[Wlug] Routing problem -can I believe the ISP tech? #2
Richard Goodman
dick@goodman1.net
Sat, 2 Nov 2002 21:05:22 -0500
My apologies for the HTML, it was not intentional. I was trying to
make part of the email more (not less) readable. I've changed options
so hopefully it will never happen again.
========
I just brought up my fourth RH7.3 server Friday afternoon (one of two
RH7.0 servers that had been hacked-new hard drive and software). I
then went home and spent a couple of hours connected to it with ssh
on a workstation connected to my home RH7.3 server.
When I went to rerun a slightly modified (open ports for ftp and
internal dhcp twiddling) ipchains firewall I lost the connection,
and, more than 16 hours later, don't have it back.
Other relevant details. (let's call the servers Home and EFO)
Home was the other hacked server, and was formatted and rebuilt last weekend.
Home and EFO are on the same ISP and each has a block of 4 static
IPs. The blocks share the first 18 bits of their IP#s.
Home could connect to EFO last night
Home now cannot connect to EFO via ssh, or access its web site. Pings
are disabled on all my servers - so I can't do that test.
EFO network workstations can browse the web; I can ping out from the
EFO linux box or workstations, and can ping EFO's Cisco 678 router
from its Linux box
EFO workstations cannot access Home websites (but I had not tried
this before since rebuilding EFO Linux box
Home Cisco 678 cannot be pinged from Home Linux box (!) or EFO (Linux
or workstation), but can be pinged from my office (Linux box on other
ISP). >From my office workstation I can also ssh to EFO and access
EFO website (which in fact I uploaded to the new server from my
office today). Does this discount the possibility of a firewall issue?
I spent countless hours talking to the ISP (Qwest) tech support, and
over an hour with a senior tech who had some Linux knowledge, and he
claims that it must be a configuration issue on one or both of my
Home and EFO Linux boxes, since:
He can login to both my Cisco routers and ping the other router -
he claims this proves its not a Qwest routing problem.
If he's right I'm still puzzled by two things:
a) Why could I connect from Home to EFO for two hours last night, no problems?
b) Why can't the Home Linux box ping the Cisco 678 directly connected to it?
I knew nothing about routing before today - here's the Home routing table:
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
xxx.yyy.28.48 0.0.0.0 255.255.255.248 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 xxx.yyy.28.54 0.0.0.0 UG 0 0 0 eth0
I tried the following but still could not access EFO (added just the
EFO IP#, not the network block:
#route add -host xxx.yyy.26.57 dev eth0
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
xxx.yyy.26.57 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
xxx.yyy.28.48 0.0.0.0 255.255.255.248 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 xxx.yyy.28.54 0.0.0.0 UG 0 0 0 eth0
Is this enough if to decide if the tech is right or crazy? Any
suggestions - I still can't access Home from/to EFO.
Dick