Sorry, I actually did read the SR FAQ... But that was in addition to about
10,000 other documents and my mind is not what it used to be. Anyway here
is the info. As you can see on the extra addresses I have both
206.127.77.48/28 as well as each IP individually. I did that because I
wasn't sure how to make sure that I got the network and broadcast addresses
entered properly.
# ip addr show
1: lo: <LOOPBACK,UP> mtu 3924 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope global lo
2: ipsec0: <NOARP,UP> mtu 16260 qdisc pfifo_fast qlen 10
link/ether 00:01:02:26:05:1a brd ff:ff:ff:ff:ff:ff
inet 206.127.76.231/27 brd 206.127.76.255 scope global ipsec0
3: ipsec1: <NOARP> mtu 0 qdisc noop qlen 10
link/ipip
4: ipsec2: <NOARP> mtu 0 qdisc noop qlen 10
link/ipip
5: ipsec3: <NOARP> mtu 0 qdisc noop qlen 10
link/ipip
6: brg0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
link/ether fe:fd:0f:00:38:68 brd ff:ff:ff:ff:ff:ff
7: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:01:02:26:05:1a brd ff:ff:ff:ff:ff:ff
inet 206.127.76.231/27 brd 206.127.76.255 scope global eth0
inet 206.127.77.48/28 scope global eth0
inet 206.127.77.50/32 scope global eth0
inet 206.127.77.51/32 scope global eth0
inet 206.127.77.52/32 scope global eth0
inet 206.127.77.53/32 scope global eth0
inet 206.127.77.54/32 scope global eth0
inet 206.127.77.55/32 scope global eth0
inet 206.127.77.56/32 scope global eth0
inet 206.127.77.57/32 scope global eth0
inet 206.127.77.58/32 scope global eth0
inet 206.127.77.59/32 scope global eth0
inet 206.127.77.60/32 scope global eth0
inet 206.127.77.61/32 scope global eth0
inet 206.127.77.62/32 scope global eth0
inet 206.127.77.49/32 scope global eth0
8: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:01:02:26:05:37 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.1/24 brd 192.168.10.255 scope global eth1
# netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt
Iface
206.127.77.48 0.0.0.0 255.255.255.240 U 0 0 0
eth0
206.127.76.224 0.0.0.0 255.255.255.224 U 0 0 0
eth0
206.127.76.224 0.0.0.0 255.255.255.224 U 0 0 0
ipsec0
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0
eth1
0.0.0.0 206.127.76.225 0.0.0.0 UG 0 0 0
eth0
Thanks,
Ken
> -----Original Message-----
> From: Ray Olszewski [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 12, 2003 4:50 PM
> To: Ken Marshall; [EMAIL PROTECTED]
> Subject: RE: [leaf-user] Port Forwarding and pcAnywhere
>
>
> You didn't read the SR FAQ, did you?
>
> Please report the output of:
>
> ip addr show
> netstat -nr
>
> These will tell us what interfaces and routes are *actually*
> being set up
> on your Dach router, not what you are *trying* to set up (in
> the end, that
> is all that the config files tell us). If the extra-address
> interfaces do
> not show up, or there is a problem with routing back to them
> ... well, then
> we can try to help you figure out where you went wrong. But
> it's quickest
> to check the actual settings before starting out on a
> possible snipe hunt
> for config-file errors.
>
> One blue-sky thought ... I've never tried to set up one of these
> multi-address external interfaces where the extra addresses are on a
> different network than the primary address (and the default
> gateway). I
> wonder if packets going back out those interfaces can find
> the default
> gateway? (Charles, are you around??? How does that part work on Dach?)
>
> At 04:37 PM 3/12/2003 -0700, Ken Marshall wrote:
> >Thank you for your reply Ray.
> >
> >You are correct in your assumptions. I have not tried to route the
> >pcAnywhere stuff from my primary IP. That is a test that
> forgot about.
> >:-) I also was stupid in thinking that if I tried to ping one of my
> >secondary addresses from an internal computer that I would
> get a valid
> >result. Obviously, that's not the case. I am taking your advice and
> >going to look at the routing stuff to see why packets are
> not getting
> >to my firewall. I think you're right about this not being a port
> >forward issue.
> >
> >I saw the DNS stuff late yesterday afternoon and called my ISP about
> >it. I know who owns the msdcomputers.com domain, so I
> called them too.
> >My ISP said that the problem is that they have not updated their
> >reverse lookup stuff, but would get it fixed soon. I don't
> think that
> >is causing the problem though, because the packets get
> routed correctly
> >when I've got my Windows Server 2003 box running.
> >
> >I've set up the following information about my external interface:
> >
> >eth0_IPADDR=206.127.76.231
> >eth0_MASKLEN=27
> >eth0_BROADCAST=+
> ># Use this to set the default route if required - ONLY one
> to be set. #
> >routed or gated could be used to set this so only use if not running
> >these. eth0_DEFAULT_GW=206.127.76.225
> ># Secondary IP addresses/networks on same wire - add them here
> >eth0_IP_EXTRA_ADDRS="206.127.77.48/28 206.127.77.50 206.127.77.51
> >206.127.77.52 \
> > 206.127.77.53 206.127.77.54 206.127.77.55 206.127.77.56
> 206.127.77.57 \
> > 206.127.77.58 206.127.77.59 206.127.77.60 206.127.77.61
> 206.127.77.62 \
> > 206.127.77.49"
> >
> ># Additional routes for this interface, if any
> ># Space seperated list: <PREFIX>[_<more ip route options>]
> >#eth0_ROUTES="1.1.1.13 2.2.2.0/24_via_1.1.1.18"
> ># IP spoofing protection on this interface - YES/NO eth0_IP_SPOOF=YES
> >
> >Is there more that I have to do for routing in Dach? Do I have to
> >configure eth0_ROUTES to make this work properly? If so, could you
> >please tell me what I should enter here?
> >
> >Thanks a lot for your help, Ray. I appreciate it.
> [old stuff deleted]
>
>
>
>
>
-------------------------------------------------------
This SF.net email is sponsored by:Crypto Challenge is now open!
Get cracking and register here for some mind boggling fun and
the chance of winning an Apple iPod:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
