From: Bradley Alexander <[EMAIL PROTECTED]> To: Moe Binkerman <[EMAIL PROTECTED]> CC: [EMAIL PROTECTED] Subject: Re: Network issue Date: 17 Jun 2003 00:34:26 -0400
On Mon, 2003-06-16 at 22:25, Moe Binkerman wrote: > what happens if you just do the ifconfig command and then route? When
The same thing. Usually it takes about two network commands before things start going awry. I tried on one boot to bring eth2 up with no default gateway, so it would be on standby, then give a route del default and a route add default gw <yada>. Same indications on the route command after that, 30+ seconds to get a response, no connection to the outside world. Tried swapping back by hand and got the same thing. Did not change until I rebooted.
> networking grinds, I generally suspect a DNS problem or a firewall problem.
> I would assume restarting networking would bounce your firewall as well. Are
Yes. Bouncing the firewall rules as well. Identical rulesets except for the outside interface is eth2 vice eth0.
> both interfaces static or dhcp? Are you changing your DNS servers when you
> tryto swap over?
Both interfaces are static. The comcast one is actually a dhcp address, but we were using the network information that we got from dhcp. The DNS servers are universally available ones, like 4.2.2.2, so they remain the same. And since we are using IP addresses to try to get out, I don't think it should be using DNS in the first place.
Thanks,
-- --Brad
This might be a dumb question, but are you sure your firewall handles whether the changing the default route from eth1 to eth2 properly? Are you using the ipmasq package to handle NAT?
Depending on what you are testing you might be the cause of several DNS or ident lookups, which could slow down the failure responce. The commands when issued, though execute normally and do not hang right?
Interesting information would be what happens when someone on the net tried to come inward, can they ping your interfaces, can they ssh or http (assuming thats installed on it).
You might try running tcpdump or iptraf (or maybe even ippl, it makes good logs, I've found firewall goofs by looking at ippl's logs) and do a bunch of pings, etc after making the change and see if that gives you any hints.
_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
