routing problem?

Posted on 2003-02-23
Medium Priority
Last Modified: 2013-11-29
I'm not sure exactly where my problem is, but some background first:

Linux server with two network cards - one on the internet via a cable modem - other is my lan on to a hub and on to an XP client.

Linux box works perfectly insofar as I can http,ping the internet and can ping the xp client (which is on My lan card in the linux box is, the other nic to NTL does dhcp to get it's ip.

Ok - the problem with my xp client

- can't ping say www.yahoo.com, but can ping
- traceroute works fine - picks up all the ip addresses ok
- MS Messenger can sign in ok
- can http to www.microsoft.com
- can't http to google (times out)
- outlook starts to pull a few bytes but just times out

Other information:

iptables -L shows:

target     prot opt source               destination
ACCEPT     all  --          anywhere
ACCEPT     all  --  localhost            anywhere
ACCEPT     all  --             anywhere
ACCEPT     all  --  public4-warr1-5-cust155.bagu.broadband.ntl.com  anywhere
ACCEPT     all  --  anywhere   
ACCEPT     all  --  anywhere             public4-warr1-5-cust155.bagu.broadband.ntl.comstate RELATED,ESTABLISHED
okay       tcp  --  anywhere             anywhere           tcp dpt:ftp
okay       tcp  --  anywhere             anywhere           tcp dpt:http
okay       tcp  --  anywhere             anywhere           tcp dpt:smtp
ACCEPT     icmp --  anywhere             anywhere           icmp echo-request
ACCEPT     icmp --  anywhere             anywhere           icmp time-exceeded

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --          anywhere
ACCEPT     all  --  anywhere   

Chain OUTPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  localhost            anywhere
ACCEPT     all  --             anywhere
ACCEPT     all  --  public4-warr1-5-cust155.bagu.broadband.ntl.com  anywhere

Chain okay (3 references)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere           tcp flags:SYN,RST,ACK/SYN
ACCEPT     tcp  --  anywhere             anywhere           state RELATED,ESTABLISHED
DROP       tcp  --  anywhere             anywhere

netstat -r shows:

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface   *        U        40 0          0 eth0        *        U        40 0          0 eth1       *            U        40 0          0 lo
default         public4-warr1-5         UG       40 0          0 eth0

ifconfig shows:

eth0      Link encap:Ethernet  HWaddr 00:C0:4F:67:93:87
          inet addr:  Bcast:  Mask:
          RX packets:742668 errors:0 dropped:0 overruns:0 frame:0
          TX packets:36398 errors:0 dropped:0 overruns:0 carrier:34
          collisions:22 txqueuelen:100
          RX bytes:67721196 (64.5 Mb)  TX bytes:4565170 (4.3 Mb)
          Interrupt:11 Base address:0xdc00

eth1      Link encap:Ethernet  HWaddr 00:02:44:48:00:02
          inet addr:  Bcast:  Mask:
          RX packets:17745 errors:0 dropped:0 overruns:0 frame:0
          TX packets:19610 errors:0 dropped:0 overruns:0 carrier:0
          collisions:2 txqueuelen:100
          RX bytes:3052225 (2.9 Mb)  TX bytes:9758167 (9.3 Mb)
          Interrupt:10 Base address:0x3400

lo        Link encap:Local Loopback
          inet addr:  Mask:
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:83 errors:0 dropped:0 overruns:0 frame:0
          TX packets:83 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:5934 (5.7 Kb)  TX bytes:5934 (5.7 Kb)

I've added as the default gateway for the XP client.

I followed the instructions from the Linux Bible, but alas..

Would anything else be useful to know?

Question by:poulaum
  • 2
  • 2

Expert Comment

ID: 8002459

This can be quite a few diffrent things.
Have you put as default gateway on your XP box.

Do this:
on your linux box after it got it's IP from DHCP.

more /etc/resolv.conf

If the ISP is using and as nameservers you found your problem.

Instead of using 10.0.0. address on your home network, you should use 192.168.x.x, if your ISP is using network.

Are you running a caching DNS on the linux box, have you put as primary DNS in your DHCP scope on the linux box.

Can you ftp to the IP number of some ftp server from XP box ?

/Hans - Erik Skyttberg


Author Comment

ID: 8002690

My default route on the XP client shows

resolve.conf shows the nameservers of NTL to be (which is correct):


I don't know if I'm running a caching dns on the linux box - it is configured as a DHCP client and as such is being allocated an IP address NTL is also supply the DNS lookup (I suppose).

As for the ftp - well, interestingly the linux box works a treat, the xp client connects and I can log in but as soon as I do 'ls' I get "500 Illegal PORT command" and it just hangs. I then have to cntrl c twice to get out.


LVL 41

Accepted Solution

stevenlewis earned 400 total points
ID: 8002850
Could be an MTU problem on the client
using PPPoE for your isp?
change MTU on client
use drtcp to change the MTU settings
drtcp (free)

Author Comment

ID: 8003109
What a b*gger - changing the MTU down on the XP client did the trick.

I'm not sure where the issue really is or why it should be an issue?

Steven - nice one mate.
LVL 41

Expert Comment

ID: 8003144
poulaum Glad to help
I had the same problem with a w98 client and my xp box. I bought a router, and then 2 days later ran across the fix LOL

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question