On Jul 1, 2013, at 4:49 PM, Marcus Agehall wrote: > > Hang on a second. Which vmic is 192.168.0.3? vnic3? If so, I think you are in > trouble. > > I'm struggling to make sense of what you are trying to do here. To me, it > seems like you are creating a very complicated network setup for something > that is very straight forward. > > > Let's get back to some basics. Can you ping 192.168.0.1? Can you ping > anything else on your local network? > > I suspect that the ICMP-redirects are screwing you over big time. I'm with > James on this one, DO NOT USE THEM. There are certainly cases where they are > useful, but this does not seem to be one. From what I can tell, you are to do > NAT and port mapping. > > I'd recommend you drop all the ICMP redirects for now - it's probably where > things goes wrong and it's not the right solution for your problem. If you > still insist that you need the redirects, capture a few ping requests with > tcpdump and let us have a look at what is going on. > > //Marcus
192.168.0.3 is the vnic for routert3.vnic0 I can not ping 192.168.0.1 from the OI server. I can get it just fine from the Linux server. Please forgive me, but I don't even know what you are talking about with the ICMP redirects, or how to turn them off. In the routert3 zone's /etc/ipf/ipnat.conf file, I have the following: # /zones/routert3/root/etc/ipf/ipnat.conf # webphp4 rdr routert3.vnic0 192.168.0.3/16 port 80 -> 192.168.3.50 port 80 rdr routert3.vnic0 192.168.0.3/16 port 443 -> 192.168.3.50 port 443 rdr routert3.vnic0 192.168.0.3/16 port 35022 -> 192.168.3.50 port 22 # mysql rdr routert3.vnic0 192.168.0.3/16 port 3306 -> 192.168.3.51 port 3306 # tomcat rdr routert3.vnic0 192.168.0.3/16 port 8080 -> 192.168.3.53 port 8080 rdr routert3.vnic0 192.168.0.3/16 port 8443 -> 192.168.3.53 port 8443 rdr routert3.vnic0 192.168.0.3/16 port 35322 -> 192.168.3.53 port 22 >From what I can tell, this should not be causing any problems. It's been >working fine on our network. In the physical router, I also have a rule that points 192.168.3.0 to 192.168.0.3. Those are the only redirections that I have -- that I know of !!! And from what I can tell, they should not cause the OI box's 192.168.0.4 nic to not even be able to ping 192.168.0.1 -- much less get out onto the internet. I'm not much of a networker -- I've said that before -- but I'm stumped here. So, I'd really appreciate any insight / suggestions... I finally gave up on it for the day about a half hour ago, and came home. I should be able to ssh into it if anyone needs more info from it, or has any suggestions that I can try from here. Unless someone can clue me into something that might get things working again, my plan for tomorrow is to take a fresh OI server there that only has 192.168.0.something, and try it, to see if it can get to the internet. If it can, I'm half-tempted to just use that server, and build everything into the global zone, and not use any non-global zones. Thoughts??? Thank you all, very much, so far... I do greatly appreciate it. fp _______________________________________________ OpenIndiana-discuss mailing list [email protected] http://openindiana.org/mailman/listinfo/openindiana-discuss
