Email Server Able to see Local Network but not Internet??

thiessenstuart · 08-23-2005, 10:22 PM

Hello! While I have dabbled in Linux for several years now, I am still learning a lot about managing a Linux server. I am in a situation here where I have a SUSE server providing email and a BSD server acting as the firewall and an internal network of Windows XP PC's. All Windows PC's are able to access the internet normally. The BSD Firewall appears to be functioning normally.

The problem is the email server. It is unable to contact any server outside the local network. Regardless of whether I use name or IP address, it cannot make it outside the network. I have one NIC in this server and two IP addresses assigned to the NIC. One is for receiving outside emails which are then filtered through Postfix and SpamAssassin. The other IP is for receiving internal emails which are handed off to Postfix to deliver for the internal users.

The only recent change I have made is to add the second IP to the NIC.

My route -n shows as follows:

Code:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 eth0

If I ping an outside address, it says:

Code:

ping outsidedomain
ping: unknown host outsidedomain

If I use nslookup, it says:

Code:

nslookup outsidedomain
;; connection timed out; no servers could be reached

My /etc/resolv.conf says (with appropriate mangling):

Code:

domain mydomain(.com)
nameserver 207.xxx.xxx.xxx
nameserver 204.xxx.xxx.xxx

I am suspecting some kind of routing issue, but I cannot figure out what changed other than the fact that I added an alias IP yesterday (which incidentally is in the same subnet). I am not running named or routed and have not been. I was running nscd, but turned it off today as part of my test to see if that was a problem. It didn't affect its performance so I have left it off.

Any thoughts at all? I am also checking with my local LUG as well.

We are very dependent on this email server so I would like to get it up and running asap.

Thanks,

Stuart Thiessen

thiessenstuart · 08-23-2005, 10:24 PM

Because of the posting rules here that forbid a url in the post, I had to surround the mydomain(.com) with parenthesis. Those parenthesis are not present in the file. Just so you know.

thekat · 08-24-2005, 12:41 PM

I am going to assume that the BSD firewall is OpenBSD running
pf..

If your are using something else then this won't apply..

If so.. use this command on your OpenBSD box (as root of course)

Code:

tcpdump -i pflog0

you should be able to see if it is being blocked..

my guess you will need to adjust your pf rules..

thiessenstuart · 08-24-2005, 02:29 PM

After working late last night, I managed to get the problem resolved. Last night, I did try tcpdump. I said:

Code:

tcpdump -n ip host IP ADRESS

to check and see if it was being seen by the firewall. It was. I check the rules and then restarted the firewall, but that didn't change anything. So this morning, I rebooted the firewall from the console and that got DNS working again (why, I am not sure??)

Then the email server began to complain about the alias IP address I had set up and so I simply rolled back my Alias IP changes to where it was before that and it began working normally. But strangely enough there were no errors about the alias IP until DNS was working again. Strange and stranger, huh?

So now I go back to studying how IP aliasing is supposed to work with Postfix and wait for my next window of opportunity to work on that so I don't disrupt their work.

Thanks for your suggestions!

Stuart