Network Errors in RH 7.2 500 marks

Posted on 2002-04-23
Medium Priority
Last Modified: 2013-12-15
I have got installed a RH 7.2 system with 2 NICs , one is 1.x network and other is 2.x network. the 1.x network is connected to the outside world. and working fine except the following issues

1. there are lot of errors on the second interface but not on the first interface.

2. i couldnt able to ping any external IPs except the 1.x NIC which is connected locally. i have enabled IP forwarding using the /etc/sysctl.conf file.

any suggestions on this !!

Thanks in Advance
Question by:nets
  • 5
  • 3
LVL 40

Expert Comment

ID: 6964420
Is the second NIC a 10/100 card and does it connect to a 10/100 hub or switch? It's possible that the NIC isn't auto-negotiating the correct link speed and mode if the answer to those two questions is yes, which will lead to lots of errors. You could also have a bad cable, NIC or hub/switch port. Most of the time a link speed/mode problem can be solved by forcing one or both ends of the link to the appropraiet mode. How that gets done depends on what hardware is involved.

I'm guessing that question 2 means that you pould ping the IP of the first NIC from a host connected to the network attached to the second nic, but not beyond. Most likely that is because the next router upstream from the first NIC hasn't been told that the "2.x" network is reachable via the IP of the first NIC. Obviously I don't know what that router is, but someone will have to create a static route for the hosts in the "2.x" network to be able to talk to anything on the "1.x" network or further out.

Author Comment

ID: 6964445
Thnx for ur Suggestions Jlevie! i found the NIC is the problem for the first Issue. Regarding the second let me tell u something more about the setup.

         -------  1.232 ---------- 2.35    -------
         - 1.X -________-  Linux  -________- 2.x -
         -     -        -    Box  -        -     -
         -------        ----------         -------

a, 1.232 is eth0 of linux box
b, 2.35 is eth1 of linux box
c, i have connected one client machine on each network (1.x and 2.x), and from 2.x i can ping 1.232 also from 1.x i can ping 2.35. but nothing more than that point on either side.

i got a cisco 2500 series router on the 1.x network which connects to outseide world.

now do i have to add route in the linux box ?
FYI i have added one route like this on eth1( 2.x) interface.

route add -net  netmask gw

anything else to be needed for this thing to work?

Also i had enabled ip_forwarding

Thanks and Regards

Author Comment

ID: 6964454

=======              ======== 2.35         =======    
@ 1.x @______________@ Linux @_____________@ 2.x @
@     @        1.232 @  Box  @             @     @
=======              ========              =======

a better picture...Sorry in not good at drawing ...
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.


Author Comment

ID: 6964462
Some better this would be..
1.x <----> 1.232 (Linux Box IPs) 2.35 <----> 2.x
LVL 40

Expert Comment

ID: 6964522
First of all it's important to reliaze that all nodes on a given network are always reachable by each other without routing. So, the Linux box can reach any node on the network because it's first NIC is directly connected to that network. And the Linux box can reach any node on the network because it is attached to the second NIC. In a like manner the router can see all of the nodes on the 1.0 network because it has an interface on that network.

Since IP Forwarding is enabled on the Linux box, it knows to forward a packet from the 2.x network that is destined to the 1.x network. It also has a default route pointing to the Cisco router so it also knows that packets destined for outside of the local lan need to be forwarded to the Cisco. Consider what happens when a node on the 2.x net sends something out to the Internet. Assuming the client has the correct default gateway set, namely 2.35, the packet will go to the Linux box which will forward it to the Cisco. All okay so far.

Now think about the return packet from the Internet. It gets to the Cisco and there's a problem. The router knows where the 1.x network is but it doesn't know where the 2.x network is. That's where the static route comes into play. The Cisco must have a static route that says that the 2.x network can be reached by sending packets destined for the 2.x network to 1.232. By the logic above, Linux, once it receives the packet forwarded by the router knows where the 2.x network is an it'll send the packet out its second NIC

Oh yes, since you are using an RFC 1918 private address scheme on you local network the Cisco also has to be told that both the and networks need to be NAT'd onto your outside IP address space.

Author Comment

ID: 6964530
thnx for the reply, but my concerns are

1. i cant able to ping from any of nodes in 2.x to any other hosts in 1.x, but i can ping 1.232 from any host in 2.x

2. the same thing happenes for the 1.x also. ie i can ping 2.35 from any host iin 1.x network and not anyother hosts in 2.x

as im going to use this setup internally i dont want the cisco to come into picture.

all i need is to access the hosts in both networks from both 1.x and 2.x networks using ip address.

once again thnx from the reply.
LVL 15

Expert Comment

ID: 6964558
just listening :)
LVL 40

Accepted Solution

jlevie earned 2000 total points
ID: 6964580
Okay, with respect to (1). You can't ping any of the 2.x nodes from the 1.x network because all of those nodes (except the Linux box) believe that the 2.x network must be reached by their default route. So the packets go to the Cisco which doesn't know where the 2.x network is either and won't until you configure a static route on it. So the Cisco assumes that the 2.x nodes must be out on the Internet somewhere...

I think part (2) was meant to be that you can ping 2.35 from the nodes in the 2.x network but can't ping the nodes in the 1.x network. It's the same situation as part (1). A packet from 2.x will pass through the Linux router and out the first NIC to the node in the 1.x network. That node in turn will send thr reply to the Cisco because that's where the default route points to. And the Cisco, well you ought to know the tale by now.

If all you want is for the hosts in the 1.x and 2.x to be able to talk to each other and that the nodes in the 2.x network will never need to access the Internet or any of it's resources (like DNS) you can do that without changing the configuration of the Cisco. It's a lot more work as you'll see.

You'll have to go to each of the nodes other than the linux box and configure a static route that says that the 2.x network is reachable via the gateway at 1.232. Well behaved systems like Unix or Linux can be set up so that the route is automatically set at boot. On windows boxes the only way I know to configure a static route is to login and use the DOS route command. You can try fiddling with autoexec.bat on 95 or 98, but the route will have to be set up at each boot.

The simplest solution is to add the static route to the Cisco.

Author Comment

ID: 6966692
thnx for u suggestions on this issue, i could able to sort out the problem. i would like to keep in touch with you. my eamil ID is sakthish@yahoo.com would like to know urs.

bye...u deserve these points fully cheers!!!

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month15 days, 23 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question