no longer get network access beyond router
Hi,
I have a small home network with 2 machines (desktop and laptop, both with RedHat 9) and a dlink router/hub/access point. Both machines access the internet throught ethernet connections to the router. Both had been working fine with no problems. Then I put a pcmcia modem on the laptop so I could use it to access the internet on the road. I disconnected the laptop from the ethernet and set up KPPP to use the modem to acces the internet. Once I got this set up, I took out the modem and reattached the laptop to the ethernet network. Now, however, the laptop will not access the internet or anything beyond the router. The laptop can ping the router, and it can ping the desktop,but when I try to ping a machine on the internet beyond the router, I get: $ ping yahoo.com PING yahoo.com (66.218.71.198) 56(84) bytes of data. --yahoo.com ping statistics--- 20 packets transmitted, 0 received, 100% packet loss (so it successfully resolves the IP address of the remote machine but cannot ping [or receive pings] from it) I can still ping machines on the internet from the desktop machine. So I presume what happened was that setting up kppp changed some configuration files that had been working so now they don't. I haven't been able to figure out what, though. Both machines have similar /sbin/route outputs: desktop$ /sbin/route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0 139.254.0.0 * 255.255.0.0 U 0 0 0 eth0 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default router 0.0.0.0 UG 0 0 0 eth0 desktop$ laptop$ /sbin/route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0 139.254.0.0 * 255.255.0.0 U 0 0 0 eth0 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default router 0.0.0.0 UG 0 0 0 eth0 laptop$ ...and idential resolv.conf files: $ cat /etc/resolv.conf ; generated by /sbin/dhclient-script search localhost.localdomain nameserver 192.168.0.1 $ Does anybody know what went wrong and how to fix it? Thanks for any help you can give!! |
Can you ping the desktop machine from laptop or vice versa? What your 'ifconfig' or 'ifconfig -a' looks like?
|
Yes, the laptop & desktop can ping each other (and login to each other). The desktop can also ping & otherwise access machines beyond the router, but the laptop cannot.
ifconfig output: laptop$ /sbin/ifconfig eth0 Link encap:Ethernet HWaddr 00:E1:19:0A:16:F5 inet addr:192.168.0.101 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:225 errors:0 dropped:0 overruns:0 frame:0 TX packets:73 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:18550 (18.1 Kb) TX bytes:8781 (8.5 Kb) Interrupt:11 Base address:0xc000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:10 errors:0 dropped:0 overruns:0 frame:0 TX packets:10 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:700 (700.0 b) TX bytes:700 (700.0 b) laptop$ desktop $ /sbin/ifconfig eth0 Link encap:Ethernet HWaddr 00:38:34:8A:63:F9 inet addr:192.168.0.102 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:32427 errors:0 dropped:0 overruns:0 frame:0 TX packets:30547 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:18373521 (17.5 Mb) TX bytes:4370030 (4.1 Mb) Interrupt:9 Base address:0xa000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:19 errors:0 dropped:0 overruns:0 frame:0 TX packets:19 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2032 (1.9 Kb) TX bytes:2032 (1.9 Kb) desktop $ |
hmm.. configurations seem correct and very similar (in a positive way).
Few things to check comes into mind. What does the 'ping router' say in different computers (if the ip address is wrong, it can probably be found from /etc/hosts file)? Are there any firewall configurations that could block transfers in the router or in the laptop ('iptables -v -L' or 'ipchains -v -L' should show if there is any strange)? |
Thanks for helping me, ToniT.
Quote:
PING router (192.168.0.1) 56(84) bytes of data. 64 bytes from router (192.168.0.1): icmp_seq=1 ttl=63 time=0.546 ms 64 bytes from router (192.168.0.1): icmp_seq=2 ttl=63 time=0.456 ms 64 bytes from router (192.168.0.1): icmp_seq=3 ttl=63 time=0.477 ms 64 bytes from router (192.168.0.1): icmp_seq=4 ttl=63 time=0.491 ms --- router ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 0.456/1.411/4.221/1.622 ms laptop # desktop # ping router PING router (192.168.0.1) 56(84) bytes of data. 64 bytes from router (192.168.0.1): icmp_seq=1 ttl=63 time=0.493 ms 64 bytes from router (192.168.0.1): icmp_seq=2 ttl=63 time=0.536 ms 64 bytes from router (192.168.0.1): icmp_seq=3 ttl=63 time=0.519 ms 64 bytes from router (192.168.0.1): icmp_seq=4 ttl=63 time=0.465 ms --- router ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3033ms rtt min/avg/max/mdev = 0.465/0.503/0.536/0.031 ms desktop # Quote:
laptop # iptables -v -L Chain INPUT (policy ACCEPT 2669 packets, 157K bytes) pkts bytes target prot opt in out source destination 2716 164K RH-Lokkit-0-50-INPUT all -- any any anywhere anywhere Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 RH-Lokkit-0-50-INPUT all -- any any anywhere anywhere Chain OUTPUT (policy ACCEPT 6774 packets, 1618K bytes) pkts bytes target prot opt in out source destination Chain RH-Lokkit-0-50-INPUT (2 references) pkts bytes target prot opt in out source destination 35 5648 ACCEPT udp -- any any router anywhere udp spt:domain dpts:1025:65535 2 120 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN 10 700 ACCEPT all -- lo any anywhere anywhere 0 0 REJECT tcp -- any any anywhere anywhere tcp dpts:0:1023 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable 0 0 REJECT tcp -- any any anywhere anywhere tcp dpt:nfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable 0 0 REJECT udp -- any any anywhere anywhere udp dpts:0:1023 reject-with icmp-port-unreachable 0 0 REJECT udp -- any any anywhere anywhere udp dpt:nfs reject-with icmp-port-unreachable 0 0 REJECT tcp -- any any anywhere anywhere tcp dpts:x11:6009 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable 0 0 REJECT tcp -- any any anywhere anywhere tcp dpt:xfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable laptop # Output on the desktop machine, for comparison: desktop # /sbin/iptables -v -L Chain INPUT (policy ACCEPT 18781 packets, 9384K bytes) pkts bytes target prot opt in out source destination 18923 9412K RH-Lokkit-0-50-INPUT all -- any any anywhere anywhere Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 18718 packets, 12M bytes) pkts bytes target prot opt in out source destination Chain RH-Lokkit-0-50-INPUT (1 references) pkts bytes target prot opt in out source destination 103 23614 ACCEPT udp -- any any router anywhere udp spt:domain dpts:1025:65535 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:6346 flags:SYN,RST,ACK/SYN 1 60 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN 0 0 ACCEPT udp -- eth0 any anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc 0 0 ACCEPT udp -- eth1 any anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc 38 4677 ACCEPT all -- lo any anywhere anywhere 0 0 REJECT tcp -- any any anywhere anywhere tcp dpts:0:1023 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable 0 0 REJECT tcp -- any any anywhere anywhere tcp dpt:nfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable 0 0 REJECT udp -- any any anywhere anywhere udp dpts:0:1023 reject-with icmp-port-unreachable 0 0 REJECT udp -- any any anywhere anywhere udp dpt:nfs reject-with icmp-port-unreachable 0 0 REJECT tcp -- any any anywhere anywhere tcp dpts:x11:6009 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable 0 0 REJECT tcp -- any any anywhere anywhere tcp dpt:xfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable desktop # |
There indeed are some firewall settings. Thus, if i looked correctly, they shoud just drop some well known portscans. Anyways, 'iptables --t nat --flush; iptables -t mangle --flush ; iptables --flush' should drop these settings (one error source less).
These are getting shots in the dark, but what does a command 'ip route' say (ip is an other command to configure net routing by using new kernel interface; comes with a package called iproute2). If the ip command is missing, then everything is fine (most that can only be seen by the ip command, can only be messed by it [like traffic shaping and such]). |
Quote:
Quote:
# ip route 192.168.0.0/24 dev eth0 scope link 139.254.0.0/16 dev eth0 scope link 127.0.0.0/8 dev lo scope link default via 192.168.0.1 dev eth0 # |
what is your dns settngs
onthe linux box, what is your dns settings,
they should be the ones that Isp uses, if youhave a linksys routes just login in to it. and go to shtatus, and there will be listed dns server ips, copy them and open you nic card config and add them. save it, and make sure that network demons restart. |
Re: what is your dns settngs
Hi balam thanks for helping me.
I don't think DNS is the problem. Let me explain. Both my boxes are RedHat 9 linux, both connect to the Dlink gateway, which connects to the internet via DSL. The desktop box accesses the internet fine. It can ping internet machines by name or by IP address. The laptop cannot ping internet machines by either name or IP address. Both machines have the following /etc/resolv.conf: #cat /etc/resolv.conf ; generated by /sbin/dhclient-script search localhost.localdomain nameserver 192.168.0.1 # 192.168.0.1 is the Dlink gateway. It seems to provide correct DNS information and internet access to the desktop, but no longer to the laptop. The laptop has no problems accessing the local network so its network interface is obviously working as far as that goes. |
did you try the laptop on dchp
|
Quote:
The problem appears to be with my access point, a Dlink DI-714. I have it's DHCP server set to reserve IP addresses for my 2 machines -- 192.168.0.102 for the desktop & 192.168.0.101 for the laptop. This has always worked with no problems. Now, however, the 192.168.0.101 address seems not to work for some reason. I changed this address to several others (.99, .110, etc).. they all worked fine. When I tried to set it back to .101, no dice. Very odd. I have checked all the obvious things... there is no other .101 on the network, the hostname is right, I restarted the access point several times, and so on. There is very little documentation on the DLink DI-714 and it's hard to diagnose the problem. I would like to understand what caused it (if anyone has any idea let me know). For now I have just changed to a new IP address. Thanks very much to ToniT and balam for your ideas... they really helped me. |
I am not shure but I have the feeling that is about your ip scheme. .0.x
|
Quote:
And now everything works again as long as I don't use 192.168.0.101 for the laptop. Currently I am using 192.168.0.108... I tested it with several others, all worked except 192.168.0.101. When I tested using different IP addresses I changed the reserved address on the Dlink, then changed the fixed IP address on the laptop (using redhat-config-network which modifies the ./sysconfig/networking/ files (ifcfg-eth0). I restarted the network daemons (/etc/init.d/network restart) and checked the ip address wiith ifconfig to confirm it had changed... all worked except .101 (!!!!) |
>default router 0.0.0.0 UG 0 0 0 eth0
That is the problem. The default gateway should be the ip address of the dlink router. |
All times are GMT -5. The time now is 06:55 AM. |