Unable to talk to network after configuring a second NIC.

RossR · 08-06-2009, 07:11 AM

Hi:

I am trying to set up a router on a small LAN, that actually connects directly to a gateway router (1. pure learning exercise... 2.I do not have physical access to the gateway router).
My machine will connect a few PCs to the gateway.

So firstly I can connect fine with one NIC, (receives info from DHCP server fine), but the second NIC doesn't have direct access to the DHCP server yet, so I try and assign it a static information (making sure that the IP is not already in use on the network of course), as soon as I assign the IP to my second NIC, I can't ping the gateway router, or any other machine on the network, I can only talk to each NICs.

I've tested both NICs and the cables etc, they work fine independently.

ifconfig:
(eth1 is the NIC that I assigned static information)

Code:

eth1      Link encap:Ethernet  HWaddr 00:08:54:44:4d:41  
          inet addr:192.168.1.69  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::208:54ff:fe44:4d41/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:31 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:5467 (5.4 KB)
          Interrupt:16 Base address:0xa000 

eth2      Link encap:Ethernet  HWaddr 00:08:54:3a:e7:22  
          inet addr:192.168.1.64  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::208:54ff:fe3a:e722/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2801 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2201 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1592270 (1.5 MB)  TX bytes:371711 (371.7 KB)
          Interrupt:17 Base address:0xa400

routing table:

Code:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.1.0     0.0.0.0         255.255.255.0   U     1      0        0 eth2
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth2
0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 eth2

Thanks.

RossR · 08-06-2009, 07:15 AM

Forgot to mention: IP Forwarding also, has been enabled.

TigerOC · 08-06-2009, 09:23 AM

You cannot have 2 ethernet cards in the same box on the same subnet; you have eth1 address=192.168.1.69 and eth2 address=192.168.1.64; subnet is 192.168.1.X

One of them must be on a different subnet like; 192.168.0.2. If you are going to have boxes connected to this to go through it for some purpose like internet sharing then they must be on this second subnet.

RossR · 08-06-2009, 11:42 AM

Oh right, so that's simply, because if i'm trying to set up a router, I'm supposed to be moving data between two physical or logical networks? Where as I've tried to route data from one network to the same network, which doesn't really make sense? Does the kernel just see the same network address when it comes to forwarding and say: forget it ?

TigerOC · 08-06-2009, 12:02 PM

Quote:

Originally Posted by RossR

Oh right, so that's simply, because if i'm trying to set up a router, I'm supposed to be moving data between two physical or logical networks? Where as I've tried to route data from one network to the same network, which doesn't really make sense? Does the kernel just see the same network address when it comes to forwarding and say: forget it ?

Yup; system gets confused because the origin is the same system and not another node.

RossR · 08-06-2009, 02:01 PM

Okay, so I have a separate subnet 192.168.2.x, a box on this subnet can talk to eth0 (gateway for this subnet) and it can also talk to eth1 192.168.1.x which is connected to the gateway for the internet, however the box on 192.168.2.x can't talk to the gateway that eth1 is connected to in order to access the internet, even though I've enabled ip forwarding.

TigerOC · 08-06-2009, 02:42 PM

The boxes on the lan need to use the ip address of the card they are connected to as the gateway address. In the box with the 2 cards you need to specify the gateway as the ip address to which it is attached.

You have a network box with address 192.168.2.3 which is connected to 192.168.2.1 (the new router box). The gateway for 192.168.2.3 is 192.168.2.1.

The router box with ip address 192.168.1.2 is connected to a router with an address of 192.168.1.1. The gateway for the router box is 192.168.1.1

Ideally you protect the router box and boxes behind with a basic iptables firewall and do ip-masquerading.

Hope this clarifies this for you.

RossR · 08-06-2009, 03:03 PM

Hmm, Okay here's the settings: I'm pretty sure I've done what you have described above (apologies if I've missed something)

Two subnets, A(192.168.1.x) and B(192.168.2.x), A contains the router that connects to the Internet. My IP for eth2 is 192.168.1.67 and I have 192.168.1.254 as the default gateway. eth1 has the IP 192.168.2.10 and a machine on subnet B has the IP 192.168.2.40, with the default gateway of 192.168.2.10.

Now, I can ping from 192.168.2.40 => 192.168.2.10 (default gw), 192.168.1.67 all fine, but not 192.168.1.254 the default gateway for that network card :S

TigerOC · 08-06-2009, 03:31 PM

I have always used iptables based forwarding with ip-masq and this has always been successful.

All the info and scripts are available The Linux Document Project [TLDP]. There are also lots of ready made scripts and firewall scripts out there that do the same thing. I use an old one; MonMotha Firewall. Basically set the script up make it ready to run put it into /etc/init.d/ and update the rc.X files and it takes effect on boot.

RossR · 08-06-2009, 03:40 PM

Okay thanks very much!