[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Network issue

From: Bradley Alexander <storm@tux.org>
To: Moe Binkerman <moebinkerman@hotmail.com>
CC: debian-user@lists.debian.org
Subject: Re: Network issue
Date: 17 Jun 2003 00:34:26 -0400

On Mon, 2003-06-16 at 22:25, Moe Binkerman wrote:
> what happens if you just do the ifconfig command and then route? When

The same thing. Usually it takes about two network commands before
things start going awry. I tried on one boot to bring eth2 up with no
default gateway, so it would be on standby, then give a route del
default and a route add default gw <yada>. Same indications on the route
command after that, 30+ seconds to get a response, no connection to the
outside world. Tried swapping back by hand and got the same thing. Did
not change until I rebooted.

> networking grinds, I generally suspect a DNS problem or a firewall problem. > I would assume restarting networking would bounce your firewall as well. Are

Yes. Bouncing the firewall rules as well. Identical rulesets except for
the outside interface is eth2 vice eth0.

> both interfaces static or dhcp? Are you changing your DNS servers when you
> tryto swap over?

Both interfaces are static. The comcast one is actually a dhcp address,
but we were using the network information that we got from dhcp. The DNS
servers are universally available ones, like, so they remain the
same. And since we are using IP addresses to try to get out, I don't
think it should be using DNS in the first place.



This might be a dumb question, but are you sure your firewall handles whether the changing the default route from eth1 to eth2 properly? Are you using the ipmasq package to handle NAT?

Depending on what you are testing you might be the cause of several DNS or ident lookups, which could slow down the failure responce. The commands when issued, though execute normally and do not hang right?

Interesting information would be what happens when someone on the net tried to come inward, can they ping your interfaces, can they ssh or http (assuming thats installed on it).

You might try running tcpdump or iptraf (or maybe even ippl, it makes good logs, I've found firewall goofs by looking at ippl's logs) and do a bunch of pings, etc after making the change and see if that gives you any hints.

Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail

Reply to: