Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
05-10-2017, 03:40 PM
|
#16
|
LQ Newbie
Registered: May 2017
Posts: 15
Original Poster
Rep:
|
Quote:
Are there other class C subnet addresses used in your network?
|
Class C only have eth1 (192.168.0.1 and 192.168.1.0)
From Debian Edu manual
Quote:
The default network setup
DHCPD on Tjener serves the 10.0.0.0/8 network, providing a syslinux menu via PXE-boot where you can choose whether to install a new server/workstation, boot a thin client or a diskless workstation, run memtest, or boot from the local hard disk.
This is designed to be modified - that is, you can have the NFS-root in syslinux pointing to one of the LTSP servers or change the DHCP next-server option (stored in LDAP) to have clients directly boot via PXE from the terminal server.
DHCPD on the LTSP servers only serves a dedicated network on the second interface (192.168.0.0/24 and 192.168.1.0/24 are preconfigured options) and should seldom need to be changed.
The configuration of all subnets is stored in LDAP.
3.1.2. Main server (tjener)
A Skolelinux network needs one main server (also called "tjener" which is Norwegian and means "server") which per default has the IP address 10.0.2.2 and is installed by selecting the Main Server profile. It's possible (but not required) to also select and install the LTSP Server and Workstation profiles in addition to the Main Server profile.
3.1.3. Services running on the main server
With the exception of the control of the thin clients, all services are initially set up on one central computer (the main server). For performance reasons, the LTSP server(s) should be separate (though it is possible to install both the Main Server and LTSP Server profiles on the same machine). All services are allocated a dedicated DNS-name and are offered exclusively over IPv4. The allocated DNS name makes it easy to move individual services from the main server to a different machine, by simply stopping the service on the main server, and changing the DNS configuration to point to the new location of the service (which should be set up on that machine first, of course).
To ensure security all connections where passwords are transmitted over the network are encrypted, so no passwords are sent over the network as plain text.
|
default construction debian edu
http://guide.debianizzati.org/index....u_(Skolelinux)
Last edited by po4er; 05-10-2017 at 03:50 PM.
|
|
|
05-10-2017, 08:02 PM
|
#17
|
LQ Guru
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 5,924
|
Given these I know that we need to consider traffic addresses for 24 bit mask networks 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0.
Are there other class C subnet addresses FROM THE 10.0.0.0/8 CLASS A network range used in your network?
|
|
|
05-18-2017, 02:21 AM
|
#18
|
LQ Newbie
Registered: May 2017
Posts: 15
Original Poster
Rep:
|
Quote:
Originally Posted by wpeckham
Given these I know that we need to consider traffic addresses for 24 bit mask networks 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0.
Are there other class C subnet addresses FROM THE 10.0.0.0/8 CLASS A network range used in your network?
|
Sorry problem with internet. No another class C adresses from 10.0.0.0/8. I only create in eth2 10.0.3.1/24. What kind of information you need from me?
|
|
|
05-18-2017, 09:36 AM
|
#19
|
LQ Guru
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 5,924
|
That may be all we need.
Instead of claiming the entire class A subnet 10.0.0.0/8 why not define the first network on the first interface (eth0) as 10.0.0.0/24, then add static network routes for the 10.0.1.0/24 and 10.0.2.0/24 to that interface. Now create the second interface using the 10.0.3.0/24 subnet.
This will result in all traffic for 10.0.3.x going via the second (eth1) interface with ALL other traffic using the first (eth0) interface.
|
|
|
05-18-2017, 12:41 PM
|
#20
|
LQ Newbie
Registered: May 2017
Posts: 15
Original Poster
Rep:
|
Quote:
Originally Posted by wpeckham
That may be all we need.
Instead of claiming the entire class A subnet 10.0.0.0/8 why not define the first network on the first interface (eth0) as 10.0.0.0/24, then add static network routes for the 10.0.1.0/24 and 10.0.2.0/24 to that interface. Now create the second interface using the 10.0.3.0/24 subnet.
This will result in all traffic for 10.0.3.x going via the second (eth1) interface with ALL other traffic using the first (eth0) interface.
|
I can't do this, because this don't work. All network configuration work from ldap schemas ( i insert schema with configuration) Gosa-server.ldif. When i connect from pc to server eth2 with ip 10.0.3.1/24, don't work dns and dhcp, i can ping 10.0.2.2 and 10.0.0.1, but can't 8.8.8.8 or google.com.
Last edited by po4er; 05-18-2017 at 12:47 PM.
|
|
|
05-18-2017, 05:12 PM
|
#21
|
LQ Guru
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 5,924
|
It should work. Since your default gateway is 10.0.0.1 and that is on your first subnet and local network to eth0 it should gate you to the world.
However!
Reading back, I did get something wrong and need to correct things or get something clear.
Your low order subnets (addresses 10.0.0.0 through 10.0.3.255) all use the first (eth0) interface.
Your subnet 10.0.16.0/24 uses the third interface (eth2).
I went back to your very first post to get this, I had forgotten about eth1 which I presume we do NOT want to change.
So, the new plan would be
10.0.0.0/22 subnet should be the local network for eth0. This will encompas the 10.0.0.0-10.0.3.255 addressing and have your local gateway at 10.0.0.1 as a local address so routing should work.
Your third interface (eth2) should use local network 10.0.16.0/24 (addresses 10.0.16.0-10.0.16.255).
Used this way you do not need any static routes or custom routing.
Question: what does LDAP have to do with this? What is the address of your LDAP server? (Because if you are using LDAP, all of your hosts need to be able to reach it for authentication.)
|
|
|
05-20-2017, 01:22 AM
|
#22
|
LQ Newbie
Registered: May 2017
Posts: 15
Original Poster
Rep:
|
Quote:
Originally Posted by wpeckham
Question: what does LDAP have to do with this? What is the address of your LDAP server? (Because if you are using LDAP, all of your hosts need to be able to reach it for authentication.)
|
Ldap server + Samba = Authenticate windows users to the domain.
From manual "you can have the NFS-root in syslinux point to one of the
LTSP servers or change the DHCP next-server option (stored in LDAP) to have clients directly boot via
PXE from the terminal server.
DHCPD on the LTSP servers only serves a dedicated network on the second interface (192.168.0.0/24
and 192.168.1.0/24 are preconfigured options) and should seldom need to be changed.
The configuration of all subnets is stored in LDAP."
Default Setup: ou can have a lot of LTSP servers on the main network; two different subnets are preconfigured
(DNS, DHCP) in LDAP, more could be added.
|
|
|
05-20-2017, 07:18 AM
|
#23
|
LQ Guru
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 5,924
|
All of which tells me nothing about where LDAP is configured in your specific network, but we can pass on that. It really does not impact on the rest of this unless your LDAP server is somewhere off where this or some other host cannot reach it for authentication.
|
|
|
05-21-2017, 04:09 AM
|
#24
|
LQ Newbie
Registered: May 2017
Posts: 15
Original Poster
Rep:
|
Ok. I must change in network manager 10.0.0.0 through 10.0.3.255 eth0, 10.0.16.0/24 eth2. I'm good understand? I installed teamviewer, maybe you can watch to my pc?
LDAP server ldaps://10.0.2.2)
Last edited by po4er; 05-21-2017 at 04:20 AM.
|
|
|
05-21-2017, 07:50 AM
|
#25
|
LQ Guru
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 5,924
|
I cannot at this time. Defining the local network on the interfaces as I specified above (10.0.0.0/22 for eth0 and 10.0.16.0/24 for eth2) should easily do the job. Just make sure that your network path to the server is not critical to the session, as you may break it in this process. (Use ILO console, or VMWARE console, or network access via that eth1 interface so if you mess it up you still have access to fix things.)
|
|
|
05-22-2017, 06:26 AM
|
#26
|
LQ Newbie
Registered: May 2017
Posts: 15
Original Poster
Rep:
|
Work eth2, but i have a problem. From winPC i can't ping 8.8.8.8 or google.com??? I have internet can ping 10.0.2.2 and 10.0.0.1. Other sites write me destination host unreachable. What I'm doing wrong?
Quote:
eth0 Link encap:Ethernet HWaddr 00:11:85:04:65:08
inet addr:10.0.2.2 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::211:85ff:fe04:6508/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14063 errors:0 dropped:0 overruns:0 frame:0
TX packets:11761 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:12489279 (11.9 MiB) TX bytes:1432863 (1.3 MiB)
Interrupt:20
eth1 Link encap:Ethernet HWaddr 00:15:8a:00:40:db
inet addr:192.168.0.254 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
eth2 Link encap:Ethernet HWaddr 00:11:85:04:65:33
inet addr:10.0.16.0 Bcast:10.255.255.255 Mask:255.255.255.0
inet6 addr: fe80::211:85ff:fe04:6533/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8284 errors:0 dropped:0 overruns:0 frame:0
TX packets:7214 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1065965 (1.0 MiB) TX bytes:5209662 (4.9 MiB)
Interrupt:18
|
My Network configuration
Quote:
# The loopback network interface
auto lo
iface lo inet loopback
dns-search intern
dns-nameservers 127.0.0.1
auto eth0
iface eth0 inet static
address 10.0.2.2
netmask 255.0.0.0
broadcast 10.255.255.255
gateway 10.0.0.1
# The commented lines below is to be used if a DHCP server is in use
#iface eth0 inet dhcp
auto eth1
iface eth1 inet static
address 192.168.0.254
netmask 255.255.255.0
broadcast 192.168.0.255
# The commented lines below is to be used if a DHCP server is in use
#iface eth1 inet dhcp
auto eth2
iface eth2 inet static
address 10.0.16.0
netmask 255.255.255.0
broadcast 10.255.255.255
dns-search intern
dns-nameservers 127.0.0.1
# The commented lines below is to be used if a DHCP server is in use
#iface eth2 inet dhcp
|
|
|
|
05-22-2017, 12:44 PM
|
#27
|
LQ Guru
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 5,924
|
Well, you did not set eth0 as I described. You have this
Quote:
auto eth0
iface eth0 inet static
address 10.0.2.2
netmask 255.0.0.0
broadcast 10.255.255.255
gateway 10.0.0.1
|
When it should be something like this
Quote:
auto eth0
iface eth0 inet static
address 10.0.2.2
netmask 255.255.252.0
broadcast 10.0.3.255
gateway 10.0.0.1
|
Now I did not run a calculation, this is just off the top of my head.
Normally you would only have to down the interface and up the interface to pick up changes. In this case there may be interactions between interfaces(that is what got us to this thread), so you might want to down and up network. Keep in mind you may have to do this in a complex command or using a script, as with network down you will lose access until it comes back up.
Last edited by wpeckham; 05-22-2017 at 12:49 PM.
|
|
|
05-22-2017, 01:39 PM
|
#28
|
LQ Newbie
Registered: May 2017
Posts: 15
Original Poster
Rep:
|
Quote:
Originally Posted by wpeckham
Well, you did not set eth0 as I described. You have this
When it should be something like this
Now I did not run a calculation, this is just off the top of my head.
Normally you would only have to down the interface and up the interface to pick up changes. In this case there may be interactions between interfaces(that is what got us to this thread), so you might want to down and up network. Keep in mind you may have to do this in a complex command or using a script, as with network down you will lose access until it comes back up.
|
My english is bad and i'm not very well understand what i must to do now.
I got this when write nslookup from winPC
Quote:
C:\Users\User>nslookup -type=a -debug i.ua
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 1, additional = 1
QUESTIONS:
2.2.0.10.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 2.2.0.10.in-addr.arpa
name = tjener.intern
ttl = 500 (8 mins 20 secs)
AUTHORITY RECORDS:
-> 10.in-addr.arpa
nameserver = tjener.intern
ttl = 500 (8 mins 20 secs)
ADDITIONAL RECORDS:
-> tjener.intern
internet address = 10.0.2.2
ttl = 500 (8 mins 20 secs)
------------
╤хЁтхЁ: tjener.intern
Address: 10.0.2.2
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
i.ua.intern, type = A, class = IN
AUTHORITY RECORDS:
-> intern
ttl = 500 (8 mins 20 secs)
primary name server = tjener.intern
responsible mail addr = root.tjener.intern
serial = 2017042701
refresh = 3600 (1 hour)
retry = 1800 (30 mins)
expire = 720000 (8 days 8 hours)
default TTL = 6400 (1 hour 46 mins 40 secs)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 2, additional = 2
QUESTIONS:
i.ua, type = A, class = IN
ANSWERS:
-> i.ua
internet address = 91.198.36.14
ttl = 5728 (1 hour 35 mins 28 secs)
AUTHORITY RECORDS:
-> i.ua
nameserver = ns1.i.ua
ttl = 58541 (16 hours 15 mins 41 secs)
-> i.ua
nameserver = ns2.i.ua
ttl = 58541 (16 hours 15 mins 41 secs)
ADDITIONAL RECORDS:
-> ns1.i.ua
internet address = 91.198.36.2
ttl = 58541 (16 hours 15 mins 41 secs)
-> ns2.i.ua
internet address = 213.186.122.10
ttl = 58541 (16 hours 15 mins 41 secs)
------------
Не заслуживающий доверия ответ:
╚ь*: i.ua
Address: 91.198.36.14
|
and ping and can't see anymore.
Quote:
C:\Users\User>ping i.ua
Обмен пакетами с i.ua [91.198.36.14] с 32 байтами данных:
Ответ от 10.0.16.31: Заданный узел недоступен.
Ответ от 10.0.16.31: Заданный узел недоступен.
Ответ от 10.0.16.31: Заданный узел недоступен.
Ответ от 10.0.16.31: Заданный узел недоступен.
Статистика Ping для 91.198.36.14:
Пакетов: отправлено = 4, получено = 4, потеряно = 0
(0% потерь)
|
and tracert (Serverna is a name winPC, whos i cannot ad to domain)
Quote:
C:\Users\User>tracert microsoft.com
Трассировка маршрута к microsoft.com [23.100.122.175]
с максимальным числом прыжков 30:
1 * Serverna.intern [10.0.16.31] сообщает: Заданный узел недоступен.
Трассировка завершена.
|
|
|
|
05-24-2017, 10:02 AM
|
#29
|
LQ Guru
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 5,924
|
Your english is good enough for this.
Examine the numbers in my last post and see the difference in the eth0 setup. That is what you must change.
|
|
|
All times are GMT -5. The time now is 12:46 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|