Solved

Dial-up & LAN difficulties

Posted on 2000-03-21
18
433 Views
Last Modified: 2010-03-18
I have a RHAT 6.0 machine that I have configured and running on a LAN environment. When our corporate web proxy server fails I would like to be able to dial out on this machine and download, surf, etc. I've currently got the machine setup to dial out using linuxconf.

I can dial out to my ISP but then I can't reach anything. My DNS server isn't available & I'm having problems hitting my route I believe.

My resolv.conf file is currently setup to work with my LAN environment. I've manually changed this after dialed in but that doesn't seem to have an effect.

I've got a couple of output dumps from the route command.

<LAN only>
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
204.53.183.30   *               255.255.255.255 UH    0      0        0 eth0
192.168.6.0     *               255.255.255.0   U     0      0        0 vmnet1
204.53.176.0    *               255.255.248.0   U     0      0        0 eth0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         default         0.0.0.0         UG    0      0        0 eth0

<LAN & Dialed into ISP>
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
204.53.183.30   *               255.255.255.255 UH    0      0        0 eth0
167.142.225.78  *               255.255.255.255 UH    0      0        0 ppp0
192.168.6.0     *               255.255.255.0   U     0      0        0 vmnet1
204.53.176.0    *               255.255.248.0   U     0      0        0 eth0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         167.142.225.78  0.0.0.0         UG    0      0        0 ppp0
default         default         0.0.0.0         UG    0      0        0 eth0

My question is how is the best way to set this up so I'm not changing the resolv.conf. When I dial-in I definately want to use the ISP route and not anything on my LAN.

I'd like to get this working and have no problem upgrading the amount of points if I can get this working.

Thanks!




0
Comment
Question by:cd02154
18 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2640699
Why don't you just use kppp and let it handle the nameserver change for you. It can change the nameserver to the ISP's when it connects and change it back when it disconnects.
0
 

Expert Comment

by:jkline73
ID: 2642717
write a script that will update resolv.conf when dial-ed up and changes it back when discoed
0
 

Author Comment

by:cd02154
ID: 2642885
I've heard that kppp gives me the functionality of changing the dns nameservers. I also have kppp setup and can dial out and connect to my ISP. Odd, though I still can't see anything or resolve anything. I'm wondering if my default route looks OK?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2642988
Kppp can "adjust" the nameservers and the gateway, it's an option on the DNS & Gateway tabs in the "Account" setup. To see what it going to do, go to "Setup", select the account in the "Account Setup" window and "Edit..." At least on my RedHat 6.1 laptop it seems to do the right thing if it tell it to set the gateway and default route. I see /etc/resolv.conf change to my ISP's nameserver, and my default route to my home network router disappears and a new default appears that points out the ppp0 device (and what's even neater is that when I disconnect the previous settings are restored).

Make sure kppp is supposed to set the nameserver & default route. Then dial up and see if /etc/resolv.conf changes like it's supposed to and check the routes with "netstat -rn"

0
 
LVL 10

Expert Comment

by:rbr
ID: 2643530
Is your linux box available to go to the internet via PPP?

If yes which masquerading options are you using since 192.168.6.x will not be routed to the internet.
0
 
LVL 2

Expert Comment

by:mapc
ID: 2644214
Once, I'd this setup:
simple script which placed the call,
it used pppd and chat.
then, it checked if the connection was established, and then replaced /etc/resolv.conf

The other script which was used to bring down the connection restored the /etc/resolv.conf

Other than that, I then used ml.org and it updated the ml.org and /etc/hosts as well.

It was stupid simple and suprisenly efficient.
0
 
LVL 1

Accepted Solution

by:
fbjean earned 300 total points
ID: 2645800
This may not be the only problem you have but you definitively have a problem with your default route.

You can`t have two default route. The eth0 default route really don`t need to be there, the ppp will never work with it.

You could try to modify the /etc/sysconfig/network file and replace the eth0 with ppp0 or be sure to check the "assign the default route to this gateway" box when configuring the KPPP.

Or try to type: route del default eth0 <enter>
                      route add default ppp0 <enter>
and now try your isp connection.

If you need more info , go to
www.linuxdoc.org/HOWTO/PPP-HOWTO.html

With these HOWTO i was able to debug my isp connection

good luck
0
 
LVL 1

Expert Comment

by:Sokka
ID: 2646218
Your problem is when u dial and connected to ISP then automatically u must user ppp not etho :-

1. go to ip-up file and remove the default entry of eth0 and add the default entry as ppp0

2. In ip-down file veceversa

3. U must not have two default route

When u get the connection automatically default route of local network will be removed and ppp0 connnection is established and vice versa in the othercase
0
 

Expert Comment

by:xkid032500
ID: 2656476
this is realy easy.
you need two files of resolv.conf , one in /etc and one in /etc/ppp .
the one in /etc is for you local dns and the one in /etc/ppp for your isp's dns .
when you connect, pppd simply checkes if there's a /etc/ppp/resolv.conf file, if so it uses it, if it dosent exist , it uses /etc/resolv.conf .
by default , you don't have the /etc/ppp/resolv.conf so when you connect ti your isp linux uses your local dns.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:cd02154
ID: 2662849
Ok,

I've configured kppp which seems to work rather well with the resolv.conf file. I feel this part is working correctly as when I dial-in I can cat the resolv.conf file and see the updates that have been made. Also, if I do an nslookup I connect to my ISPs nameserver. I can also do nslookups against machines on the web and get answers back. As far as telnet, ftp, or web browsing I still can't access anything. I believe that I'm still having some sort of route problems. I have kppp setup to set the gateway and default route. I've tried the suggested answer by fbjean on removing the default ethernet route and adding a default ppp route. This didn't seem to have an effect, I used the suggested syntax of the route commands. I'm still going through the PPP Howto document. I noticed that my problem seems to match closest with section 18.4 (default route not set). Our LAN does use a default gateway which I set when I configured my ethernet card. My location also uses NIS which I don't think should be an issue, but you never know. My nsswitch.conf file resolves hosts as follows: files, NIS, dns.
0
 

Author Comment

by:cd02154
ID: 2662861
I also have nscd running which I'm not sure if that could be a problem. I'm trying to find out a little bit more about the name server caching daemon. I will probably suspend this and see if it makes a difference.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2664093
If you aren't getting a correct route set, then the nameserver lookups can't be going to the nameserver that kppp sets up (nslookup would have to use that route also). They are being resolved from the local nameserver or from nscd's cache. Try dialing up, then running "netstat -rn" and posting what it says.
0
 

Author Comment

by:cd02154
ID: 2665363
This is the output from netstat -rn after I'm connected to my ISP with kppp.

Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
204.53.183.30   0.0.0.0         255.255.255.255 UH        0 0          0 eth0
167.142.225.78  0.0.0.0         255.255.255.255 UH        0 0          0 ppp0
192.168.6.0     0.0.0.0         255.255.255.0   U         0 0          0 vmnet1
204.53.176.0    0.0.0.0         255.255.248.0   U         0 0          0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0 lo
0.0.0.0         167.142.225.78  0.0.0.0         UG        0 0          0 ppp0
0.0.0.0         204.53.183.254  0.0.0.0         UG        0 0          0 eth0

0
 
LVL 40

Expert Comment

by:jlevie
ID: 2668007
Yep, there are two default routes. The last two lines are both defaults. If after you dial up, you do (as root) "route delete default gw 204.53.183.254", I think you'll find that you can "touch internet hosts". You'll have to add the route back in after you disconnect (or reboot). the command to add the route back is "route add default gw 204.53.183.254".

Oh cool, somebody else has discovered the virtues of VMware (I can see the bridge network in your netstat). Did you know that you can set it up to have an IP on your local network (204.53.183.0 by the looks of things)?
0
 

Author Comment

by:cd02154
ID: 2670858
Adjusted points from 200 to 300
0
 

Author Comment

by:cd02154
ID: 2670859
I will bump the points up for you sticking with me.
0
 

Author Comment

by:cd02154
ID: 2670888
fbjean,

Thanks for sticking with me. I did what you suggested and it sort of worked. What I found out was that I also needed to stop the nscd dameon as well. Once I changed the route all I could do is do nslookups, I could access websites by ip address only. Knowing this, I turned off nscd and everything appears to work. I'll take a look and see if there is any additional setup that needs to go into that daemon. I probably don't need to be running it at all.

Yes, I'm running VMWare 1.0 and am waiting to get time enough to install version 2.0. I love this product! I currently have a NT 4.0 virtual disk running DHCP against our network. Works great with no problems. I'd also like to do a raw disk configuration of NT to see how much the performance increases.

Thanks alot!
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2670939
Nscd would be a problem because it will have local nameservers cached. Since as far as it knows, those nameservers still exist it will keep trying to use them. I don't have nscd installed on my laptop, so I can't check, but you ought to be able to invalidate the hosts cache after dialup and route change (on a Solaris box it would be nscd -i hosts). Another possibility would be to disable just the hosts cache during dialup (nscd -e hosts,no) and re-enable it later (nscd -e hosts,yes).

The idea behind using nscd is that the recently used data will come from cache rather than from remote sources that might be slow. It's not strictly necessary to have it at all, but it can imporve performance when dealing with a slow speed link or busy nameservers.

I haven't yet gotten an upgrade to 2.0, but the beta worked really well. While I could get a speed improvment by going to a raw disk, I really like the ability to just have windows encapsulated in a file that I can backup, or copy to/from another system.

Re: routes, I think you could modify the ppp up/down scripts to delete & re-install the routes.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now