Upgrade bo=>hamm: problems with networking...
I've upgraded my Internet-gateway machine to Debian 2.0beta recently
(after not having had any trouble with upgrading to other machines). But
now, I am at a loss, and I can't find out, what broke the network
gatewaying... Obviously, there must have been a slight change in at least
one of the components, but I guess this can be fixed by change of
configuration somewhere, so before I restore the machine to version 1.3
again, I'd rather wait so maybe someone might have the correct idea on how
to fix this... :)
What I do know is, it's not caused by the kernel, as the kernel hasn't
been changed (I am using a selfcompiled 2.1.108 kernel, which is still
The situation is as follows:
=> The upgraded machine has got two ethernet interfaces, one leading to
the "internal" network (eth0) and one leading to the modem (eth1). I
have a 64 address subnet, of which a 32 address subnet is assigned to
eth0 and the other 32 addresses are assigned to eth1.
=> The upgraded machine uses a 2.1.108 kernel with
Aliasing/Gatewaying/Firewalling functions enabled.
=> The old configuration was, that the gateway machine had its default
route set to eth1 using the modem as the gateway to the outside world.
At the same time, an arp entry on eth1 made the whole 32 address
subnet of eth0 appear to be on eth1. ipfwadm I/F/O defaults were set
to accept, and there were no local rules (yet).
The machines on eth0 used the gateway machine is their default
=> This setup used to work with bo until I upgraded to hamm....
The symptoms now are as follows:
Traffic from eth0 does get relayed to the outside.
Traffic from outside does reach the gateway machine, once the arp
entry is in place, but the internal addresses do not get gatewayed
through the machine, i.e. if I ping an outside address from a machine
on eth0 (while running two tcpdumps on the gateway machine, one for
each interface), the I get "icmp echo requests" going from the
internal machine to the gateway (via eth0), on eth1 I see "icmp
echo requests" departing and "icmp echo replies" coming back.
But then, I don't see the "icmp echo replies" appear on eth0...
ipfwadm default rules are accept, no additional rules are set...
ULTIMATUM, n. In diplomacy, a last demand before resorting to concessions.
[Ambrose Bierce, "The Devil's Dictionary"]
Unsubscribe? mail -s unsubscribe email@example.com < /dev/null