Thank you for your reply Ray. You are correct in your assumptions. I have not tried to route the pcAnywhere stuff from my primary IP. That is a test that forgot about. :-) I also was stupid in thinking that if I tried to ping one of my secondary addresses from an internal computer that I would get a valid result. Obviously, that's not the case. I am taking your advice and going to look at the routing stuff to see why packets are not getting to my firewall. I think you're right about this not being a port forward issue.
I saw the DNS stuff late yesterday afternoon and called my ISP about it. I know who owns the msdcomputers.com domain, so I called them too. My ISP said that the problem is that they have not updated their reverse lookup stuff, but would get it fixed soon. I don't think that is causing the problem though, because the packets get routed correctly when I've got my Windows Server 2003 box running. I've set up the following information about my external interface: eth0_IPADDR=206.127.76.231 eth0_MASKLEN=27 eth0_BROADCAST=+ # Use this to set the default route if required - ONLY one to be set. # routed or gated could be used to set this so only use if not running these. eth0_DEFAULT_GW=206.127.76.225 # Secondary IP addresses/networks on same wire - add them here eth0_IP_EXTRA_ADDRS="206.127.77.48/28 206.127.77.50 206.127.77.51 206.127.77.52 \ 206.127.77.53 206.127.77.54 206.127.77.55 206.127.77.56 206.127.77.57 \ 206.127.77.58 206.127.77.59 206.127.77.60 206.127.77.61 206.127.77.62 \ 206.127.77.49" # Additional routes for this interface, if any # Space seperated list: <PREFIX>[_<more ip route options>] #eth0_ROUTES="1.1.1.13 2.2.2.0/24_via_1.1.1.18" # IP spoofing protection on this interface - YES/NO eth0_IP_SPOOF=YES Is there more that I have to do for routing in Dach? Do I have to configure eth0_ROUTES to make this work properly? If so, could you please tell me what I should enter here? Thanks a lot for your help, Ray. I appreciate it. Ken > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Ray Olszewski > Sent: Wednesday, March 12, 2003 3:54 PM > To: Ken Marshall; [EMAIL PROTECTED] > Subject: Re: [leaf-user] Port Forwarding and pcAnywhere > > > Ken -- Thanks for a good, clear posting of the details. Based > on it, I have > a couple of comments. > > First, it does not appear that you have tested pcAnywhere > with your primary > IP address (206.127.76.231). This assumes some significance > when I note ... > > Second, I *can* ping your primary IP address ... but I cannot ping or > traceroute to several of your alternate IP addresses (all the ones I > tried). Here is example output for 206.127.77.53: > > [EMAIL PROTECTED]:~$ ping 206.127.77.53 > PING 206.127.77.53 (206.127.77.53): 56 data bytes > > --- 206.127.77.53 ping statistics --- > 5 packets transmitted, 0 packets received, 100% packet loss > > [EMAIL PROTECTED]:~$ traceroute 206.127.77.53 > traceroute to 206.127.77.53 (206.127.77.53), 30 hops max, 38 > byte packets > 1 maxwell.comarre.lan (192.168.1.86) 2.003 ms 0.305 ms 0.285 ms > 2 adsl-63-198-182-254.dsl.snfc21.pacbell.net > (63.198.182.254) 13.246 > ms 15.221 ms 19.922 ms > 3 dist1-vlan60.snfc21.pbi.net (216.102.187.130) 20.473 ms 17.212 > ms 16.250 ms > 4 bb2-g8-1.snfc21.pbi.net (216.102.176.194) 16.526 ms > 16.767 ms 16.486 ms > 5 sl-gw11-sj-3-0.sprintlink.net (144.228.44.49) 18.256 ms 17.382 > ms 23.385 ms > 6 sl-bb20-sj-8-1.sprintlink.net (144.232.3.137) 16.782 ms 15.860 > ms 16.231 ms > 7 sl-bb20-tac-11-1.sprintlink.net (144.232.9.214) 34.775 > ms 36.766 > ms 36.675 ms > 8 sl-bb20-sea-8-1.sprintlink.net (144.232.18.42) 109.899 > ms 183.186 > ms 218.496 ms > 9 sl-gw13-sea-0-0-0.sprintlink.net (144.232.6.2) 36.727 > ms 34.954 > ms 36.678 ms > 10 sl-mt-6-0.sprintlink.net (160.81.44.6) 52.743 ms > sl-mt-5-0.sprintlink.net (160.81.44.10) 66.063 ms > sl-mt-6-0.sprintlink.net > (160.81.44.6) 50.737 ms > 11 * * * > > (A traceroute to your primary address matches this one, > except that it > arrives at step 11.) > > I know you previously said you could ping these other > addresses ... but I > don't think you were specific as to where you tested this > *from*. Can the > host that is trying to make the pcAnywhere connection to one of these > addresses ping and traceroute to it? In any case, before focusing too > tightly on port-forwarding problems, I would make sure you > haver routing > working (look at the stuff in the SR FAQ that you didn't do > for ways to > check on the LEAF router's interfaces and routing table). > > Beyond that, another oddity ... if I do reverse lookups of two of the > addresses, I find that the primary is associated with your > domain, but one > of the others is associated with a different domain: > > [EMAIL PROTECTED]:~$ host 206.127.77.55 > Name: train4.msdcomputers.com > Address: 206.127.77.55 > > [EMAIL PROTECTED]:~$ host 206.127.76.231 > Name: blackmountainsoftware.net > Address: 206.127.76.231 > > A quick look at the whois records seems to imply that > msdcomputers.com is a > different business from you (all the contact-info details > differ), though > also in Helena. So you might want to double check the accuracy of the > additional addresses ...be sure they are the same ones you > used in the > successful tests of pcAnywhere you previously reported with a > Windows server. > > One other detail ... since you don't mention which addresses > you used in > your tests ... you did notice that you failed to port-forward > the first > extra IP address, right? > > In closing, am I right in reading your message to mean that > you tested port > forwarding to a Web server using your primary IP address, not > one of these > alternates? But that you have ONLY tested pcAnywhere > connections with the > alternates? If so, I would stop focusing on port forwarding and start > focusing on interface or routing-table problems. > <Snip original message> ------------------------------------------------------- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
