.2 -d $UNIVERSE -j ACCEPT
$IPTABLES -A INPUT -i eth2 -s 192.168.0.4 -d $UNIVERSE -j ACCEPT
$IPTABLES -A INPUT -i $EXTIF -s $INTNET -d $UNIVERSE -j DROP
$IPTABLES -A INPUT -i $EXTIF -s $UNIVERSE -d $EXTIP -m state --state \
ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A INPUT -s $UNIVERSE -d $UNIVERSE -j DROP
# OUTPUT chain
$IPTABLES -A OUTPUT -o lo -s $UNIVERSE -d $UNIVERSE -j ACCEPT
$IPTABLES -A OUTPUT -o $INTIF -s $EXTIP -d $INTNET -j ACCEPT
$IPTABLES -A OUTPUT -o $INTIF -s $INTIP -d $INTNET -j ACCEPT
$IPTABLES -A OUTPUT -o $NBIF -s $EXTIP -d $NBIP -j ACCEPT
$IPTABLES -A OUTPUT -o $NBIF -s $NBIFIP -d $NBIP -j ACCEPT
$IPTABLES -A OUTPUT -o $EXTIF -s $UNIVERSE -d $INTNET -j DROP
$IPTABLES -A OUTPUT -o $EXTIF -s $EXTIP -d $UNIVERSE -j ACCEPT
$IPTABLES -A OUTPUT -s $UNIVERSE -d $UNIVERSE -j DROP
# FORWARD chain
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state \
ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -i $EXTIF -o $NBIF -m state --state \
ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $NBIF -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -j DROP
# NAT table
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j SNAT --to $EXTIP
Does someone know what I am missing, or have any troubleshooting tips? When I plug the laptop in place of the workstation it can connect to the net fine so I think the problem is with the NAT iptable rules. |
|
|
|
|
10-22-2004, 03:33 PM
|
#2
|
|
Guru
Registered: Sep 2003
Location: Danville, VA Approx. N 36°36.434' W 79°24.342' Accur. 100' or so.
Distribution: Slackware, Windows, FreeBSD, OpenBSD, Mac OS X
Posts: 5,245
Rep:
|
This doesn't look correct to me anyway.
inet addr:192.168.0.4
Bcast:255.255.255.255
Mask:255.255.252.0
The broadcast and net mask look off. I might be wrong, but shouldn't the net mask be
Mask:255.255.255.0
good luck.
|
|
|
|
|
10-22-2004, 03:39 PM
|
#3
|
|
Senior Member
Registered: Nov 2002
Location: Edmonton AB, Canada
Distribution: Gentoo x86; Gentoo PPC; Gentoo Sparc64; FreeBSD; OS X; Solaris
Posts: 3,731
Original Poster
Rep:
|
That's a typo, sorry. I cut and paste the output of ifconfig on the server's eth0 and changed the values to that of the laptop, but forgot those ones. The *real* ifconfig of the laptop is:
Code:
eth0 Link encap:Ethernet HWaddr 00:0F:B0:01:EF:AD
inet addr:192.168.0.4 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:64 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:480 (480.0 b) TX bytes:7708 (7.5 Kb)
Interrupt:11 Base address:0xa000
|
|
|
|
|
10-22-2004, 03:44 PM
|
#4
|
|
Guru
Registered: Sep 2003
Location: Danville, VA Approx. N 36°36.434' W 79°24.342' Accur. 100' or so.
Distribution: Slackware, Windows, FreeBSD, OpenBSD, Mac OS X
Posts: 5,245
Rep:
|
Well that looks good, you say you can plug the laptop in place of the workstation, and the connection is fine. If that's the case does the laptop retain it's xxx.xxx.xxx.4 address? If so, have you tried switching cables?
good luck.
|
|
|
|
|
10-22-2004, 03:49 PM
|
#5
|
|
Senior Member
Registered: Nov 2002
Location: Edmonton AB, Canada
Distribution: Gentoo x86; Gentoo PPC; Gentoo Sparc64; FreeBSD; OS X; Solaris
Posts: 3,731
Original Poster
Rep:
|
Ok I got it. I ran this command on the server:
Code:
# route add -host 192.168.0.4 dev eth2
Both workstation and laptop are NATed and connected to the internet. I guess before the packets for the laptop were being sent to the workstation because the device for 192.168.0.0 network was set on eth1.
Thanks PEACEDOG... |
|
|
|
|
10-22-2004, 03:52 PM
|
#6
|
|
Guru
Registered: Sep 2003
Location: Danville, VA Approx. N 36°36.434' W 79°24.342' Accur. 100' or so.
Distribution: Slackware, Windows, FreeBSD, OpenBSD, Mac OS X
Posts: 5,245
Rep:
|
Glad you got it sorted, but, I can't take any credit. Good on you mate for sorting it yourself.
|
|
|
|
|
10-23-2004, 05:33 PM
|
#7
|
|
Senior Member
Registered: Dec 2000
Location: Gothenburg, SWEDEN
Distribution: OpenSUSE 10.3
Posts: 1,028
Rep:
|
The main problem here is that both eth1 and eth2 on the server reside on the same network. Without this special routing rule the kernel can't deside where to send the packets, since there are two separate destinations.
This newly added route get precedence before the more general routes from the original configuration.
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 04:37 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
