Hi,
I've got a serious problem with linux 2.0.35 (redhat 5.1 fully updated)
trying to get it work as a router. This picture describes my net config:
internet router educ.disi.unige.it rubino.educ....
(router) private net
130.251.152.254 ---------- 130.251.152.0 ------------- ...234
192.168.1.234 --- 192.168.1.235
netmask 255.255.255.0 eth0
eth1 eth0
mithrandir.gondor.net sauron.gondor.net
The two hosts ping each other on 192.168.1.0 network and I can ping rubino
130.251.152.234 from
sauron.
But I can't get to any host on educ network from sauron (no ping, no traceroute)
I've tried with stock redhat kernel and then with a custom kernel with bridging
enabled. I've followed the guidelines in Firewall+Bridge HOWTO.
Nothing to do.
I hope I've stated my problem clearly. If not, forgive me because I'm in a hurry
and I must leave department right now
Am I missing something? Can you help me to get rubino to work properly as a router?
I'm in desperate need of your help.
Thank you very much.
Following is the relevant config and tcpdump output
Francesco Faenzi ([EMAIL PROTECTED] and [EMAIL PROTECTED])
================================================================================================
dmesg
Ethernet Bridge 002 for NET3.035 (Linux 2.0)
3c59x.c:v0.99E 5/12/98 Donald Becker
http://cesdis.gsfc.nasa.gov/linux/drivers/vortex.html
eth0: 3Com 3c905 Boomerang 100baseTx at 0x6100, 00:60:97:b1:ca:db, IRQ 10
8K word-wide RAM 3:5 Rx:Tx split, NWay Autonegotiation interface.
MII transceiver found at address 24, status 7869.
Enabling bus-master transmits and whole-frame receives.
ne.c: PCI BIOS reports NE 2000 clone at i/o 0x6000, irq 11.
ne.c:v1.10 9/23/94 Donald Becker ([EMAIL PROTECTED])
NE*000 ethercard probe at 0x6000: 00 20 18 2c 11 a9
eth1: NE2000 found at 0x6000, using IRQ 11.
-------------------------------------------------------------------------------------------
cp /etc/nologin.system_time /etc/nologin
stop_services
Name Server Stopped
holelogd.named stopped
Shutting down httpd: httpd
Shutting down NFS services: rpc.mountd rpc.nfsd
Shutting down sendmail: sendmail
Shuting down NIS services: ypbind
Shutting down SMB services: smbd nmbd
Shutting down lpd: lpd
Unmounting remote filesystems.
-------------------------------------------------------------------------------------------
cat /etc/sysconfig/network
NETWORKING=yes
FORWARD_IPV4=true
HOSTNAME="rubino.educ.disi.unige.it"
DOMAINNAME=educ.disi.unige.it
GATEWAY=130.251.152.254
GATEWAYDEV=eth0
# >>> ADDED
NISDOMAIN=educ.disi.unige.it
# <<<
cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
IPADDR="130.251.152.234"
NETMASK="255.255.255.0"
NETWORK=130.251.152.0
BROADCAST=130.251.152.255
ONBOOT="yes"
BOOTPROTO="none"
IPXNETNUM_802_2=""
IPXPRIMARY_802_2="no"
IPXACTIVE_802_2="no"
IPXNETNUM_802_3=""
IPXPRIMARY_802_3="no"
IPXACTIVE_802_3="no"
IPXNETNUM_ETHERII=""
IPXPRIMARY_ETHERII="no"
IPXACTIVE_ETHERII="no"
IPXNETNUM_SNAP=""
IPXPRIMARY_SNAP="no"
IPXACTIVE_SNAP="no"
cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE="eth1"
IPADDR="192.168.1.234"
NETMASK="255.255.255.0"
ONBOOT="yes"
BOOTPROTO="none"
IPXNETNUM_802_2=""
IPXPRIMARY_802_2="no"
IPXACTIVE_802_2="no"
IPXNETNUM_802_3=""
IPXPRIMARY_802_3="no"
IPXACTIVE_802_3="no"
IPXNETNUM_ETHERII=""
IPXPRIMARY_ETHERII="no"
IPXACTIVE_ETHERII="no"
IPXNETNUM_SNAP=""
IPXPRIMARY_SNAP="no"
IPXACTIVE_SNAP="no"
cat /etc/sysconfig/network-scripts/ifcfg-eth1 (2nd try - doesn't work)
DEVICE="eth1"
IPADDR="192.168.1.234"
NETMASK="255.255.255.0"
NETWORK="192.168.1.0"
BROADCAST="192.168.1.255"
GATEWAY="130.251.152.234"
ONBOOT="yes"
BOOTPROTO="none"
IPXNETNUM_802_2=""
IPXPRIMARY_802_2="no"
IPXACTIVE_802_2="no"
IPXNETNUM_802_3=""
IPXPRIMARY_802_3="no"
IPXACTIVE_802_3="no"
IPXNETNUM_ETHERII=""
IPXPRIMARY_ETHERII="no"
IPXACTIVE_ETHERII="no"
IPXNETNUM_SNAP=""
IPXPRIMARY_SNAP="no"
IPXACTIVE_SNAP="no"
(I get the following:
ne.c: PCI BIOS reports NE 2000 clone at i/o 0x6000, irq 11.
ne.c:v1.10 9/23/94 Donald Becker ([EMAIL PROTECTED])
NE*000 ethercard probe at 0x6000: 00 20 18 2c 11 a9
eth1: NE2000 found at 0x6000, using IRQ 11.
SIOCADDRT: Invalid argument
)
-------------------------------------------------------------------------------------------
ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
RX packets:152 errors:0 dropped:0 overruns:0
TX packets:152 errors:0 dropped:0 overruns:0
eth0 Link encap:Ethernet HWaddr 00:60:97:B1:CA:DB
inet addr:130.251.152.234 Bcast:130.251.152.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:650 errors:0 dropped:0 overruns:0
TX packets:727 errors:0 dropped:0 overruns:0
Interrupt:10 Base address:0x6100
eth1 Link encap:Ethernet HWaddr 00:20:18:2C:11:A9
inet addr:192.168.1.234 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11 errors:0 dropped:0 overruns:0
TX packets:66 errors:0 dropped:0 overruns:0
Interrupt:11 Base address:0x6000
-------------------------------------------------------------------------------------------
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
130.251.152.0 0.0.0.0 255.255.255.0 U 0 0 5 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 2 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 1 lo
0.0.0.0 130.251.152.254 0.0.0.0 UG 0 0 1 eth0
-------------------------------------------------------------------------------------------
(as suggested in Bridge+Firewall HOWTO)
ifconfig eth0 promisc
eth0: Setting promiscuous mode.
eth0: Setting promiscuous mode.
ifconfig eth1 promisc
ifconfig eth0 arp
eth0: Setting promiscuous mode.
eth0: Setting promiscuous mode.
ifconfig eth1 arp
brcfg -enable
bridging is ENABLED debugging is DISABLED
bridge id 0x0001 00:60:97:b1:ca:db
designated root 0x0001 00:60:97:b1:ca:db
bridge max age 20 max age 20
bridge hello time 2 hello time 2
bridge forward delay 15 forward delay 15
root path cost 0 root port 0
flags NONE
--- port stats ---
port 1 port id 0x0001 port state FORWARDING (0x3)
designated root 0x0001 00:60:97:b1:ca:db
designated bridge 0x0001 00:60:97:b1:ca:db
path cost 100 designated cost 0
designated port 1 flags NONE
port 2 port id 0x0002 port state FORWARDING (0x3)
designated root 0x0001 00:60:97:b1:ca:db
designated bridge 0x0001 00:60:97:b1:ca:db
path cost 100 designated cost 0
designated port 128 flags NONE
-------------------------------------------------------------------------------------------
cat /proc/sys/net/ipv4/ip_forward
1
-------------------------------------------------------------------------------------------
FROM 192.168.1.235
------------------
ping 192.168.1.234
OK
ping 130.251.152.234
OK
ping 130.251.152.1
NO
THE BRIDGE
----------
WHILE PINGING FROM INTERNAL HOST 192.168.1.235
tcpdump -i eth1
tcpdump: listening on eth1
09:29:47.053696 sauron.gondor.net > selene: icmp: echo request
tcpdump -i eth0
eth0: Setting promiscuous mode.
eth0: Setting promiscuous mode.
tcpdump: listening on eth0
09:30:40.043696 sauron.gondor.net > selene: icmp: echo request
tcpdump -i eth0 -e host 192.168.1.235
eth0: Setting promiscuous mode.
eth0: Setting promiscuous mode.
tcpdump: listening on eth0
09:31:28.033696 0:60:97:b1:ca:db 8:0:20:77:bb:66 ip 98: sauron.gondor.net > selene:
icmp: echo request
tcpdump -i eth0 src host sauron
WHILE TRACEROUTEING FROM BRIDGE : traceroute -s 192.168.1.234 130.251.152.1
tcpdump -i eth0 src host 192.168.1.234
eth0: Setting promiscuous mode.
eth0: Setting promiscuous mode.
tcpdump: listening on eth0
09:32:50.353696 mithrandir.gondor.net.33613 > selene.33435: udp 12 [ttl 1]
09:33:10.393696 mithrandir.gondor.net.33613 > selene.33439: udp 12
tcpdump -i eth0 -e host 192.168.1.234
eth0: Setting promiscuous mode.
eth0: Setting promiscuous mode.
tcpdump: listening on eth0
09:33:45.593696 0:60:97:b1:ca:db 8:0:20:77:bb:66 ip 54: mithrandir.gondor.net.33614 >
selene.33436: udp 12 [ttl 1]
(eth0: hw address 00:60:97:B1:CA:DB)
(eth1:hw address 00:20:18:2C:11:A9)
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
