Hello,

On my home network, I sometimes have a situation where host A can be ssh'd into from host B but only using host A's WLAN address (which has a port forward rule on my router), but not through the LAN address. During this situation, I cannot even ping host A.

Once I've ssh'd into host A, I can ping the other hosts (and my router) from host A without a problem.

Eventually, I can ssh in again using the local address (and pings to host A work again).

My setup:
* Slackware 13 on all hosts (which are connecting wirelessly)
* Router is BUFFALO WHR-HP-G54 using static IPs for all hosts; WPA (PSK + TKIP) and Tomato firmware (1.25)
* Rosewill RNX-G300EX card on host A
* Host A is running headless in the garage (router reports signal strength that varies between 25 - 50) and is usually running rTorrent, although I also serve my media files from this host (using PyTivo).

I'm pretty sure that host A keeps its connection to the router even when unavailable to local ssh -- since I successfully complete torrent downloads even when host A is unavailable.

When pinging doesn't work, I've even tried adding the MAC address to the ARP table manually, then pinging again -- no success.

Any ideas?

Greetingz!

First things first, is it your intention to have Host A available to SSH into from your WAN? If not, I would seriously consider reviewing and revising your port-fowarding setup on your router.

However, if that's not a problem, I would then double-check your IP configuration on the router and Host A.
With this type of setup, you may want to eliminate problem areas, like DHCP.

I'm not familiar with Tomato, as I'm a DD-WRT guy myself, however I do know you can "hard set" IPs and DNS names within a DHCP scope. You may want to consider the following;

1) "Hard set" an IP for Host A on your router, if your router can do this by MAC address, all the better.
2) Configure Host A to use the static IP you set for it on your router.
3) Make sure the ssh daemon is configured to answer on that specific interface by setting "ListenAddress" within your /etc/ssh/sshd_config file to the corresponding static IP address.
4) Ensure that Host A is setting up it's gateway correctly. If anything, you may want to add something like the following in /etc/rc.d/rc.local;

route add default gw 192.168.0.1 wlan0

Note: This assumes that the only interface on the server is wlan0.

5) Make sure you don't have any other interfaces configured to come up on Host A, even if they're not connected. Aside from the loopback (127.0.0.1), of course.

Hope this helps!

I've set this up to allow me to log in remotely to check on torrent status and such. I've tried to follow the recommended guidelines on how to do this securely.

The IP config on the router and Host A *seem* correct.

I've got DHCP turned off on the router and have been using statically assigned IPs for the hosts.


In Tomato, I've use the Static DHCP subsection to map MAC addresses of the various WIFI cards to the IP addresses. I've gone through and double-checked that I've used the correct MAC addresses (and IP, too).


In my rc.inet1.conf file, I've set the IPADDR value to the same one listed in the router's Static DHCP subsection.


The port address I already had set up to my (non-standard) port number, but the IP address I *didn't* have set up. I've gone in and set the ListenAddress value to the IP address of Host A. I then rebooted the machine -- not sure how to reload this on the fly, as I was ssh'd into the machine at the time


I ran /sbin/route -n and got back this:

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.244.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.xxx.xxx.xxx 0.0.0.0 UG 1 0 0 wlan0

where 192.xxx.xxx.xxx matches the IP address of my gateway (my wireless router).


When I run ifconfig, it shows lo, wlan0, but also wmaster0. I read somewhere that wmaster0 could be ignored? If I run ifconfig -a, it also shows my Ethernet card as eth0. If I understand how ifconfig works, this means that eth0 is down, correct?

Thanks for all the help. This problem of mine is proving to be quite an education.

Just an update -- I went ahead and flashed an upgrade to the router's firmware (from 1.25 to 1.27) and switched to using DNSMASQ on the router's flash drive instead of using local hosts files (or the router's web admin Static DHCP subsection). The problem *seems* to have gone away.

Today, I'm trying to replicate the conditions that would almost always trigger the problem, but, since I was able to ping from computer to computer all of last night and this morning without error, I'm hopeful.

If this fixes it, I'd say that the problem was router firmware or, more likely, how I configured (or mis-configured ) the router and not Slackware related.

Thanks for the help.

Ah! I wish I had suggested a firmware upgrade.

How's it working now? Was that the fix?