Bob Chiodini Wrote:
Patrick Nelson wrote:
FC3 (all up to date)
This may seem simple but I'm changing ISPs and I have 2 internet facing systems that also connect to the private network. One being the GW the other being Mail. So I have the gateway working fine but I can not get the mail server working in the changed network config. I just want to make sure I'm not missing anything, because I think that the ISP is not routing, switching, or configured correctly.
-The two systems are attached to a Hub along with the connection to the Internet. -The gateway system is working fine with the new ISP changes (serves as the DNS and GW) -The mail server can be configured with the new ISP, but once I do that system can not ping the internet --however it can ping the internet side of the GW --and the intranet. -With ethereal I sniffed the mail server connection and it does appear to get anthing back from the ISP GW
Here are the changes that I make to mail server:
- Use system-config-network to change the:
-IP Address -Subnet Mask -Gateway 2. Change the IPTables Firewall Script to match the new config 3. Turn off the firewall script for the first booting in the new
network
config 4. Reboot
The booting goes fine but I can not ping anything other than the GW system on the Internet side.
Is there anything that I'm missing or might try? Or does this sound like a routing problem on the side of my ISP?
Patrick,
Post the output of ifconfig and route -n from both machines. It sounds like the default gateway on the mail server is incorrect.
Bob...
Sorry for the delay I was out on a site.
Here it is: ------------ - ifconfig - ------------ eth0 Link encap:Ethernet HWaddr 00:60:B0:C3:D4:C1 inet addr:206.58.200.39 Bcast:206.58.201.255 Mask:255.255.254.0 inet6 addr: fe80::260:b0ff:fec3:d4c1/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1136 errors:0 dropped:0 overruns:0 frame:0 TX packets:492 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:195090 (190.5 KiB) TX bytes:37578 (36.6 KiB) Interrupt:9 Base address:0xece0
eth1 Link encap:Ethernet HWaddr 00:03:5D:07:C1:32 inet addr:10.1.1.1 Bcast:10.1.255.255 Mask:255.255.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1310 errors:0 dropped:0 overruns:0 frame:0 TX packets:1310 errors:3 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:655425 (640.0 KiB) TX bytes:221435 (216.2 KiB) Interrupt:9 Base address:0x100
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:440 errors:0 dropped:0 overruns:0 frame:0 TX packets:440 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:61126 (59.6 KiB) TX bytes:61126 (59.6 KiB)
------------ - route -n - ------------ Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 206.58.200.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0 10.1.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 206.58.200.1 0.0.0.0 UG 0 0 0 eth0
Does anything here show a problem on my side rather than the ISP? Thanks!
On Thu, 2005-07-28 at 13:19 -0700, Patrick Nelson wrote:
Bob Chiodini Wrote:
Patrick Nelson wrote:
FC3 (all up to date)
This may seem simple but I'm changing ISPs and I have 2 internet facing systems that also connect to the private network. One being the GW the other being Mail. So I have the gateway working fine but I can not get the mail server working in the changed network config. I just want to make sure I'm not missing anything, because I think that the ISP is not routing, switching, or configured correctly.
-The two systems are attached to a Hub along with the connection to the Internet. -The gateway system is working fine with the new ISP changes (serves as the DNS and GW) -The mail server can be configured with the new ISP, but once I do that system can not ping the internet --however it can ping the internet side of the GW --and the intranet. -With ethereal I sniffed the mail server connection and it does appear to get anthing back from the ISP GW
Here are the changes that I make to mail server:
- Use system-config-network to change the:
-IP Address -Subnet Mask -Gateway 2. Change the IPTables Firewall Script to match the new config 3. Turn off the firewall script for the first booting in the new
network
config 4. Reboot
The booting goes fine but I can not ping anything other than the GW system on the Internet side.
Is there anything that I'm missing or might try? Or does this sound like a routing problem on the side of my ISP?
Patrick,
Post the output of ifconfig and route -n from both machines. It sounds like the default gateway on the mail server is incorrect.
Bob...
Sorry for the delay I was out on a site.
Here it is:
- ifconfig -
eth0 Link encap:Ethernet HWaddr 00:60:B0:C3:D4:C1 inet addr:206.58.200.39 Bcast:206.58.201.255 Mask:255.255.254.0 inet6 addr: fe80::260:b0ff:fec3:d4c1/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1136 errors:0 dropped:0 overruns:0 frame:0 TX packets:492 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:195090 (190.5 KiB) TX bytes:37578 (36.6 KiB) Interrupt:9 Base address:0xece0
eth1 Link encap:Ethernet HWaddr 00:03:5D:07:C1:32 inet addr:10.1.1.1 Bcast:10.1.255.255 Mask:255.255.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1310 errors:0 dropped:0 overruns:0 frame:0 TX packets:1310 errors:3 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:655425 (640.0 KiB) TX bytes:221435 (216.2 KiB) Interrupt:9 Base address:0x100
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:440 errors:0 dropped:0 overruns:0 frame:0 TX packets:440 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:61126 (59.6 KiB) TX bytes:61126 (59.6 KiB)
- route -n -
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 206.58.200.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0 10.1.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 206.58.200.1 0.0.0.0 UG 0 0 0 eth0
Does anything here show a problem on my side rather than the ISP? Thanks!
Patrick,
Is this from the mail server? What does the gateway look like?
Can you ping 206.58.200.1? Do you get your IP from your ISP via DHCP? The netmask is not natural for Class C.
Bob...
Bob Chiodini wrote:
On Thu, 2005-07-28 at 13:19 -0700, Patrick Nelson wrote:
Bob Chiodini Wrote:
Patrick Nelson wrote:
FC3 (all up to date)
This may seem simple but I'm changing ISPs and I have 2 internet facing systems that also connect to the private network. One being the GW the other being Mail. So I have the gateway working fine but I can not get the mail server working in the changed network config. I just want to make sure I'm not missing anything, because I think that the ISP is not routing, switching, or configured correctly.
-The two systems are attached to a Hub along with the connection to the Internet. -The gateway system is working fine with the new ISP changes (serves as the DNS and GW) -The mail server can be configured with the new ISP, but once I do that system can not ping the internet --however it can ping the internet side of the GW --and the intranet. -With ethereal I sniffed the mail server connection and it does appear to get anthing back from the ISP GW
Here are the changes that I make to mail server:
- Use system-config-network to change the:
-IP Address -Subnet Mask -Gateway 2. Change the IPTables Firewall Script to match the new config 3. Turn off the firewall script for the first booting in the new
network
config 4. Reboot
The booting goes fine but I can not ping anything other than the GW system on the Internet side.
Is there anything that I'm missing or might try? Or does this sound like a routing problem on the side of my ISP?
Patrick,
Post the output of ifconfig and route -n from both machines. It sounds like the default gateway on the mail server is incorrect.
Bob...
Sorry for the delay I was out on a site.
Here it is:
- ifconfig -
eth0 Link encap:Ethernet HWaddr 00:60:B0:C3:D4:C1 inet addr:206.58.200.39 Bcast:206.58.201.255 Mask:255.255.254.0 inet6 addr: fe80::260:b0ff:fec3:d4c1/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1136 errors:0 dropped:0 overruns:0 frame:0 TX packets:492 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:195090 (190.5 KiB) TX bytes:37578 (36.6 KiB) Interrupt:9 Base address:0xece0
eth1 Link encap:Ethernet HWaddr 00:03:5D:07:C1:32 inet addr:10.1.1.1 Bcast:10.1.255.255 Mask:255.255.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1310 errors:0 dropped:0 overruns:0 frame:0 TX packets:1310 errors:3 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:655425 (640.0 KiB) TX bytes:221435 (216.2 KiB) Interrupt:9 Base address:0x100
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:440 errors:0 dropped:0 overruns:0 frame:0 TX packets:440 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:61126 (59.6 KiB) TX bytes:61126 (59.6 KiB)
- route -n -
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 206.58.200.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0 10.1.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 206.58.200.1 0.0.0.0 UG 0 0 0 eth0
Does anything here show a problem on my side rather than the ISP? Thanks!
Patrick,
Is this from the mail server? What does the gateway look like?
Can you ping 206.58.200.1? Do you get your IP from your ISP via DHCP? The netmask is not natural for Class C.
Bob...
Yes it the info was from the mail server. The GW had just about the same info but a .33 IP. No, both the systems are static IPs. The netmask was given by the ISP and is:
------------------------------------------------ TCP/IP NETWORK INFORMATION ------------------------------------------------ IP Entered = ..................: 206.58.200.0 CIDR = ........................: /23 Netmask = .....................: 255.255.254.0 Wildcard Bits = ...............: 0.0.1.255 ------------------------------------------------ Network Address = .............: 206.58.200.0 Broadcast Address = ...........: 206.58.201.255 Usable IP Addresses = .........: 510 First Usable IP Address = .....: 206.58.200.1 Last Usable IP Address = ......: 206.58.201.254
On Fri, 2005-07-29 at 09:09 -0700, Patrick Nelson wrote:
Bob Chiodini wrote:
On Thu, 2005-07-28 at 13:19 -0700, Patrick Nelson wrote:
Bob Chiodini Wrote:
Patrick Nelson wrote:
FC3 (all up to date)
This may seem simple but I'm changing ISPs and I have 2 internet facing systems that also connect to the private network. One being the GW the other being Mail. So I have the gateway working fine but I can not get the mail server working in the changed network config. I just want to make sure I'm not missing anything, because I think that the ISP is not routing, switching, or configured correctly.
-The two systems are attached to a Hub along with the connection to the Internet. -The gateway system is working fine with the new ISP changes (serves as the DNS and GW) -The mail server can be configured with the new ISP, but once I do that system can not ping the internet --however it can ping the internet side of the GW --and the intranet. -With ethereal I sniffed the mail server connection and it does appear to get anthing back from the ISP GW
Here are the changes that I make to mail server:
- Use system-config-network to change the:
-IP Address -Subnet Mask -Gateway 2. Change the IPTables Firewall Script to match the new config 3. Turn off the firewall script for the first booting in the new
network
config 4. Reboot
The booting goes fine but I can not ping anything other than the GW system on the Internet side.
Is there anything that I'm missing or might try? Or does this sound like a routing problem on the side of my ISP?
Patrick,
Post the output of ifconfig and route -n from both machines. It sounds like the default gateway on the mail server is incorrect.
Bob...
Sorry for the delay I was out on a site.
Here it is:
- ifconfig -
eth0 Link encap:Ethernet HWaddr 00:60:B0:C3:D4:C1 inet addr:206.58.200.39 Bcast:206.58.201.255 Mask:255.255.254.0 inet6 addr: fe80::260:b0ff:fec3:d4c1/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1136 errors:0 dropped:0 overruns:0 frame:0 TX packets:492 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:195090 (190.5 KiB) TX bytes:37578 (36.6 KiB) Interrupt:9 Base address:0xece0
eth1 Link encap:Ethernet HWaddr 00:03:5D:07:C1:32 inet addr:10.1.1.1 Bcast:10.1.255.255 Mask:255.255.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1310 errors:0 dropped:0 overruns:0 frame:0 TX packets:1310 errors:3 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:655425 (640.0 KiB) TX bytes:221435 (216.2 KiB) Interrupt:9 Base address:0x100
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:440 errors:0 dropped:0 overruns:0 frame:0 TX packets:440 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:61126 (59.6 KiB) TX bytes:61126 (59.6 KiB)
- route -n -
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 206.58.200.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0 10.1.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 206.58.200.1 0.0.0.0 UG 0 0 0 eth0
Does anything here show a problem on my side rather than the ISP? Thanks!
Patrick,
Is this from the mail server? What does the gateway look like?
Can you ping 206.58.200.1? Do you get your IP from your ISP via DHCP? The netmask is not natural for Class C.
Bob...
Yes it the info was from the mail server. The GW had just about the same info but a .33 IP. No, both the systems are static IPs. The netmask was given by the ISP and is:
TCP/IP NETWORK INFORMATION
IP Entered = ..................: 206.58.200.0 CIDR = ........................: /23 Netmask = .....................: 255.255.254.0 Wildcard Bits = ...............: 0.0.1.255
Network Address = .............: 206.58.200.0 Broadcast Address = ...........: 206.58.201.255 Usable IP Addresses = .........: 510 First Usable IP Address = .....: 206.58.200.1 Last Usable IP Address = ......: 206.58.201.254
Patrick,
A couple of "brute force" things to try:
1. Check for link from the hub to the mail server. I assume this is good since you can ping the outside interface of the GW. I don't see any way that traffic could get from the mail server to the GW without going through outside the hub. No routing on the 10.1.0.0 network.
2. Verify routing with traceroute. Try traceroute 206.58.200.33 from the mail server. Then try traceroute to an internet IP address. That should tell you how far the packets are getting.
Just out of curiosity what is upstream of the hub (your CPE)? To clarify one other thing for me. Is there a hub connecting the boxes together on the 10.1.0.0 subnet as well?
I don't see anything wrong with your config.
Bob...
Bob...
Bob Chiodini wrote:
On Fri, 2005-07-29 at 09:09 -0700, Patrick Nelson wrote:
Patrick,
A couple of "brute force" things to try:
- Check for link from the hub to the mail server. I assume this is
good since you can ping the outside interface of the GW. I don't see any way that traffic could get from the mail server to the GW without going through outside the hub. No routing on the 10.1.0.0 network.
- Verify routing with traceroute. Try traceroute 206.58.200.33 from
the mail server. Then try traceroute to an internet IP address. That should tell you how far the packets are getting.
Just out of curiosity what is upstream of the hub (your CPE)? To clarify one other thing for me. Is there a hub connecting the boxes together on the 10.1.0.0 subnet as well?
I don't see anything wrong with your config.
Bob...
1. There should not be any because the GW for the mail server is the ISP GW of 206.58.200.1
2. Here is the TraceRoutes of the Mail to and GW systems.
This is to the GW system not the ISP gateway. The GW system is attached to the hub that the Mail system: [mail ~]$ traceroute -v 206.58.200.33 traceroute to 206.58.200.33 (206.58.200.33), 30 hops max, 38 byte packets 1 206.58.200.33 (206.58.200.33) 46 bytes to 206.58.200.39 7.806 ms 0.459 ms 0.442 ms
This is to the ISPs GW which can be pinged by the GW system but not the Mail system: [mail ~]$ traceroute 206.58.200.1 traceroute to 206.58.200.1 (206.58.200.1), 30 hops max, 38 byte packets 1 206.58.200.39 (206.58.200.39) 3000.343 ms !H 3000.381 ms !H 3000.118 ms !H
3. Here is the topology:
ISP GW (206.58.200.1) | WIFI Modem (ISP Modem of which there is one Ethernet Connection, have no access to its config, think it acts as a bridge) | My External Hub | | GW System Mail System | | My Internal Hub | Internal Network
I am almost completely convinced that there is a routing problem at the ISP. What do you thing?
Regards, Patrick
Patrick Nelson wrote:
- There should not be any because the GW for the mail server is the
ISP GW of 206.58.200.1
- Here is the TraceRoutes of the Mail to and GW systems.
This is to the GW system not the ISP gateway. The GW system is attached to the hub that the Mail system: [mail ~]$ traceroute -v 206.58.200.33 traceroute to 206.58.200.33 (206.58.200.33), 30 hops max, 38 byte packets 1 206.58.200.33 (206.58.200.33) 46 bytes to 206.58.200.39 7.806 ms 0.459 ms 0.442 ms
This is to the ISPs GW which can be pinged by the GW system but not the Mail system: [mail ~]$ traceroute 206.58.200.1 traceroute to 206.58.200.1 (206.58.200.1), 30 hops max, 38 byte packets 1 206.58.200.39 (206.58.200.39) 3000.343 ms !H 3000.381 ms !H 3000.118 ms !H
- Here is the topology:
ISP GW (206.58.200.1) | WIFI Modem (ISP Modem of which there is one Ethernet Connection, have no access to its config, think it acts as a bridge) | My External Hub | | GW System Mail System | | My Internal Hub | Internal Network
I am almost completely convinced that there is a routing problem at the ISP. What do you thing?
Regards, Patrick
Hello All,
I sat down the the ISP network engineer and had him do a traceroute back to me and found that one of his switches was sending the return packets to neverland. He fixed that and now it all up and working. Thanks Bob for your help.
-
Bob Chiodini -
Patrick Nelson