LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-10-2017, 03:40 PM   #16
po4er
LQ Newbie
 
Registered: May 2017
Posts: 15

Original Poster
Rep: Reputation: Disabled

Quote:
Are there other class C subnet addresses used in your network?
Class C only have eth1 (192.168.0.1 and 192.168.1.0)

From Debian Edu manual
Quote:
The default network setup

DHCPD on Tjener serves the 10.0.0.0/8 network, providing a syslinux menu via PXE-boot where you can choose whether to install a new server/workstation, boot a thin client or a diskless workstation, run memtest, or boot from the local hard disk.

This is designed to be modified - that is, you can have the NFS-root in syslinux pointing to one of the LTSP servers or change the DHCP next-server option (stored in LDAP) to have clients directly boot via PXE from the terminal server.

DHCPD on the LTSP servers only serves a dedicated network on the second interface (192.168.0.0/24 and 192.168.1.0/24 are preconfigured options) and should seldom need to be changed.

The configuration of all subnets is stored in LDAP.
3.1.2. Main server (tjener)

A Skolelinux network needs one main server (also called "tjener" which is Norwegian and means "server") which per default has the IP address 10.0.2.2 and is installed by selecting the Main Server profile. It's possible (but not required) to also select and install the LTSP Server and Workstation profiles in addition to the Main Server profile.
3.1.3. Services running on the main server

With the exception of the control of the thin clients, all services are initially set up on one central computer (the main server). For performance reasons, the LTSP server(s) should be separate (though it is possible to install both the Main Server and LTSP Server profiles on the same machine). All services are allocated a dedicated DNS-name and are offered exclusively over IPv4. The allocated DNS name makes it easy to move individual services from the main server to a different machine, by simply stopping the service on the main server, and changing the DNS configuration to point to the new location of the service (which should be set up on that machine first, of course).

To ensure security all connections where passwords are transmitted over the network are encrypted, so no passwords are sent over the network as plain text.
default construction debian edu
http://guide.debianizzati.org/index....u_(Skolelinux)

Last edited by po4er; 05-10-2017 at 03:50 PM.
 
Old 05-10-2017, 08:02 PM   #17
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,833

Rep: Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737
Given these I know that we need to consider traffic addresses for 24 bit mask networks 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0.

Are there other class C subnet addresses FROM THE 10.0.0.0/8 CLASS A network range used in your network?
 
Old 05-18-2017, 02:21 AM   #18
po4er
LQ Newbie
 
Registered: May 2017
Posts: 15

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by wpeckham View Post
Given these I know that we need to consider traffic addresses for 24 bit mask networks 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0.

Are there other class C subnet addresses FROM THE 10.0.0.0/8 CLASS A network range used in your network?
Sorry problem with internet. No another class C adresses from 10.0.0.0/8. I only create in eth2 10.0.3.1/24. What kind of information you need from me?
 
Old 05-18-2017, 09:36 AM   #19
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,833

Rep: Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737
That may be all we need.
Instead of claiming the entire class A subnet 10.0.0.0/8 why not define the first network on the first interface (eth0) as 10.0.0.0/24, then add static network routes for the 10.0.1.0/24 and 10.0.2.0/24 to that interface. Now create the second interface using the 10.0.3.0/24 subnet.
This will result in all traffic for 10.0.3.x going via the second (eth1) interface with ALL other traffic using the first (eth0) interface.
 
Old 05-18-2017, 12:41 PM   #20
po4er
LQ Newbie
 
Registered: May 2017
Posts: 15

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by wpeckham View Post
That may be all we need.
Instead of claiming the entire class A subnet 10.0.0.0/8 why not define the first network on the first interface (eth0) as 10.0.0.0/24, then add static network routes for the 10.0.1.0/24 and 10.0.2.0/24 to that interface. Now create the second interface using the 10.0.3.0/24 subnet.
This will result in all traffic for 10.0.3.x going via the second (eth1) interface with ALL other traffic using the first (eth0) interface.
I can't do this, because this don't work. All network configuration work from ldap schemas ( i insert schema with configuration) Gosa-server.ldif. When i connect from pc to server eth2 with ip 10.0.3.1/24, don't work dns and dhcp, i can ping 10.0.2.2 and 10.0.0.1, but can't 8.8.8.8 or google.com.

Last edited by po4er; 05-18-2017 at 12:47 PM.
 
Old 05-18-2017, 05:12 PM   #21
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,833

Rep: Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737
It should work. Since your default gateway is 10.0.0.1 and that is on your first subnet and local network to eth0 it should gate you to the world.

However!

Reading back, I did get something wrong and need to correct things or get something clear.
Your low order subnets (addresses 10.0.0.0 through 10.0.3.255) all use the first (eth0) interface.
Your subnet 10.0.16.0/24 uses the third interface (eth2).
I went back to your very first post to get this, I had forgotten about eth1 which I presume we do NOT want to change.

So, the new plan would be
10.0.0.0/22 subnet should be the local network for eth0. This will encompas the 10.0.0.0-10.0.3.255 addressing and have your local gateway at 10.0.0.1 as a local address so routing should work.
Your third interface (eth2) should use local network 10.0.16.0/24 (addresses 10.0.16.0-10.0.16.255).

Used this way you do not need any static routes or custom routing.

Question: what does LDAP have to do with this? What is the address of your LDAP server? (Because if you are using LDAP, all of your hosts need to be able to reach it for authentication.)
 
Old 05-20-2017, 01:22 AM   #22
po4er
LQ Newbie
 
Registered: May 2017
Posts: 15

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by wpeckham View Post

Question: what does LDAP have to do with this? What is the address of your LDAP server? (Because if you are using LDAP, all of your hosts need to be able to reach it for authentication.)
Ldap server + Samba = Authenticate windows users to the domain.
From manual "you can have the NFS-root in syslinux point to one of the
LTSP servers or change the DHCP next-server option (stored in LDAP) to have clients directly boot via
PXE from the terminal server.
DHCPD on the LTSP servers only serves a dedicated network on the second interface (192.168.0.0/24
and 192.168.1.0/24 are preconfigured options) and should seldom need to be changed.
The configuration of all subnets is stored in LDAP."
Default Setup: ou can have a lot of LTSP servers on the main network; two different subnets are preconfigured
(DNS, DHCP) in LDAP, more could be added.
 
Old 05-20-2017, 07:18 AM   #23
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,833

Rep: Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737
All of which tells me nothing about where LDAP is configured in your specific network, but we can pass on that. It really does not impact on the rest of this unless your LDAP server is somewhere off where this or some other host cannot reach it for authentication.
 
Old 05-21-2017, 04:09 AM   #24
po4er
LQ Newbie
 
Registered: May 2017
Posts: 15

Original Poster
Rep: Reputation: Disabled
Ok. I must change in network manager 10.0.0.0 through 10.0.3.255 eth0, 10.0.16.0/24 eth2. I'm good understand? I installed teamviewer, maybe you can watch to my pc?

LDAP server ldaps://10.0.2.2)

Last edited by po4er; 05-21-2017 at 04:20 AM.
 
Old 05-21-2017, 07:50 AM   #25
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,833

Rep: Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737
I cannot at this time. Defining the local network on the interfaces as I specified above (10.0.0.0/22 for eth0 and 10.0.16.0/24 for eth2) should easily do the job. Just make sure that your network path to the server is not critical to the session, as you may break it in this process. (Use ILO console, or VMWARE console, or network access via that eth1 interface so if you mess it up you still have access to fix things.)
 
Old 05-22-2017, 06:26 AM   #26
po4er
LQ Newbie
 
Registered: May 2017
Posts: 15

Original Poster
Rep: Reputation: Disabled
Work eth2, but i have a problem. From winPC i can't ping 8.8.8.8 or google.com??? I have internet can ping 10.0.2.2 and 10.0.0.1. Other sites write me destination host unreachable. What I'm doing wrong?

Quote:
eth0 Link encap:Ethernet HWaddr 00:11:85:04:65:08
inet addr:10.0.2.2 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::211:85ff:fe04:6508/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14063 errors:0 dropped:0 overruns:0 frame:0
TX packets:11761 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:12489279 (11.9 MiB) TX bytes:1432863 (1.3 MiB)
Interrupt:20

eth1 Link encap:Ethernet HWaddr 00:15:8a:00:40:db
inet addr:192.168.0.254 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

eth2 Link encap:Ethernet HWaddr 00:11:85:04:65:33
inet addr:10.0.16.0 Bcast:10.255.255.255 Mask:255.255.255.0
inet6 addr: fe80::211:85ff:fe04:6533/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8284 errors:0 dropped:0 overruns:0 frame:0
TX packets:7214 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1065965 (1.0 MiB) TX bytes:5209662 (4.9 MiB)
Interrupt:18
My Network configuration
Quote:
# The loopback network interface
auto lo
iface lo inet loopback
dns-search intern
dns-nameservers 127.0.0.1

auto eth0
iface eth0 inet static
address 10.0.2.2
netmask 255.0.0.0
broadcast 10.255.255.255
gateway 10.0.0.1
# The commented lines below is to be used if a DHCP server is in use
#iface eth0 inet dhcp

auto eth1
iface eth1 inet static
address 192.168.0.254
netmask 255.255.255.0
broadcast 192.168.0.255
# The commented lines below is to be used if a DHCP server is in use
#iface eth1 inet dhcp

auto eth2
iface eth2 inet static
address 10.0.16.0
netmask 255.255.255.0
broadcast 10.255.255.255
dns-search intern
dns-nameservers 127.0.0.1
# The commented lines below is to be used if a DHCP server is in use
#iface eth2 inet dhcp
 
Old 05-22-2017, 12:44 PM   #27
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,833

Rep: Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737
Well, you did not set eth0 as I described. You have this
Quote:
auto eth0
iface eth0 inet static
address 10.0.2.2
netmask 255.0.0.0
broadcast 10.255.255.255
gateway 10.0.0.1
When it should be something like this
Quote:
auto eth0
iface eth0 inet static
address 10.0.2.2
netmask 255.255.252.0
broadcast 10.0.3.255
gateway 10.0.0.1
Now I did not run a calculation, this is just off the top of my head.

Normally you would only have to down the interface and up the interface to pick up changes. In this case there may be interactions between interfaces(that is what got us to this thread), so you might want to down and up network. Keep in mind you may have to do this in a complex command or using a script, as with network down you will lose access until it comes back up.

Last edited by wpeckham; 05-22-2017 at 12:49 PM.
 
Old 05-22-2017, 01:39 PM   #28
po4er
LQ Newbie
 
Registered: May 2017
Posts: 15

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by wpeckham View Post
Well, you did not set eth0 as I described. You have this

When it should be something like this


Now I did not run a calculation, this is just off the top of my head.

Normally you would only have to down the interface and up the interface to pick up changes. In this case there may be interactions between interfaces(that is what got us to this thread), so you might want to down and up network. Keep in mind you may have to do this in a complex command or using a script, as with network down you will lose access until it comes back up.
My english is bad and i'm not very well understand what i must to do now.
I got this when write nslookup from winPC

Quote:
C:\Users\User>nslookup -type=a -debug i.ua
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 1, additional = 1

QUESTIONS:
2.2.0.10.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 2.2.0.10.in-addr.arpa
name = tjener.intern
ttl = 500 (8 mins 20 secs)
AUTHORITY RECORDS:
-> 10.in-addr.arpa
nameserver = tjener.intern
ttl = 500 (8 mins 20 secs)
ADDITIONAL RECORDS:
-> tjener.intern
internet address = 10.0.2.2
ttl = 500 (8 mins 20 secs)

------------
╤хЁтхЁ: tjener.intern
Address: 10.0.2.2

------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
i.ua.intern, type = A, class = IN
AUTHORITY RECORDS:
-> intern
ttl = 500 (8 mins 20 secs)
primary name server = tjener.intern
responsible mail addr = root.tjener.intern
serial = 2017042701
refresh = 3600 (1 hour)
retry = 1800 (30 mins)
expire = 720000 (8 days 8 hours)
default TTL = 6400 (1 hour 46 mins 40 secs)

------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 2, additional = 2

QUESTIONS:
i.ua, type = A, class = IN
ANSWERS:
-> i.ua
internet address = 91.198.36.14
ttl = 5728 (1 hour 35 mins 28 secs)
AUTHORITY RECORDS:
-> i.ua
nameserver = ns1.i.ua
ttl = 58541 (16 hours 15 mins 41 secs)
-> i.ua
nameserver = ns2.i.ua
ttl = 58541 (16 hours 15 mins 41 secs)
ADDITIONAL RECORDS:
-> ns1.i.ua
internet address = 91.198.36.2
ttl = 58541 (16 hours 15 mins 41 secs)
-> ns2.i.ua
internet address = 213.186.122.10
ttl = 58541 (16 hours 15 mins 41 secs)

------------
Не заслуживающий доверия ответ:
╚ь*: i.ua
Address: 91.198.36.14
and ping and can't see anymore.
Quote:
C:\Users\User>ping i.ua

Обмен пакетами с i.ua [91.198.36.14] с 32 байтами данных:
Ответ от 10.0.16.31: Заданный узел недоступен.
Ответ от 10.0.16.31: Заданный узел недоступен.
Ответ от 10.0.16.31: Заданный узел недоступен.
Ответ от 10.0.16.31: Заданный узел недоступен.

Статистика Ping для 91.198.36.14:
Пакетов: отправлено = 4, получено = 4, потеряно = 0
(0% потерь)
and tracert (Serverna is a name winPC, whos i cannot ad to domain)
Quote:
C:\Users\User>tracert microsoft.com

Трассировка маршрута к microsoft.com [23.100.122.175]
с максимальным числом прыжков 30:

1 * Serverna.intern [10.0.16.31] сообщает: Заданный узел недоступен.

Трассировка завершена.
 
Old 05-24-2017, 10:02 AM   #29
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,833

Rep: Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737Reputation: 1737
Your english is good enough for this.
Examine the numbers in my last post and see the difference in the eth0 setup. That is what you must change.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Migrating mail server from debian 5 to debian 6- Maildir folder renaming script asylum_craig Linux - Server 1 04-05-2013 06:46 AM
LXer: How to add Debian Squeeze to your Debian Lenny FAI install server LXer Syndicated Linux News 0 09-08-2011 07:21 PM
Mounting a 2TB ee GPT partition with Busybox debian-installer/debian live? Xeratul Debian 0 08-15-2011 09:55 AM
LXer: How To Upgrade Debian Lenny (Debian 5.0) To Squeeze (Debian 6.0) On Xen VPS LXer Syndicated Linux News 0 03-09-2011 05:20 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 12:26 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration