nets
asked on
Network Errors in RH 7.2 500 marks
I have got installed a RH 7.2 system with 2 NICs , one is 1.x network and other is 2.x network. the 1.x network is connected to the outside world. and working fine except the following issues
1. there are lot of errors on the second interface but not on the first interface.
2. i couldnt able to ping any external IPs except the 1.x NIC which is connected locally. i have enabled IP forwarding using the /etc/sysctl.conf file.
any suggestions on this !!
Thanks in Advance
1. there are lot of errors on the second interface but not on the first interface.
2. i couldnt able to ping any external IPs except the 1.x NIC which is connected locally. i have enabled IP forwarding using the /etc/sysctl.conf file.
any suggestions on this !!
Thanks in Advance
ASKER
Thnx for ur Suggestions Jlevie! i found the NIC is the problem for the first Issue. Regarding the second let me tell u something more about the setup.
------- 1.232 ---------- 2.35 -------
- 1.X -________- Linux -________- 2.x -
- - - Box - - -
------- ---------- -------
a, 1.232 is eth0 of linux box
b, 2.35 is eth1 of linux box
c, i have connected one client machine on each network (1.x and 2.x), and from 2.x i can ping 1.232 also from 1.x i can ping 2.35. but nothing more than that point on either side.
i got a cisco 2500 series router on the 1.x network which connects to outseide world.
now do i have to add route in the linux box ?
FYI i have added one route like this on eth1( 2.x) interface.
route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.1.232
anything else to be needed for this thing to work?
Also i had enabled ip_forwarding
Thanks and Regards
Sakthish
------- 1.232 ---------- 2.35 -------
- 1.X -________- Linux -________- 2.x -
- - - Box - - -
------- ---------- -------
a, 1.232 is eth0 of linux box
b, 2.35 is eth1 of linux box
c, i have connected one client machine on each network (1.x and 2.x), and from 2.x i can ping 1.232 also from 1.x i can ping 2.35. but nothing more than that point on either side.
i got a cisco 2500 series router on the 1.x network which connects to outseide world.
now do i have to add route in the linux box ?
FYI i have added one route like this on eth1( 2.x) interface.
route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.1.232
anything else to be needed for this thing to work?
Also i had enabled ip_forwarding
Thanks and Regards
Sakthish
ASKER
======= ======== 2.35 =======
@ 1.x @______________@ Linux @_____________@ 2.x @
@ @ 1.232 @ Box @ @ @
======= ======== =======
a better picture...Sorry in not good at drawing ...
ASKER
Some better this would be..
1.x <----> 1.232 (Linux Box IPs) 2.35 <----> 2.x
1.x <----> 1.232 (Linux Box IPs) 2.35 <----> 2.x
First of all it's important to reliaze that all nodes on a given network are always reachable by each other without routing. So, the Linux box can reach any node on the 192.168.1.0/24 network because it's first NIC is directly connected to that network. And the Linux box can reach any node on the 192.168.2.0/24 network because it is attached to the second NIC. In a like manner the router can see all of the nodes on the 1.0 network because it has an interface on that network.
Since IP Forwarding is enabled on the Linux box, it knows to forward a packet from the 2.x network that is destined to the 1.x network. It also has a default route pointing to the Cisco router so it also knows that packets destined for outside of the local lan need to be forwarded to the Cisco. Consider what happens when a node on the 2.x net sends something out to the Internet. Assuming the client has the correct default gateway set, namely 2.35, the packet will go to the Linux box which will forward it to the Cisco. All okay so far.
Now think about the return packet from the Internet. It gets to the Cisco and there's a problem. The router knows where the 1.x network is but it doesn't know where the 2.x network is. That's where the static route comes into play. The Cisco must have a static route that says that the 2.x network can be reached by sending packets destined for the 2.x network to 1.232. By the logic above, Linux, once it receives the packet forwarded by the router knows where the 2.x network is an it'll send the packet out its second NIC
Oh yes, since you are using an RFC 1918 private address scheme on you local network the Cisco also has to be told that both the 192.168.1.0/24 and 192.168.2.0/24 networks need to be NAT'd onto your outside IP address space.
Since IP Forwarding is enabled on the Linux box, it knows to forward a packet from the 2.x network that is destined to the 1.x network. It also has a default route pointing to the Cisco router so it also knows that packets destined for outside of the local lan need to be forwarded to the Cisco. Consider what happens when a node on the 2.x net sends something out to the Internet. Assuming the client has the correct default gateway set, namely 2.35, the packet will go to the Linux box which will forward it to the Cisco. All okay so far.
Now think about the return packet from the Internet. It gets to the Cisco and there's a problem. The router knows where the 1.x network is but it doesn't know where the 2.x network is. That's where the static route comes into play. The Cisco must have a static route that says that the 2.x network can be reached by sending packets destined for the 2.x network to 1.232. By the logic above, Linux, once it receives the packet forwarded by the router knows where the 2.x network is an it'll send the packet out its second NIC
Oh yes, since you are using an RFC 1918 private address scheme on you local network the Cisco also has to be told that both the 192.168.1.0/24 and 192.168.2.0/24 networks need to be NAT'd onto your outside IP address space.
ASKER
thnx for the reply, but my concerns are
1. i cant able to ping from any of nodes in 2.x to any other hosts in 1.x, but i can ping 1.232 from any host in 2.x
2. the same thing happenes for the 1.x also. ie i can ping 2.35 from any host iin 1.x network and not anyother hosts in 2.x
as im going to use this setup internally i dont want the cisco to come into picture.
all i need is to access the hosts in both networks from both 1.x and 2.x networks using ip address.
once again thnx from the reply.
sakthish
1. i cant able to ping from any of nodes in 2.x to any other hosts in 1.x, but i can ping 1.232 from any host in 2.x
2. the same thing happenes for the 1.x also. ie i can ping 2.35 from any host iin 1.x network and not anyother hosts in 2.x
as im going to use this setup internally i dont want the cisco to come into picture.
all i need is to access the hosts in both networks from both 1.x and 2.x networks using ip address.
once again thnx from the reply.
sakthish
just listening :)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thnx for u suggestions on this issue, i could able to sort out the problem. i would like to keep in touch with you. my eamil ID is sakthish@yahoo.com would like to know urs.
bye...u deserve these points fully cheers!!!
bye...u deserve these points fully cheers!!!
I'm guessing that question 2 means that you pould ping the IP of the first NIC from a host connected to the network attached to the second nic, but not beyond. Most likely that is because the next router upstream from the first NIC hasn't been told that the "2.x" network is reachable via the IP of the first NIC. Obviously I don't know what that router is, but someone will have to create a static route for the hosts in the "2.x" network to be able to talk to anything on the "1.x" network or further out.