Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

IP aliases appear rejected by ADSL modem

Posted on 2000-03-08
5
232 Views
Last Modified: 2010-03-18
My Redhat 6.1 (2.2.13 kernel) system is configured as a firewall and has several IP aliases on the public side.  IP MASQ via ipchains works fine: I can reach everywhere from the private side of the firewall.  My ISP is providing 8 static IP addresses.

The problem is that only one public IP (whichever one is assigned to the firewall as its primary IP address) gets to the Internet most of the time.  The remaining 7 addresses are invisible from the Internet although I can ping them reliably from the private side of the firewall and from the firewall machine itself.

The ADSL modem is an Alcatel "Home" model with forwarding enabled.  Its IP address is 10.0.0.138.  When I ping it with a version of ping that allows me to set the source IP address, it responds only to the primary IP address most of the time.  What is really confusing is that at one point I could ping with the entire range of 8 addresses and it would respond to all of them.  

The question is, why doesn't it do that all the time and how can I encourage it to do so reliably?
0
Comment
Question by:sanantonio030800
  • 2
  • 2
5 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2598361
I need a bit more information, what are the 8 static addresses (probably a netblock of 8, I'd imagine).
0
 

Author Comment

by:sanantonio030800
ID: 2598942
The 8 static addresses are a block of 8 with netmask 255.255.255.0: xxx.xxx.xxx.208-215.  Thanks.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2599001
Close, I have to have the actual IP's to try a traceroute to them. If you don't want them to be visible in a public forum, email them to jlevie@bellsouth.net.

FYI, the netmask has to be 255.255.255.252 for a netblock of 8.
0
 

Accepted Solution

by:
sanantonio030800 earned 100 total points
ID: 2777051
I found the solution.  

The problem was that there were three networks involved,
(192.168.2.0/24 and xxx.xxx.xxx.0/255) but only the ADSL modem was on the third network (10.0.0.0/8).  When the ADSL modem would send out arp packets asking for the ethernet address of the various alias IPs, the machine would not answer because it was not configured to listen to or talk to the 10.0.0.0/8 network.

The solution was to add another aliased IP for the machine, this one on the 10.0.0.0/8 network (e.g., 10.0.0.1).  When that was done, tcpdump showed that arp packets were being received and answered.

The request for more information that would allow traceroute to be used was not pertinent because traceroute would show (and did show) that packets got to the upstream router and no further.  I should have mentioned that in the original posting.  The netmask I use was assigned by the ISP.  jlivie is correct that it should not be 255.255.255.0, but I figure it's OK as long as I don't need to reach anyone else in the same subnet!

The reason that the 8 addresses used to work and stopped working is that I had set up the 10.0.0.1 alias previously thinking it might be good for something, but I didn't make the connection between that and the sudden proper functioning of the aliases.  I didn't put the change in the boot-up files, and when the machine got rebooted that alias was not recreated.  That's when the problem reappeared.

I have powercycled the machine several times since making the 10.0.0.1 alias permanent several weeks ago, sometimes after a power outage lasting 12 hours, and all the aliases have always worked.  So I think that this is the solution to the problem.
0
 
LVL 3

Expert Comment

by:darinw
ID: 2779227
Hello everyone,

I am moving this question to the PAQ.

-- I am accepting one of sanantonio's comments as an answer --

darinw
Customer Service
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question