Solved

Linux Routing Firewall Help please !!

Posted on 2007-04-05
2
225 Views
Last Modified: 2013-12-16
I am trying to configure a firewall with 2 nics.

eth0      Link encap:Ethernet  HWaddr 00:15:E9:FA:43:6E
          inet addr:209.194.80.82  Bcast:209.194.80.87  Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6127 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5583 errors:0 dropped:0 overruns:0 carrier:0
          collisions:44 txqueuelen:100
          RX bytes:3368292 (3.2 Mb)  TX bytes:725801 (708.7 Kb)
          Interrupt:11 Base address:0xd000
 
eth1      Link encap:Ethernet  HWaddr 00:04:5A:7A:E4:48
          inet addr:10.1.1.1  Bcast:10.1.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3408 errors:0 dropped:0 overruns:0 frame:0
          TX packets:737 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:334099 (326.2 Kb)  TX bytes:53127 (51.8 Kb)
          Interrupt:10 Base address:0x5c00
 
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:22347 errors:0 dropped:0 overruns:0 frame:0
          TX packets:22347 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1528193 (1.4 Mb)  TX bytes:1528193 (1.4 Mb)


if I disable eth1 then I can access the internet and ping works all the way around. But when I enable eth1 for the internal network I get the following

[root@firewall root]# ping 209.194.80.82
PING 209.194.80.82 (209.194.80.82) 56(84) bytes of data.
64 bytes from 209.194.80.82: icmp_seq=1 ttl=64 time=0.039 ms
 
[root@firewall root]# ping 209.194.80.81
PING 209.194.80.81 (209.194.80.81) 56(84) bytes of data.
64 bytes from 209.194.80.81: icmp_seq=1 ttl=255 time=0.818 ms
 
[root@firewall root]# ping 209.194.80.61
PING 209.194.80.61 (209.194.80.61) 56(84) bytes of data.
From 10.1.1.1 icmp_seq=1 Destination Host Unreachable
 
[root@firewall root]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
209.194.80.80   0.0.0.0         255.255.255.248 U     0      0        0 eth0
10.1.1.0        0.0.0.0         255.255.255.0   U     0      0        0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth1
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         10.1.1.254      0.0.0.0         UG    0      0        0 eth1

According to the documentation I have read this set up should work and I am at a loss for what to do next.
Any idea's?  
0
Comment
Question by:MarkWP
2 Comments
 
LVL 4

Accepted Solution

by:
cheesygit182 earned 500 total points
ID: 18861271
"inet addr:10.1.1.1  Bcast:10.1.1.255  Mask:255.255.255.0"
That's your problem. Your usage of the kernels routing tables is perfect, but one of the NICs isn't configured correctly. Test them individually and paste the results of ifconfig here, for each.

~cheesygit182
0
 
LVL 1

Author Comment

by:MarkWP
ID: 18861500
I had a gateway entered on both nics
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PC upgrade to Linux Mint 7 67
Access_log 17 100
Penetration Testing home based work 3 54
How to make a Bash alias that takes parameters 5 31
Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now