Andrew P. Billyard <andrew_billyard@alumni.removethisbit.uwaterloo.ca > wrote:
> In my box I have two ethernet adaptors: an SMC EZNET-PCI (as eth0) and a
> 3COM 905TX (as eth1 to be used as a connection for my laptop). The
> following problem occurs whether I have my firewall (iptables) running or
> not. When the eth1 card is brought up (via "ifup eth1") I can
> *only* access the outside world (via eth0) if I use IP numbers:
> ping 130.15.26.30
> ssh 130.15.26.30
> But if I try it with ip names, the system just sits there with no output
> whatsoever (not even error messages or "can't resolve host" type messages)
> ping astro.queensu.ca
> ssh astro.queensu.ca
> (there isn't even any activity light with my DSL box).
> So I started to fiddle with the script ifup, inserting "exit;" commands
> throughout to find out where this problem arises and it's with the command:
> ip addr add ${IPADDR}/${PREFIX} \
> brd ${BROADCAST:-+} dev ${REALDEVICE} ${SCOPE} label ${DEVICE};
> (executed in an if...then statement), where
> ${IPADDR}=192.168.1.25
> ${PREFIX}=24
> ${BROADCAST}=192.168.1.255
> ${REALDEVICE}=eth1
> ${SCOPE}=
> ${DEVICE}=eth1
> I know that this is the offending command since I inserted an exit;
> statement in ifup before this statement, ran "ifup eth1", ran "ping
> astro.queensu.ca" (which worked), ran "ip addr add 192.168...." and then
> ran "ping astroq.queensu.ca" again and it failed.
> The output to "ip addr list", before and after the offending statement is
> executed is:
> BEFORE:
> 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
> 4: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
> link/ether 00:e0:29:8d:f0:84 brd ff:ff:ff:ff:ff:ff
> inet 10.40.188.180/28 brd 10.40.188.191 scope global eth0
> 6: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast qlen 1000
> link/ether 00:50:04:16:6f:5e brd ff:ff:ff:ff:ff:ff
> AFTER:
> 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
> 4: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
> link/ether 00:e0:29:8d:f0:84 brd ff:ff:ff:ff:ff:ff
> inet 10.40.188.180/28 brd 10.40.188.191 scope global eth0
> 6: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
> link/ether 00:50:04:16:6f:5e brd ff:ff:ff:ff:ff:ff
> inet 192.168.1.25/24 brd 192.168.1.255 scope global eth1
> Now, if I execute the following
> ip addr flush dev eth1
> ip addr add 192.168.1.25 brd 192.168.1.255 dev eth1 label eth1
> (i.e., I specify ${IPADDR} rather than ${IPADDR}/${PREFIX}) everything
> works!
> Can anyone see the problem here? This networking is really new to me so
> I'm not even sure what I should be looking for. So,
Sounds very much like the DNS requests are being forwarded through eth1
for some reason. First I'd take a look at /etc/resolv.conf, and then I'd
try running tcpdump on eth1 to see what's going on there. Then I'd do
"ip addr flush dev eth1" and run tcpdump on eth0. (And ping the FQDN
of a host on the Internet in both instances.)
Great description of what you've already done to find the problem!
It seemed to me that where DNS requests go is the only thing left
to check.
> What is the significance of the "/24" in the IP address?
It means that anything sent to a host on the old classful "C" network
192.168.1.0 will go to the LAN to which eth1 is attached (IP addresses
192.168.1.[1-254]).
> Where can I turn it off?
Remove /${PREFIX}.
> Should I turn it off?
No, do that and very likely you won't be able to communicate with other
hosts on your LAN.
> Should it be a specific number?
It defines the LAN hosts' IP address range and hence a LAN network route.
The /24 is for an old classful "C" network and is apropos here.
> For completeness, I've included some of my machine's
> configures and (hopefully) key files below.
They looked okay to me.
--
Clifford Kite Email: "echo
xvgr_yvahk-ccc@ri1.arg|rot13"
PPP-Q&A links, downloads:
http://ckite.no-ip.net/
/* Emacs vs vi:
Sort of like a Swiss Army knife versus a rapier. */