Strange problem with network interfaces... need some assistance.
 

I'm running a server on Ubuntu 10.04 Lucid using dual nics, 192.168.1.100 and 192.168.2.1.

All had been running fine until I changed the gateway(s) from a dual setup to a single setup using a WRT54G and Vlan and then I got to messing with the server and now I think I've done something to some file on the server that has blocked the 192.168.1.0 and 192.168.2.0 subnets... ugh user error.

The 192.168.1.0 subnet is for intranet use only and the 192.168.2.0 subnet is for hosting, there is/was a rule in iptables to eliminate the communication between the subnets. The NIC's are set up as static in /etc/network/interfaces as such:


Here's my problem, the interfaces are not able to ping their respective gateways nor the gateways able to ping the respective IP's on the server. Specifically I've been working on the local 192.168.1.100 and for the life of me can't get it to ping the Gateway...

However, when I changed the eth1 to use DHCP it gets another available IP from the DHCP server/router and all is good, very strange.

So this tells me everything from the computer is good and there is something going on with the IP's sepcifically.

It seems anytime that I use the 192.168.1.100 address it no longer works? could iptables be incorrect or something else be blocking that particular IP?

Hopefully someone has some ideas on how to figure this out because I'm at a loss...

TW,

tiger.woods,
I am in a hurry and your problem needs thinking before posting any help.
But this one thing I do to help you:
I am replying to put this into the top of the linux-net forum, just perchance there are more network gurus viewing there than this Zero-Reply-Threads.
The least help I can do for you.
Hope you can make a birdie soon :)
m.m.

Appreciate the feedback I look forward to some expert advice... fore!

TW,

Hi there, TW!

There is really too little info to be able to answer definitively. What you show, seems correct. So the solution might be elsewhere. It may be in the router. For instance is the router mask correct? Is the router able to allocate addresses, as you have them, static? Is your network configuration correct? Are your iptables or firewall setup correctly?

Sorry I can't be more help. It would be nice if you post what was the solution, or the problem, when you find it.

This is where I think the problems might be hiding..?

I think the answers about the router can be answered by when I change the eth1 to:

everything works...

tw,

do a iptables -L to see whether they block your access.

so check this out... I set up a static IP on eth2 and it shows a different IP in ifconfig... How is that possible?

[edit]

After a reboot the ip address fixed itself...

When the ip was 192.168.1.136 I was able to get to the Internet and i actually posted from the server. The ip is now 192.168.1.100 and Internet access is gone again...

Iptables -L had nothing in it... I reset it through webmin and it is empty.

OK, making some progress I think...

The problem only seems to happen when I assign a static IP to the server.

ifconfig with DHCP enabled:
ifconfig with static IP:
Not sure what that says but could it be related to DNS somehow?

I'm really hoping someone can help me solve this...

TW,

Just printed off the routes but don't know what should/shouldn't be there...

So this is the layout that I'm trying to achieve (see image).

I think my problem lies with the gateway for the server, eth0 will be 192.168.2.99 and eth1 192.168.1.100.

Do I use the gateway for 192.168.2.99 or 192.168.1.100 since from what I read I can only have one?

I also spotted this post with an example of what seems to be using 2 gateways...

(http://www.cyberciti.biz/tips/config...x-systems.html)

eth0 is on a network 10.9.38.64-79
eth1 is on a network 204.186.149.128-143

if your main connection is eth0, then you use 10.9.38.65 as the gateway.

or, according to your first post:

eth0 is on a network 192.168.2.0-254
eth1 is on a network 192.168.1.0-254

if your main connection is eth0, then you use 192.168.2.1 as the gateway.

You got me confised now... I am not sure I understand the question any longer! :)

Correction, I meant 0-255 for the second alternatives not 0-254. 255 is the broadcast address usually.

I am just thinking aloud trying to understand...

In your first post you mentioned two sub-nets, but you are showing two different networks rather than two sub-nets as the mask for them is 255.255.255.0. Is that a source of misunderstanding? How did you design the sub-nets?

Midge48, you are correct they are 2 different networks and not 2 subnets that's my inexperience showing through.

I believe I'm getting close to total resolution but still have a Firewall issue to deal with since the two networks can talk to each other which I don't want at all.

Using iproute I created 2 routing tables.

Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth1
0.0.0.0 192.168.1.9 0.0.0.0 UG 100 0 0 eth0
0.0.0.0 192.168.2.1 0.0.0.0 UG 100 0 0 eth1

But I'm looking for a firewall rule to stop them from talking to each other.. any ideas? I thought maybe the following: