Router not working yet

Router not working yet

Post by David Loewe » Sun, 05 Dec 1999 04:00:00



Two cards:
eth0: 3c509 card on dsl to internet - it is working dns, browsing etc.
eth1: ne2000 card up - can ping linux system, run telnet to linux system.

Can't ping to 3c509 card or internet from a system connected to
the ne2000.

System 486 Red Hat 6.1 - 250 Meg HD. I want to build this myself
so I understand a little more.  I've read the docs and I figured this
should work.  Can you help?

Here is how my routing table looks:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
192.168.2.1     *               255.255.255.255 UH    0      0        0 eth1
192.168.2.0     *               255.255.255.0   U     0      0        0 eth1
163.181.212.0   *               255.255.255.0   U     0      0        0 eth0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         edtn012955.hs.t 0.0.0.0         UG    0      0        0 eth0

or (the same thing) with route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
192.168.2.1     0.0.0.0         255.255.255.255 UH    0      0        0 eth1
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
163.181.212.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         163.181.212.1   0.0.0.0         UG    0      0        0 eth0

Thanks
David

 
 
 

Router not working yet

Post by Andrzej Fili » Sun, 05 Dec 1999 04:00:00



> Two cards:
> eth0: 3c509 card on dsl to internet - it is working dns, browsing etc.
> eth1: ne2000 card up - can ping linux system, run telnet to linux system.

> Can't ping to 3c509 card or internet from a system connected to
> the ne2000.

> System 486 Red Hat 6.1 - 250 Meg HD. I want to build this myself
> so I understand a little more.  I've read the docs and I figured this
> should work.  Can you help?

> Here is how my routing table looks:

> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 192.168.2.1     *               255.255.255.255 UH    0      0        0 eth1
> 192.168.2.0     *               255.255.255.0   U     0      0        0 eth1
> 163.181.212.0   *               255.255.255.0   U     0      0        0 eth0
> 127.0.0.0       *               255.0.0.0       U     0      0        0 lo
> default         edtn012955.hs.t 0.0.0.0         UG    0      0        0 eth0

> or (the same thing) with route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 192.168.2.1     0.0.0.0         255.255.255.255 UH    0      0        0 eth1
> 192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
> 163.181.212.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
> 0.0.0.0         163.181.212.1   0.0.0.0         UG    0      0        0 eth0

> Thanks
> David

Your problem may be related to the fact that default RH
configuration FORBIDS it to act like a router (according
to the relevant RFC).
But of course it can be changed - I think somewhere in the
net config in control-panel (X application).
It is a very good idea to setup linux kernel firewall before
connecting to internet. There is a firewall HOWTO (I think).

--
Andrzej (Andrew) A. Filip - Warsaw, Poland
http://bigfoot.com/~anfi | fax2mail: +1(801)327-6278
Postings: http://deja.com/profile.xp?author=Andrzej%20Filip


  http://www.impaq.com.pl | http://www.impaq.ch

 
 
 

Router not working yet

Post by Tom East » Sun, 05 Dec 1999 04:00:00



>Two cards:
>eth0: 3c509 card on dsl to internet - it is working dns, browsing etc.
>eth1: ne2000 card up - can ping linux system, run telnet to linux system.

>Can't ping to 3c509 card or internet from a system connected to
>the ne2000.

>System 486 Red Hat 6.1 - 250 Meg HD. I want to build this myself
>so I understand a little more.  I've read the docs and I figured this
>should work.  Can you help?

>Here is how my routing table looks:

>Kernel IP routing table
>Destination     Gateway         Genmask         Flags Metric Ref    Use
>Iface
>192.168.2.1     *               255.255.255.255 UH    0      0        0 eth1
>192.168.2.0     *               255.255.255.0   U     0      0        0 eth1
>163.181.212.0   *               255.255.255.0   U     0      0        0 eth0
>127.0.0.0       *               255.0.0.0       U     0      0        0 lo
>default         edtn012955.hs.t 0.0.0.0         UG    0      0        0 eth0

>or (the same thing) with route -n
>Kernel IP routing table
>Destination     Gateway         Genmask         Flags Metric Ref    Use
>Iface
>192.168.2.1     0.0.0.0         255.255.255.255 UH    0      0        0 eth1
>192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
>163.181.212.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
>127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
>0.0.0.0         163.181.212.1   0.0.0.0         UG    0      0        0 eth0

You've made a good start but there are just a couple of other things that
you need to do:

a) I assume that you have a second system connected to the ne2k card
   through a hub or crossover cable. On that system, you need to set the
   default gateway to the address of the ne2k card.

b) On your 486, you need to enable IP forwarding and IP masquerading:

   echo 1 > /proc/sys/net/ipv4/ip_forward
   ipchains -P forward DENY
   ipchains -A forward -i -s 192.168.2.0/24 -j MASQ

You can add these commands to your rc.local file so that they get
executed each time that you boot.

-Tom
--
Tom Eastep               \    Opinions expressed here

Shoreline, Washington USA  \    those of my employer

 
 
 

Router not working yet

Post by David Loewe » Wed, 08 Dec 1999 04:00:00


Tom, you were right on both counts. I won't go into why I didn't enter the
default gateway, I just knocked my head against the wall a few times.  As
for ipchains - I was under the impression from the firewall HOWTO that I did
not need to use this to get routing to work.  I found I had to leave the
"-i"  off the command to make the second command to work:
    ipchains -A forward -s 192.168.2.0/24 -j MASQ

Thanks again,
David


>You've made a good start but there are just a couple of other things that
>you need to do:

>a) I assume that you have a second system connected to the ne2k card
>   through a hub or crossover cable. On that system, you need to set the
>   default gateway to the address of the ne2k card.

>b) On your 486, you need to enable IP forwarding and IP masquerading:

>   echo 1 > /proc/sys/net/ipv4/ip_forward
>   ipchains -P forward DENY
>   ipchains -A forward -i -s 192.168.2.0/24 -j MASQ

>You can add these commands to your rc.local file so that they get
>executed each time that you boot.

>-Tom

---------------------
A little boy - a friend of my 6 year old boy - got a bad case of
Meningococcemia.
He lost his arms and legs.  If you are interested the newspaper story from
the Edmonton Journal is located at http://161.184.222.147
 
 
 

Router not working yet

Post by joda » Wed, 08 Dec 1999 04:00:00


Hi ;
Ive got an equal problem :
My SuSE Linux 6.2 has two Lan Cards: - SMC WD8013 (BNC)
                                                              - Realtek 8139A
(TP)
From Linux you can Ping both Lines ; But from one Line (TP ; 192.168.1.x) you
can't see the other Line (BNC ; 192.168.2.x) . IP-forwarding is enabled.
You get a idea to help ?????????????

Andree

David Loewen schrieb:

> Tom, you were right on both counts. I won't go into why I didn't enter the
> default gateway, I just knocked my head against the wall a few times.  As
> for ipchains - I was under the impression from the firewall HOWTO that I did
> not need to use this to get routing to work.  I found I had to leave the
> "-i"  off the command to make the second command to work:
>     ipchains -A forward -s 192.168.2.0/24 -j MASQ

> Thanks again,
> David


> >You've made a good start but there are just a couple of other things that
> >you need to do:

> >a) I assume that you have a second system connected to the ne2k card
> >   through a hub or crossover cable. On that system, you need to set the
> >   default gateway to the address of the ne2k card.

> >b) On your 486, you need to enable IP forwarding and IP masquerading:

> >   echo 1 > /proc/sys/net/ipv4/ip_forward
> >   ipchains -P forward DENY
> >   ipchains -A forward -i -s 192.168.2.0/24 -j MASQ

> >You can add these commands to your rc.local file so that they get
> >executed each time that you boot.

> >-Tom

> ---------------------
> A little boy - a friend of my 6 year old boy - got a bad case of
> Meningococcemia.
> He lost his arms and legs.  If you are interested the newspaper story from
> the Edmonton Journal is located at http://161.184.222.147

 
 
 

1. Directory Server LDAP/LDIF import - working yet not working???

We currently have NIS and are looking to get rid of NIS completely in
favor of LDAP.  We don't want N2L; we want NIS to go away completely.

I installed DS 5.2 (or whichever version is on Sun's web site) on a test
server. I then generated LDIF files from the /etc files on our NIS
master using the migrate_passwd.pl tool from padl.com (after modifying
their common source with the correct domain information, of course).

Since ou=People already existed for our domain after the install, I
transferred the LDIF file to the console and performed a successful
import - or what *appeared* to be a successful import.

It imported all of the users without any rejected records.  When I
select the People subsuffix for our domain in the console under the
Directory tab, I do indeed see all of the users from the import in the
frame on the right.  If I double-click on any user, their Posix
information is there.  So, it did import the data.

But there are a few things that are very disturbing.

1.  Each of the imported users has a blue dot icon.  In the example data
(cn=example,cn=com), each user has a small person icon next to them.
This tells me that the system didn't really accept the imported data as
users.

2.  None of the entries can be searched.  Even when I do an advanced
search, the DN matches the base, but even when I specify "uid contains
{specific user ID}" it never comes up with any results.

3.  When I double-click on any user, it brings up the Generic Editor
whereas when I double-click on one of the example users I get the much
easier-to-read Edit User window.

So, it's like the data is there but yet not recognied as "People".

Sadly, I have to confess that I was thrust into our current situation
due to the I.T. hell that we all know as Sarbanes-Oxley with only a
10,000-foot understanding of LDAP.  Thanks to SOX this is a critical
project that must be configured, tested, and deployed by year's end.
Fortunately, we're not doing anything more at this point than get user
authentication to LDAP.  We'll leave the fancier things for later on
where there are no pressure and time constraints.

Unfortunately, most of Sun's documentation seems to make the somewhat
arrogant assumption that all NIS -> LDAP transitions are going to always
involve keeping NIS compatibility mode via N2L.  That's not the case
here.  This is to be nothing more than importing /etc/passwd (and
shadow) and /etc/group information into LDAP followed by the elimination
of NIS.

As for why we're going to use DS 5.2 instead of what's built into
Solaris, we prefer to have a three-way multi-master configuration with
two in our home office (for redundancy) and one in a remote office so
that users in that office don't have to hit the WAN.  Unfortunately, the
DS that's included with Solaris only offers two-way multi-mastering.

I already downloaded the various LDAP BluePrints and Directory Server
manuals, but I could not find anything to resolve this.  I'm not saying
that the information is not there; I'm just saying that I couldn't find
it, but I'll keep looking anyway.

Any assistance will be immensely appreciated.

2. ncsize on large Solaris 2.6 systems

3. Ftape works...Not yet

4. HOWTO for firewalls

5. NTFS/HPFS install bug not fixed yet...updated install disks still don't work:-(

6. Problem with Linux 2.6.4 DSL Gateway using Iptables and Shorewall

7. Flashpath for Linux, not working yet

8. Problems with accents and umlauts

9. New motherboard... not a lot works yet :-)

10. UDMA/66 not working...yet

11. BIND/NAMED - Not working yet

12. linux-2.5.6 scsi DMA mapping and compilation fixes (not yet working)

13. windows napster client does not work with linux router - help !!!