In case anyone cares, and I appreciate Pierre Fortin and Scott Taylors
suggestions in troubleshooting this, but I thought i would post what the
problem actually was.
Original problem was i couldn't ping all IP's of my work computers from home.
I thought this possibly a mandrake issue since I didn't have a problem with
any of my windows machines. But it wasn't.
I inheritted a network to administer and have had to troubleshoot problems on
top of problems. I found first a bad port on a hub. I replaced this with a
switch. That got my main MDK box pingable. I tried MDK 7.2, 8.0, OpenBSD, two
different kinds of NICs on 3 different machines. And nothing improved. Then I
replaced two old managable switches with new switches. That got my entire
network pingable remotely (strange that it always worked internally.) .
The manageable switches had databases of MAC address that it could not clear
and would not find new hardware attached to any ports. Thats why the existing
Windows machines would work I suppose.
Anyway, i learned alot and thought i would share. I could only test at home
and as the problems were intermittent I got a lot of false positives. Maybe
now I can get some sleep before the next problem arrises ;)
-Brian
On Friday 08 June 2001 10:20, Pierre Fortin wrote:
> brian wrote:
> > I have a bizarre problem that I hope someone may be able to give me a
> > clue in the right direction to solve.
> >
> > Setup:
> >
> > Work:
> > I have 3 Linux-MDK8.0 PC's on my desk at work. All connected to same
> > switch. A,B,C all have public static IP's can all ping each other and ssh
> > into each other.
> >
> > Home:
> > I have a 4th MDK8.0 computer, "D", at home with a publc static IP
> > over an ADSL connection.
> >
> > Symptom:
> >
> > A,B,C can all ping and ssh into D.
> > When I go home, D can not ping A,B,or C.
> >
> > Bizarre:
> > If I leave a ping running from home for about 1.5 hours, A,B,C start
> > responding to my pings. If I close all ssh sessions and stop pinging for
> > approx 1 hour, and then try to ping from D again, the pings fail.
> > If I get one of A,B,C to respond from D, I can ssh into it from D, then
> > ssh to another computer of A,B,C, and then it will start responding to
> > pings as well.
> >
> > Details:
> > PC "A" is a Dell machine i bought and put Win2k/Linux on.
> > PC's "B" and "C" are machines I built myself and have identical hardware.
> > As I always customize the install, they have slightly different software
> > loaded. They are running only Linux.
> > PC "D" I built myself and is different than the other computers. It is
> > dual boot Win2k/Linux.
> >
> > Troubleshooting:
> > I replaced the existing Hub when the problem started with a new switch.
> >
> > >From D, I can ping 2 different Windows 2000 computers connected to the
> > > same
> >
> > switch in my office.
> > Port Sentry was initially disabling me so I removed it from all
> > computers. I want the problem to go away before I start more on security.
> > I cleared all /etc/hosts.allow /etc/hosts.deny entries.
> > I can't find any logs that show my pings being blocked, but I admit not
> > knowing everywhere to look.
> > I formatted/reinstalled Linux on all 3 computers at work.
> > I can telnet from home into an old Sparcstation at the switch at work and
> > ping A,B,C from it.
> > I've replaced all network cables at work with brand new ones. I know they
> > work because I can access the internet from A,B,C.
> > I've verified that A,B,C won't respond from an another external location
> > besides my home.
> >
> > Help! I have to get these working. B,C will be web/email servers that
> > won't be much good if I can't ping them from outside my office.
> >
> > Thanks to anyone who can help!
> >
> > -Brian
>
> Sounds like you may have a [corporate] firewall between home & office.
> There may be a problem with the firewall, or an intermittent alternate path
> around the firewall.
>
> Assuming the number of hops between [A,B,C] and D is less than 9, you can
> try "ping -R"** from D and when the replies start coming in, see if the
> recorded routing information is as expected... Also, compare the responses
> to see if you are getting different routing on the individual pings.
>
> ** won't work through a LinkSys
>
> Note... traceroute is not the same... it tries to discover a path from X
> to Y by probing 1-hop deeper on each attempt; but may not discover all the
> alternate paths which may exist, or find intermittent paths. "ping -R"
> records the path (outbound interfaces) it really took as a packet "to" and
> the reply "from" which may be different paths since routing is not
> guaranteed to be symmetrical.
>
> HTH,
> Pierre
