Linux falls off DMZ
This is a discussion on Linux falls off DMZ within the Linux Networking forums, part of the Linux Forums category; We are totally baffled by a problem we have been having ... here is what is happening ... - We have a Dell ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-12-2004
|
|||
|
|||
Linux falls off DMZ
We are totally baffled by a problem we have been having ... here is
what is happening ... - We have a Dell PowerEdge 650 running Redhat Linux 7.3 - And a CISCO firewall That's the only standard I can say ... OK ... now after about 15 minutes the computer just disappears from beyond the firewall. But from within the network in the firewall, it is just fine. After is drops, the server can still be pinged from within the firewall AND once the server is SSHed to from a "nearby" machine, it immediately pops back up online outside the firewall without difficulty. Here is what we have used to debug: 1) Is it the network card dropping? - initally the Dell came with an Intel Pro 1000MT Dual Card ... so we replaced it with another Intel Pro 1000MT Dual Card ... same problem .... so we replaced it again with a D-Link 10/100 card ... problem still occurs ... THUS it isn't NIC card related 2) Is it Dell PowerEdge related? - we replaced the PowerEdge with a dual boot (Win 98, Linux 7.3) Dell Optiplex GX100. In Linux the problem still occurs ... it falls off the network if communication thru the firewall doesn't occur. THUS it isn't the physical server. 3) Is the Linux install bad? - we reinstalled Redhat 7.3, no luck ... we installed 9.0, no luck .... we installed 8.0, no luck ... we reinstalled 7.3, still no luck .... THUS it isn't Linux 7.3 causing the problem 4) Is the OS the problem? - obviously Redhat 7.3 is giving problems, so we tried Windows ... NO PROBLEM ... we brought in a Mac too ... NO problem ... AH HA ... it has something to do with Linux. 5) Is the problem a network cable ... nope 6) Does the problem occur outside the firewall? - we moved our server to outside the firewall ... and ran it in RH Linux 7.3 ... NO PROBLEMS ... the server runs perfectly outside the firewall 7) We contacted CISCO and they suggested checking ARP tables ... no problem, our server is still there 8) We even tried moving the server directly next to the firewall physically ... no luck 9) All the basics too ... new cables have been tried, new switches have been tried, new IP addresses and domains have been tried. THE ONLY solution we have found is to ping the box from an "outside the firewall" box every 30 seconds or so ... this keeps it up and running wihtout difficulty ... but it is only a semi-solution, we would like it to just run without problem. Any ideas? Rick 
|
|
04-12-2004
|
|||
|
|||
|
Re: Linux falls off DMZ
On Mon, 12 Apr 2004 09:38:34 -0500, Rick Wezowicz wrote:
> We are totally baffled by a problem we have been having ... here is what > is happening ... > > - We have a Dell PowerEdge 650 running Redhat Linux 7.3 - And a CISCO > firewall > > That's the only standard I can say ... OK ... now after about 15 minutes > the computer just disappears from beyond the firewall. But from within > the network in the firewall, it is just fine. After is drops, the server > can still be pinged from within the firewall AND once the server is > SSHed to from a "nearby" machine, it immediately pops back up online > outside the firewall without difficulty. > > Here is what we have used to debug: > 1) Is it the network card dropping? > - initally the Dell came with an Intel Pro 1000MT Dual Card ... so we > replaced it with another Intel Pro 1000MT Dual Card ... same problem ... > so we replaced it again with a D-Link 10/100 card ... problem still > occurs ... THUS it isn't NIC card related > > 2) Is it Dell PowerEdge related? > - we replaced the PowerEdge with a dual boot (Win 98, Linux 7.3) Dell > Optiplex GX100. In Linux the problem still occurs ... it falls off the > network if communication thru the firewall doesn't occur. THUS it isn't > the physical server. > > 3) Is the Linux install bad? > - we reinstalled Redhat 7.3, no luck ... we installed 9.0, no luck > ... we installed 8.0, no luck ... we reinstalled 7.3, still no luck ... > THUS it isn't Linux 7.3 causing the problem > > 4) Is the OS the problem? > - obviously Redhat 7.3 is giving problems, so we tried Windows ... NO > PROBLEM ... we brought in a Mac too ... NO problem ... AH HA ... it has > something to do with Linux. > > 5) Is the problem a network cable ... nope > > 6) Does the problem occur outside the firewall? > - we moved our server to outside the firewall ... and ran it in RH > Linux 7.3 ... NO PROBLEMS ... the server runs perfectly outside the > firewall > > 7) We contacted CISCO and they suggested checking ARP tables ... no > problem, our server is still there > > 8) We even tried moving the server directly next to the firewall > physically ... no luck > > 9) All the basics too ... new cables have been tried, new switches have > been tried, new IP addresses and domains have been tried. > > THE ONLY solution we have found is to ping the box from an "outside the > firewall" box every 30 seconds or so ... this keeps it up and running > wihtout difficulty ... but it is only a semi-solution, we would like it > to just run without problem. > > Any ideas? > Rick I am not sure I understand what you mean by "disappear". When it does this can the pix ping the host? Can the RH box ping the pix? What does your nat config look like (show nat, show static)? Rik Bain
|
|
04-12-2004
|
|||
|
|||
|
Re: Linux falls off DMZ
Rick Wezowicz wrote:
> We are totally baffled by a problem we have been having ... here is > what is happening ... > > - We have a Dell PowerEdge 650 running Redhat Linux 7.3 > - And a CISCO firewall > > That's the only standard I can say ... OK ... now after about 15 > minutes the computer just disappears from beyond the firewall. But > from within the network in the firewall, it is just fine. After is > drops, the server can still be pinged from within the firewall AND > once the server is SSHed to from a "nearby" machine, it immediately > pops back up online outside the firewall without difficulty. > > Here is what we have used to debug: > 1) Is it the network card dropping? > - initally the Dell came with an Intel Pro 1000MT Dual Card ... so we > replaced it with another Intel Pro 1000MT Dual Card ... same problem > ... so we replaced it again with a D-Link 10/100 card ... problem > still occurs ... THUS it isn't NIC card related > > 2) Is it Dell PowerEdge related? > - we replaced the PowerEdge with a dual boot (Win 98, Linux 7.3) Dell > Optiplex GX100. In Linux the problem still occurs ... it falls off the > network if communication thru the firewall doesn't occur. THUS it > isn't the physical server. > > 3) Is the Linux install bad? > - we reinstalled Redhat 7.3, no luck ... we installed 9.0, no luck > ... we installed 8.0, no luck ... we reinstalled 7.3, still no luck > ... THUS it isn't Linux 7.3 causing the problem > > 4) Is the OS the problem? > - obviously Redhat 7.3 is giving problems, so we tried Windows ... NO > PROBLEM ... we brought in a Mac too ... NO problem ... AH HA ... it > has something to do with Linux. > > 5) Is the problem a network cable ... nope > > 6) Does the problem occur outside the firewall? > - we moved our server to outside the firewall ... and ran it in RH > Linux 7.3 ... NO PROBLEMS ... the server runs perfectly outside the > firewall > > 7) We contacted CISCO and they suggested checking ARP tables ... no > problem, our server is still there > > 8) We even tried moving the server directly next to the firewall > physically ... no luck > > 9) All the basics too ... new cables have been tried, new switches > have been tried, new IP addresses and domains have been tried. > > THE ONLY solution we have found is to ping the box from an "outside > the firewall" box every 30 seconds or so ... this keeps it up and > running wihtout difficulty ... but it is only a semi-solution, we > would like it to just run without problem. > > Any ideas? > Rick Hello Rick A few basics: netstat -nr <will show you your routing table on your linux system> ifconfig -a <will show you your ethernet interfaces and how they are configured> ethereal is the most robust sniffer you can have. Find a machine and install it. Ethereal will sniff your ethernet I/O on on your linux system. Frequently, I install 10mbps flat hubs between machines to sniff (analyze) data traffic. Is the machine a web servers? What the topology, i.e. the connection between the RH system and the cisco router? keepalive can be used on the cisco's ethernet interface as well as 'ip route cache'. If you can ping (see) the linux system from other machines, it's up on the network. You may be passing 'bad routes' to the linux system, and not be aware of it. What routing software/deamons are your running (if any) on the RH machine? If this machine is in your DMZ, are your other DMZ machines seen by the outside internet? More specifics are useful. Here is my BEST suggestion, RUN, not walk to Debian from RedHat. You'll find LOTS more support.... Besides, RH is dying. As a server only product now. Debian is easy to install, upgrade, and get support on. James
|
|
04-12-2004
|
|||
|
|||
|
Re: Linux falls off DMZ
rwezowicz@hotmail.com (Rick Wezowicz) wrote in message news:<503e6515.0404120638.52126d15@posting.google. com>...
> We are totally baffled by a problem we have been having ... here is > what is happening ... > > - We have a Dell PowerEdge 650 running Redhat Linux 7.3 > - And a CISCO firewall > > That's the only standard I can say ... OK ... now after about 15 > minutes the computer just disappears from beyond the firewall. But > from within the network in the firewall, it is just fine. After is > drops, the server can still be pinged from within the firewall AND > once the server is SSHed to from a "nearby" machine, it immediately > pops back up online outside the firewall without difficulty. > > Here is what we have used to debug: > 1) Is it the network card dropping? > - initally the Dell came with an Intel Pro 1000MT Dual Card ... so we > replaced it with another Intel Pro 1000MT Dual Card ... same problem > ... so we replaced it again with a D-Link 10/100 card ... problem > still occurs ... THUS it isn't NIC card related > > 2) Is it Dell PowerEdge related? > - we replaced the PowerEdge with a dual boot (Win 98, Linux 7.3) Dell > Optiplex GX100. In Linux the problem still occurs ... it falls off the > network if communication thru the firewall doesn't occur. THUS it > isn't the physical server. > > 3) Is the Linux install bad? > - we reinstalled Redhat 7.3, no luck ... we installed 9.0, no luck > ... we installed 8.0, no luck ... we reinstalled 7.3, still no luck > ... THUS it isn't Linux 7.3 causing the problem > > 4) Is the OS the problem? > - obviously Redhat 7.3 is giving problems, so we tried Windows ... NO > PROBLEM ... we brought in a Mac too ... NO problem ... AH HA ... it > has something to do with Linux. > > 5) Is the problem a network cable ... nope > > 6) Does the problem occur outside the firewall? > - we moved our server to outside the firewall ... and ran it in RH > Linux 7.3 ... NO PROBLEMS ... the server runs perfectly outside the > firewall > > 7) We contacted CISCO and they suggested checking ARP tables ... no > problem, our server is still there > > 8) We even tried moving the server directly next to the firewall > physically ... no luck > > 9) All the basics too ... new cables have been tried, new switches > have been tried, new IP addresses and domains have been tried. > > THE ONLY solution we have found is to ping the box from an "outside > the firewall" box every 30 seconds or so ... this keeps it up and > running wihtout difficulty ... but it is only a semi-solution, we > would like it to just run without problem. > > Any ideas? > Rick Try disable proxy arp on the Internal leg of the pix (the sysopt noproxyarp inside_interface).
|
Linear Mode
