Hi,

What I have going on is that we have 5 new IP blocks, with the main differences being 2 different subnets between my original and new ips. 255.255.255.224 and 255.255.255.248.

What is working is my original ip range we started with. But everything I have added (21 new ones) does not work. I can ping them locally, but I can not go out of them, I cannon come in on any of them. I know it's not a firewall issue as I have tried getting in / out with it off.

Lets say I have these new networks,

66.12.123.0
205.34.58.0
104.44.65.0
66.12.124.0
104.44.66.0

I have the ifcfg's looking like this, with the proper details of course.

Device=eth0:X
OnBoot=yes
BOOTPROTO=static
IPADDR=x.x.x.x
Netmask=255.255.255.x
network=x.x.x.0
gateway=x.x.x.x

When I do a 'route'. It looks to me as if they are all going out (or trying to) of the same default gateway. I'm ultimately pretty lost when it comes to this route stuff so if someone can point me to a good how to, or just explain it well, I'd appreciate it. Or maybe I'm way off here.

Here's an example of my route. Obviously the numbers have been changed to protect the innocent.

Destination Gateway Genmask Flags Metric Ref Use Iface
66.12.123.0 * 255.255.255.248 U 0 0 0 eth0
205.34.58.0 * 255.255.255.248 U 0 0 0 eth0
104.44.65.0 * 255.255.255.248 U 0 0 0 eth0
66.12.124.0 * 255.255.255.248 U 0 0 0 eth0
205.67.44.0 * 255.255.255.228 U 0 0 0 eth0
222.22.22.0 * 255.255.255.224 U 0 0 0 eth0
10.1.1.0 * 255.255.255.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
default my.firewall 0.0.0.0 UG 0 0 0 eth0

Can you guys help my newbie looking ways?

It would be illuminating to see what ifconfig reports about all these (virtual) interfaces. There could be some trouble lurking in the actual configuration of those interfaces, as distinct from what you have written in the config files.

The default route is correct; you can only have one per system, since its purpose is to direct traffic that the machine otherwise does not know how to route. If you want something else (eg, to send traffic destined for a particular subnet out a different interface) you need to install a static route for that net.

If these points do not shed any light on your problem, I recommend using tcpdump to watch what happens when you attempt to use one of the address ranges that "does not work". A good starter command is This will capture packets coming from or going to any address in the 66.12.123.0 subnet on any interface. RTFM for details of the multitude of switches and packet-matching options that tcpdump offers.

BTW, when you change the reported results, that introduces an uncertainty in the diagnosis, because you might have just obscured an actual discrepancy that will lead to a resolution of your problem. Your "security by obscurity" approach doesn't actually do you much good, either, because the bad guys on the Internet are not harvesting IP addresses from blogs like this; they are doing broad coverage searches using botnets to find weakly defended systems.