Solved

IP aliases appear rejected by ADSL modem

Posted on 2000-03-08
5
226 Views
Last Modified: 2010-03-18
My Redhat 6.1 (2.2.13 kernel) system is configured as a firewall and has several IP aliases on the public side.  IP MASQ via ipchains works fine: I can reach everywhere from the private side of the firewall.  My ISP is providing 8 static IP addresses.

The problem is that only one public IP (whichever one is assigned to the firewall as its primary IP address) gets to the Internet most of the time.  The remaining 7 addresses are invisible from the Internet although I can ping them reliably from the private side of the firewall and from the firewall machine itself.

The ADSL modem is an Alcatel "Home" model with forwarding enabled.  Its IP address is 10.0.0.138.  When I ping it with a version of ping that allows me to set the source IP address, it responds only to the primary IP address most of the time.  What is really confusing is that at one point I could ping with the entire range of 8 addresses and it would respond to all of them.  

The question is, why doesn't it do that all the time and how can I encourage it to do so reliably?
0
Comment
Question by:sanantonio030800
  • 2
  • 2
5 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2598361
I need a bit more information, what are the 8 static addresses (probably a netblock of 8, I'd imagine).
0
 

Author Comment

by:sanantonio030800
ID: 2598942
The 8 static addresses are a block of 8 with netmask 255.255.255.0: xxx.xxx.xxx.208-215.  Thanks.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2599001
Close, I have to have the actual IP's to try a traceroute to them. If you don't want them to be visible in a public forum, email them to jlevie@bellsouth.net.

FYI, the netmask has to be 255.255.255.252 for a netblock of 8.
0
 

Accepted Solution

by:
sanantonio030800 earned 100 total points
ID: 2777051
I found the solution.  

The problem was that there were three networks involved,
(192.168.2.0/24 and xxx.xxx.xxx.0/255) but only the ADSL modem was on the third network (10.0.0.0/8).  When the ADSL modem would send out arp packets asking for the ethernet address of the various alias IPs, the machine would not answer because it was not configured to listen to or talk to the 10.0.0.0/8 network.

The solution was to add another aliased IP for the machine, this one on the 10.0.0.0/8 network (e.g., 10.0.0.1).  When that was done, tcpdump showed that arp packets were being received and answered.

The request for more information that would allow traceroute to be used was not pertinent because traceroute would show (and did show) that packets got to the upstream router and no further.  I should have mentioned that in the original posting.  The netmask I use was assigned by the ISP.  jlivie is correct that it should not be 255.255.255.0, but I figure it's OK as long as I don't need to reach anyone else in the same subnet!

The reason that the 8 addresses used to work and stopped working is that I had set up the 10.0.0.1 alias previously thinking it might be good for something, but I didn't make the connection between that and the sudden proper functioning of the aliases.  I didn't put the change in the boot-up files, and when the machine got rebooted that alias was not recreated.  That's when the problem reappeared.

I have powercycled the machine several times since making the 10.0.0.1 alias permanent several weeks ago, sometimes after a power outage lasting 12 hours, and all the aliases have always worked.  So I think that this is the solution to the problem.
0
 
LVL 3

Expert Comment

by:darinw
ID: 2779227
Hello everyone,

I am moving this question to the PAQ.

-- I am accepting one of sanantonio's comments as an answer --

darinw
Customer Service
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now