Re: Network issue
From: Bradley Alexander <email@example.com>
To: Moe Binkerman <firstname.lastname@example.org>
Subject: Re: Network issue
Date: 17 Jun 2003 00:34:26 -0400
On Mon, 2003-06-16 at 22:25, Moe Binkerman wrote:
> what happens if you just do the ifconfig command and then route? When
The same thing. Usually it takes about two network commands before
things start going awry. I tried on one boot to bring eth2 up with no
default gateway, so it would be on standby, then give a route del
default and a route add default gw <yada>. Same indications on the route
command after that, 30+ seconds to get a response, no connection to the
outside world. Tried swapping back by hand and got the same thing. Did
not change until I rebooted.
> networking grinds, I generally suspect a DNS problem or a firewall
> I would assume restarting networking would bounce your firewall as well.
Yes. Bouncing the firewall rules as well. Identical rulesets except for
the outside interface is eth2 vice eth0.
> both interfaces static or dhcp? Are you changing your DNS servers when
> tryto swap over?
Both interfaces are static. The comcast one is actually a dhcp address,
but we were using the network information that we got from dhcp. The DNS
servers are universally available ones, like 184.108.40.206, so they remain the
same. And since we are using IP addresses to try to get out, I don't
think it should be using DNS in the first place.
This might be a dumb question, but are you sure your firewall handles
whether the changing the default route from eth1 to eth2 properly? Are you
using the ipmasq package to handle NAT?
Depending on what you are testing you might be the cause of several DNS or
ident lookups, which could slow down the failure responce. The commands when
issued, though execute normally and do not hang right?
Interesting information would be what happens when someone on the net tried
to come inward, can they ping your interfaces, can they ssh or http
(assuming thats installed on it).
You might try running tcpdump or iptraf (or maybe even ippl, it makes good
logs, I've found firewall goofs by looking at ippl's logs) and do a bunch of
pings, etc after making the change and see if that gives you any hints.
Tired of spam? Get advanced junk mail protection with MSN 8.