Re: aliasing/routing trouble

To: "Shawn Kelley" <spinnkidd@hotmail.com>
Cc: coryp@petersen-arne.com, debian-firewall@lists.debian.org, eug-lug@efn.org
Subject: Re: aliasing/routing trouble
From: "Vince Mulhollon" <vlm@norlight.com>
Date: Tue, 23 Jan 2001 10:04:49 -0600
Message-id: <[🔎] OF76978F28.3ED97358-ON862569DD.0057C9B0@norlight.com>
Kernel found the cards, see the ifconfig, thats not the problem.

I must say the ifconfig for eth1 is very... interesting.

Take a closer look at the routing.

I think 192.168.1.0 needs to route out eth0:1 not eth0

Would be interesting to see the actual /sbin/route command you execute to
route 192.168.1.0

Try a config without ip aliasing, which in the (distant) past was a pretty
nasty hack, or even plug in yet another ethernet card for the 192 network.
IP alias can be an excellent way to shoot oneself in their foot in hard to
debug ways.



                                                                                                                    
                    "Shawn                                                                                          
                    Kelley"              To:     coryp@petersen-arne.com, debian-firewall@lists.debian.org,         
                    <spinnkidd@ho        eug-lug@efn.org                                                            
                    tmail.com>           cc:     (bcc: Vince Mulhollon/Brookfield/Norlight)                         
                                         Fax to:                                                                    
                    01/23/2001           Subject:     Re: aliasing/routing trouble                                  
                    09:48 AM                                                                                        
                                                                                                                    
                                                                                                                    




Greetings Cory,


Did you append lilo.conf to recognize the 2 NIC's??


#you will need to add a line similar to this to /etc/lilo.conf & then run
'lilo'


append="ether=IRQ, I/O,eth0 ether=IRQ,I/O,eth1"


Regards,


Shawn Kelley


>From: Cory Petkovsek


>To: debian-firewall@lists.debian.org, euglug
>Subject: aliasing/routing trouble
>Date: Mon, 22 Jan 2001 16:57:53 -0800
>
>Hello all,
>
>I'm having trouble getting ip aliasing to work. I have tried a few
different kernels, 2.2.18-1 and 2.2.17pre6-1.
>
>On my firewall, I have two nics, eth0 - private lan, eth1 - internet. I
want to setup two private networks on eth0. Once it's setup the way I think
it should be, I can ping the outside world, I can ping my privat lan #1,
but I cannot ping lan #2. Ping reports 'operation not permitted'.
>
>On my laptop (running 2.4) this works just fine. I add in the alias, don't
even mess with the routing table, and can ping either lan.
>
>The two private lans are on the same physical network.
>
>Anyone have any suggestions or help for me?
>
>Thanks!
>Cory
>
>
>Starting with a configured masquerading eth0/eth1 system, I type the
following:
>
># ifconfig eth0:1 192.168.1.1 netmask 255.255.255.0
># ifconfig
>
>eth0 Link encap:Ethernet HWaddr 00:01:02:72:FB:E4
> inet addr:10.0.0.1 Bcast:10.255.255.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:4770 errors:0 dropped:0 overruns:1 frame:0
> TX packets:1899 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:100
> Interrupt:9 Base address:0xf800
>
>eth0:1 Link encap:Ethernet HWaddr 00:01:02:72:FB:E4
> inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> Interrupt:9 Base address:0xf800
>
>eth1 Link encap:Ethernet HWaddr 00:50:04:13:33:89
> inet addr:123.456.789.33 Bcast:208.130.234.35 Mask:255.255.255.252
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:211 errors:0 dropped:0 overruns:0 frame:0
> TX packets:230 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:100
> Interrupt:10 Base address:0xf880
>
>lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:3924 Metric:1
> RX packets:56 errors:0 dropped:0 overruns:0 frame:0
> TX packets:56 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
>
># route -n
>Kernel IP routing table
>Destination Gateway Genmask Flags Metric Ref Use Iface
>123.456.789.32 0.0.0.0 255.255.255.252 U 0 0 0 eth1
>10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
>192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
>0.0.0.0 123.456.789.34 0.0.0.0 UG 0 0 0 eth1
>
># ping google.com -c 1
>PING google.com (64.208.32.100): 56 data bytes
>64 bytes from 64.208.32.100: icmp_seq=0 ttl=50 time=39.2 ms
>
># ping 10.0.0.5 -c 1
>PING 10.0.0.5 (10.0.0.5): 56 data bytes
>64 bytes from 10.0.0.5: icmp_seq=0 ttl=128 time=0.9 ms
>
># ping 192.168.1.6
>PING 192.168.1.6 (192.168.1.6): 56 data bytes
>ping: sendto: Operation not permitted
>ping: wrote 192.168.1.6 64 chars, ret=-1
>ping: sendto: Operation not permitted
>ping: wrote 192.168.1.6 64 chars, ret=-1
>ping: sendto: Operation not permitted
>ping: wrote 192.168.1.6 64 chars, ret=-1
>
>--- 192.168.1.6 ping statistics ---
>3 packets transmitted, 0 packets received, 100% packet loss
>#
>
>------- On my laptop:
># ifconfig
>eth0 Link encap:Ethernet HWaddr 00:D0:59:18:02:C2
> inet addr:10.0.0.20 Bcast:10.255.255.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MTU:1500 Metric:1
> RX packets:1944522 errors:0 dropped:0 overruns:0 frame:0
> TX packets:1874197 errors:0 dropped:0 overruns:0 carrier:0
> collisions:91 txqueuelen:100
> Interrupt:5
>
>eth0:1 Link encap:Ethernet HWaddr 00:D0:59:18:02:C2
> inet addr:192.168.1.5 Bcast:192.168.1.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MTU:1500 Metric:1
> Interrupt:5
>
>lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:16192 Metric:1
> RX packets:6266 errors:0 dropped:0 overruns:0 frame:0
> TX packets:6266 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
>
># ping 192.168.1.6
>PING 192.168.1.6 (192.168.1.6): 56 data bytes
>64 bytes from 192.168.1.6: icmp_seq=0 ttl=255 time=1.7 ms
>64 bytes from 192.168.1.6: icmp_seq=1 ttl=255 time=0.1 ms
>64 bytes from 192.168.1.6: icmp_seq=2 ttl=255 time=0.1 ms
>
>--- 192.168.1.6 ping statistics ---
>3 packets transmitted, 3 packets received, 0% packet loss
>round-trip min/avg/max = 0.1/0.6/1.7 ms
>
># ping 192.168.1.1
>PING 192.168.1.1 (192.168.1.1): 56 data bytes
>
>--- 192.168.1.1 ping statistics ---
>5 packets transmitted, 0 packets received, 100% packet loss
>
># ping 10.0.0.1
>PING 10.0.0.1 (10.0.0.1): 56 data bytes
>64 bytes from 10.0.0.1: icmp_seq=0 ttl=255 time=0.4 ms
>64 bytes from 10.0.0.1: icmp_seq=1 ttl=255 time=0.3 ms
>64 bytes from 10.0.0.1: icmp_seq=2 ttl=255 time=0.3 ms
>64 bytes from 10.0.0.1: icmp_seq=3 ttl=255 time=0.3 ms
>
>--- 10.0.0.1 ping statistics ---
>4 packets transmitted, 4 packets received, 0% packet loss
>round-trip min/avg/max = 0.3/0.3/0.4 ms
>
>
>
>--
>To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
>with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>

Get your FREE download of MSN Explorer at http://explorer.msn.com


-- To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org with a
subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to:
Follow-Ups:
- Re: aliasing/routing trouble
  - From: Cory Petkovsek <coryp@petersen-arne.com>
Prev by Date: Redirecting internal hosts on external IP.
Next by Date: Re: aliasing/routing trouble
Previous by thread: Re: aliasing/routing trouble
Next by thread: Re: aliasing/routing trouble
Index(es):
- Date
- Thread