Ryan Rich wrote:
Ryan Rich wrote:
So right now I am baffled. If I plug the machine in the dmz directly into the network with the 138.23.75.60 address it works fine. Am I going mad, or is there something that would cause this behavior?
Look at the routing table in the system that you are pinging from and the IP configuration. I'm betting that it has an address in 138.23.76.0/24.
And if the system you are pinging from doesn't have an address in that network then I'm betting that the last hop router before the LEAF box has an address in that network.
This is true as to how I tested today, but this machine has been plugged into this same network with that address prior to my leaf experiments and I have been able to access it from my home network without any problem as well.
I don't understand your network topology well enough to comment. But I have a very firm grasp of how ARP works. The whole purpose of Proxy ARP is so that a router will respond to ARP "who-has" requests for IP addresses owned by hosts on the opposite side of the router -- as far as I can tell, you are beating your head against the wall trying to get your router to respond to ARP requests that aren't being sent. If you don't believe me, install tcpdump on the LEAF box and watch the ARP traffic:
tcpdump -ni eth0 arp
-Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED]
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
