At 12:31 AM 7/31/02 -0400, lbilyeu wrote:
>swfla.rr.com == aka == timewarner/roadrunner cable
>I'm using the default setup on the Bering_1.0rc3 floppy1680 image
>---except I went ahead and removed norfc1918 from
>/etc/shorewall/interfaces' eth0
>
>I'm still having the outside world suddenly disappear.
>I can login to the firewall itself and ping the upstream BootP server
>address, but nothing outside of it.
"Disappear" is not a technical description.
*How* do the unsuccessful ping attempts fail (if you don't know the variety
of ways ping can report failure, refer to the LEAF FAQs)?
Can you ping your default gateway address (which may be the same as or
different from what you call your "BootP server")?
If you try a traceroute out to the Internet (for example, to my IP address
-- 63.198.182.124), where does it fail?
At the time of failure, what do the following commands report?
ip addr show
netstat -nr
(That is, do you still have a working interface and routing table?) And if
the "BootP server" is different from the gateway, what is its address?
How long do you wait before restarting? Might this just be flaky
connectivity between your ISP and the Internet, and your "fix" a false
solution (it just kills some time, and during that time, connectivity is
restored)?
When you get a new DHCP lease, does it have the same or different gateway
and nameserver addresses?
Finally, are you doing all of this testing by IP address (not FQN)? If you
are pinging by name, you might be having DNS resolution problems, not
actual connectivity problems.
Just to be clear ... if the problem is with DHCP lease renewal, then it
probably is in the firewalling, and Tom or some other Shorewall expert
needs to comment on the ruleset (which I've deleted here). But the symptoms
don't sound like a DHCP problem ... you can still ping some external
address, and you say the lease still has 5 hours to run ... which is why I
am raising these more standard routing questions.
Oh, one more comment ...
[...]
>------------------------------------------------------------
>One last bit of worthless trivia,
>this location has been running successfully with Dachstein
>on a different Box for over 11months.
>So there must be something weird in DHCP
>that TimeWarner has setup for swfla.rr.com
>
>(we're upgrading from a 386sx and figured
>while we upgrade the hardware,
>we'd upgrade the software too)
While Bering is a different LEAF variant than Dachstein, with a slightly
different focus, I would not characterize it as an "upgrade". Just a good
alternative.
--
-----------------------------------------------"Never tell me the
odds!"--------------
Ray Olszewski -- Han Solo
Palo Alto, California, USA [EMAIL PROTECTED]
-------------------------------------------------------------------------------------------
-------------------------------------------------------
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code=31
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
