Date: Mon, 4 Jun 2001 15:05:54 -0700 From: "Eric Rosenberry" <ericr@dsl-only.net> To: <chip.wiegand@simrad.com>, "Eric Rosenberry" <ericr@dsl-only.net> Cc: "Ryan Thompson" <ryan@sasknow.com>, <freebsd-questions@FreeBSD.ORG> Subject: RE: Strange network connectivity problem Message-ID: <GLEOKLAKEIBLAAKKFHEIAEFICEAA.ericr@dsl-only.net> In-Reply-To: <41256A61.007DE86C.00@mail.simrad.no>
next in thread | previous in thread | raw e-mail | index | archive | help
At this point I would be willing to bet that the problem lies on the router. By that traceroute you sent from the BSD box going to the DNS server it would seem that the router is sending replies like destination net unreachable or destination host unreachable. I am unsure what the !H means. You have a fairly complex config on the router that is treating the two machines on your internal network differently because of the NAT (which is not the same thing as the NAT most people think of, Cisco calls that PAT). Can you send a traceroute from the NT box to the DNS server? P.S. You should NOT be having crashing problems on a Cisco router. If you are, you need a newer version of IOS. -Eric -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of chip.wiegand@simrad.com Sent: Monday, June 04, 2001 2:49 PM To: Eric Rosenberry Cc: Ryan Thompson; freebsd-questions@FreeBSD.ORG Subject: RE: Strange network connectivity problem I can ping the router ip addresses, there are actually 3 of 'em. 63.66.44.161, 162, 163 with 63.66.44.163 being the public nat'ed ip address, and I can ping the gateway ip address. Your statement about the configuration not being written to flash memory is interesting, we had some configuration work done last month, and I don't recall having to power- cycle the router since then. Chip "Eric Rosenberry" <ericr@dsl-only.net> on 06/04/2001 11:38:56 PM Internet mail from: To: Chip Wiegand/USSEA/S/KM/KOG, "Ryan Thompson" <ryan@sasknow.com> cc: freebsd-questions@FreeBSD.ORG Subject: RE: Strange network connectivity problem From the output you have sent it looks to me like your BSD box is unable to do an ARP for the router??? Can you try pinging the router's internal address from the BSD box please? (157.237.65.245) This kind of sounds to me like a problem with the Cisco router. I would not be surprised if someone had made a change to it's configuration but not written it to flash memory so that when it was "rebooted" it lost something... P.S. Please let me know what the resolution to this is, I am intrigued by it. -Eric -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of chip.wiegand@simrad.com Sent: Monday, June 04, 2001 2:19 PM To: Ryan Thompson Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Strange network connectivity problem I downloaded 4.3, not installed it. I'm going to burn it to a cd so I can upgrade my home machines. The version running here is 4.2. The DNS is external, the BSD box cannot ping it or resolve names, etc, but the IIS box can. I didn't mean to hide any ip addresses, just didn't mention them. Here is some more info: the BSD box is not reachable from the outside world. The IIS box is. The router is 63.66.44.163 which uses nat to redirect to 157.237.65.104 (IIS). The BSD box runs apache, etc for development only, it's address is 157.237.65.149. The gateway for the two computers is 157.237.65.245. These two are the only boxes on the network using this particular router, everything else goes through a differant router. The IIS box has no problem with connecting to the outside world, by name and ipaddress. From the BSD box: ifconfig -a xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 157.237.65.249 netmask 0xffffff00 broadcast 157.237.65.255 inet6 fe80::201:2ff:febf:bbea%xl0 prefixlen 64 scopeid 0x1 ether 00:01:02:bf:bb:ea media: autoselect (100baseTX <full-duplex>) status: active supported media: autoselect 100baseTX <full-duplex> 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP 100baseTX <hw-loopback>lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500faith0: flags=8000<MULTICAST> mtu 1500gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280gif1: flags=8010<POINTOPOINT,MULTICAST> mtu 1280gif2: flags=8010<POINTOPOINT,MULTICAST> mtu 1280gif3: flags=8010<POINTOPOINT,MULTICAST> mtu 1280lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552 -------------------- netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 157.237.65.245 UGSc 2 0 xl0 127.0.0.1 127.0.0.1 UH 0 0 lo0 157.237.65/24 link#1 UC 0 0 xl0 => 157.237.65.101 0:a0:c9:e9:3d:39 UHLW 1 91 xl0 1143 157.237.65.102 0:1:2:bf:2e:42 UHLW 0 216 xl0 1187 157.237.65.103 0:50:da:6e:86:fa UHLW 0 13 xl0 1198 157.237.65.245 link#1 UHLW 3 0 xl0 => 157.237.65.255 ff:ff:ff:ff:ff:ff UHLWb 2 80 xl0 ----------------------- rc.conf: hostname="simrad_4" newtwork_interfaces="xl0 lo0" ifconfig_xl0="inet 157.237.65.249 netmask 255.255.255.0" ifconfig_lo0="inet127.0.0.1" linux_enable="YES" sendmail_enable="YES" moused_enable="YES" defaultrouter="157.237.65.245" sshd_enable="YES" inetd_enable="YES" ------------------------ resolv.conf: nameserver 209.63.0.2 nameserver 207.173.86.2 search simdom simrad.com ------------------------- traceroute to the DNS server from BSD box: 1 157.237.65.245 (157.237.65.245) 1.332 ms 1.224 ms 1.190 ms 2 157.237.65.245 (157.237.65.245) 1.473 ms !H 1.486 ms !H * It appears that either, one, the router has outbound traceroute blocked or two, it simply does not work. I can traceroute out through our other router. Even the IIS box cannot tracert, but can ping, anything outside. -------------------- tracert from NT workstation to the BSD box: Tracing route to simrad_4 [157.237.65.249] over a maximum of 30 hops: 1 <10 ms <10 ms <10 ms SIMRAD_4 [157.237.65.249] Trace complete. ------------------------- ping from a NT workstation to the bsd box: Pinging 157.237.65.249 with 32 bytes of data: Reply from 157.237.65.249: bytes=32 time<10ms TTL=255 Reply from 157.237.65.249: bytes=32 time<10ms TTL=255 Reply from 157.237.65.249: bytes=32 time<10ms TTL=255 Reply from 157.237.65.249: bytes=32 time<10ms TTL=255 ---------------------------------------------- The IIS box and the BSD box both point to the same DNS servers and the the same default gateway, are both on the same network. Other servers and workstations use a differant router and gateway, which is working fine. The router in question is a Cisco 2610, which we have found to be rather unreliable, having to power-cyle it at least once a month. We don't have the know-how to get into it and mess with the settings, that's done by an outside contractor. Hopefully, that info will help... Regards, Chip Wiegand Computer Services www.simradusa.com chip.wiegand@simrad.com Simrad, Inc Lynnwood, WA 425-712-1138 "There is no reason anyone would want a computer in their home." --Ken Olson, president, chairman and founder of Digital Equipment Corp., 1977 (-- Then why do I have nine? Somebody help me!) Ryan Thompson <ryan@sasknow.com> on 06/04/2001 09:22:39 PM Internet mail from: To: Chip Wiegand cc: freebsd-questions@FreeBSD.ORG Subject: Re: Strange network connectivity problem chip.wiegand@simrad.com wrote to freebsd-questions@FreeBSD.ORG: > > > I have a router between internet and two machines, one IIS and one > FBSD. Saturday we had to power down everything for the PUD to shutdown > our power for the day to hook up the new building next door. Sunday I > powered up everything and all appeared to be fine. I even downloaded > FBSD4.3 on the BSD box. Did you test FreeBSD 4.3 in the old setup? Sounds like a misconfiguration there. Can you restore your old setup? > Today, Monday, I am not able to connect to any address outside the > router, from the BSD box only. The IIS machine has no > problem. > I can ping any ip address inside the network, all 3 addresses on the router, but > nothing outside the router. > I have samba, apache and telnet running on the BSD box, yet they > will not respond > from to requests from inside the network. Top shows all three are indeed > running. > I rebooted the BSD box, and sendmail hung on loading, This happens because DNS is not working--can you resolve names from the FreeBSD machine? Is your nameserver internal, or are you using a nameserver that is beyond the router? Read below. > it eventually allowed the boot to finish, but it also does not respond > to a request to send a message. On the BSD box I can ping the inside > network by ip address, not name. This leads me to think it is a DNS > problem, yet the IIS box points to the same DNS and has no problem > with this. I checked resolv.conf and rc.conf, they have the same > settings as the IIS box. Right, but if you can't connect to the DNS server through IP (see above comment) DNS won't work on the FreeBSD machine. Without knowing more, I'd say the DNS trouble is just a side effect of your connectivity problem. > I am at a loss as to what to check next. I don't understand why > whatever is preventing the access to the outside world is also > preventing access to apache and samba shares from inside the network. > Let me know what specific bits of info are needed to try to > troubleshoot this. Reply to the address below. Try some of the old standbys... Send us the output netstat -rn ifconfig -a And traceroutes to and from that machine from various points outside and inside your network. It would be most helpful if you don't try to "hide" the real IP addresses, so we can see if you've got any problems with subnetting, private addresses, etc. > > Regards, > > Chip Wiegand > Computer Services > www.simradusa.com > chip.wiegand@simrad.com > Simrad, Inc > Lynnwood, WA > 425-712-1138 > > "There is no reason anyone would want a computer in their home." > --Ken Olson, president, chairman and founder of Digital Equipment Corp., 1977 > (-- Then why do I have nine? Somebody help me!) > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > -- Ryan Thompson <ryan@sasknow.com> Network Administrator, Accounts SaskNow Technologies - http://www.sasknow.com #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2 Tel: 306-664-3600 Fax: 306-664-1161 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?GLEOKLAKEIBLAAKKFHEIAEFICEAA.ericr>