You have both interfaces (eth0 and eth1) on the same /24 network (192.168.1.0/24):
ip addr show
[...]
7: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:90:47:01:98:80 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.25/24 brd 192.168.1.255 scope global eth0
8: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:90:47:01:a0:7a brd ff:ff:ff:ff:ff:ff
inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1
... and ...
The default firewall most likely cannot handle this sort of routing table, and (for example) installs rules to DENY traffic from the "internal" (eth1, probably) network if it comes in on the "external" (eth0, probably) interface. Hence, this rule appears, and it probably blocks (at least some of) your ping attempts:ip route show 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.25 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.254 default via 192.168.1.1 dev eth0
49 5518 DENY all ----l- 0xFF 0x00 eth0 192.168.1.0/24 0.0.0.0/0 n/a... and ...
It is not impossible to have 2 interfaces on the same network (though it is tricky). But to untangle your problem, we need a better understanding of what your network arrangement *should* look like if it were working properly. What do you wan this router to route?
Also please be specific as to what IP address the NT host is using and which interface it is attached to (and, for that matter, what *its* routing table looks like). From your posting, it appears that it is using the IP address that the router thinks is its default gateway (192.168.1.1) but that it is on the wrong interface to serve in this role (assuming that eth1 is your internal interface, as is the custom ... in any case, the "internal" interface is, by definition, NOT the interface that connects to the default gateway).
At 05:02 PM 1/29/03 -0800, Chris Low wrote:
[raw details deleted, except for implied trouble description]
I can't interpret these without the info I asked for on the NT host's configuration.Ping from NT4 to eth0 (192.168.1.25) Request timed out. Ping from NT4 to eth1 (192.168.1.254) Request timed out. Ping from NT4 to 208.57.96.252 Request timed out.
In both cases, the router believes that it needs to send this ping to 192.168.1.1, on eth0 (per the routing table). But the output table blocks such packets with this rulePing from firewall to 208.57.96.252 Ping: sendto: Operation not permitted Ping from firewall to NT4 (192.168.1.1) Ping: sendto: Operation not permitted
0 0 DENY all ------ 0xFF 0x00 eth0 192.168.1.0/24 0.0.0.0/0 n/a
causing the sendto: messages you report. -- -------------------------------------------"Never tell me the odds!"-------- Ray Olszewski -- Han Solo Palo Alto, California, USA [EMAIL PROTECTED] ------------------------------------------------------------------------------- ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
