1. "can no longer see" is a metaphor, not a description. How are you testing connectivity and how is the test actually failing?
2. The network address 208.190.192.0 is consistent with a 20-bit netmask, which places the divide between network portion and host portion halfway through the third byte of the address. With a /20 netmask, the rightmost 12 bits of the IP address are all 0; in the address 208.190.192.64, the 7th bit from the right would be 1. 3. But might you really be needing a /28 netmask, with network address 208.190.204.64? /28 netmasks are far more common that /20s, unless you are an ISP, and your broascast address *almost* makes sense for /28 but is wildly wrong for /20 (the "almost" is because you use eth0_BROADCAST=208.190.204.78, and the right broadcast for 208.190.204.64/28 is 208.190.204.79 ... normal broadcast addresses ALWAYS end in an odd number). [Another possibility is /29, with broadcast address 208.190.204.71 ... upgraded DSL service commonly uses this setup, giving the customer 5 IPs in the "real" address space, the sizth being the gateway at the ISP end). 4. To diagonse the problem more systematically, you need to look at the usual things (look for the HowTo for an overview of this part). Since the routing table looks OK (well, the /20 is a bit implausible, but it shouldn't cause the sort of problem you report .. though I can't even guess how the router is actually picking a broadcast address to use, and a bad one may be causing your ftp server to miss arp requests), the interfaces themselves are presumably configured, and (I'll assume) you made no changes to the physical setup or to the configurations of the various clients ... the next place to look is in the firewall ruleset. Check the ruleset itself with "ipchains -nvL", and check the logs for any DENYd packetws to or from the Web server's address. That's only if you still have a problem after you sort out the netmask/broadcast problems. At 06:00 PM 5/6/02 -0400, Bill Hults wrote: >Hi >In upgrading to the latest version Dachstein CD I find that I can no >longer access hosts on the same subnet as the external NIC in the >firewall. I was using a previous version before and did not have this >problem. I have a web server and ftp server at 208.190.204.66 which I >can no longer see from inside my 192. network set to use this box as >it's default gateway. > >The network.config file snippet - > >eth0_IPADDR=208.190.204.67 >eth0_MASKLEN=20 >eth0_BROADCAST=208.190.204.78 >eth0_DEFAULT_GW=208.190.204.65 >eth0_IP_EXTRA_ADDRS="208.190.204.69/20 208.190.204.70/20" >eth0_IP_SPOOF=YES >eth0_IP_KRNL_LOGMARTIANS=YES >eth0_IP_SHARED_MEDIA=NO >eth0_BRIDGE=NO >eth0_PROXY_ARP=NO >eth0_FAIRQ=NO > >produces a routing table that looks like this - > >border: -root- ># ip route >192.168.2.0/24 dev eth1 proto kernel scope link src 192.168.2.1 >192.168.1.0/24 dev eth2 proto kernel scope link src 192.168.1.254 >208.190.192.0/20 dev eth0 proto kernel scope link src 208.190.204.67 >default via 207.190.204.65 dev eth0 > >I do not understand the third line as it seems to point to a different >network completely. I would have expected 208.190.192.64/20 instead of >208.190.192..0/20. > >TIA >Bill > > > >_______________________________________________________________ > >Have big pipes? SourceForge.net is looking for download mirrors. We supply >the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] > >------------------------------------------------------------------------ >leaf-user mailing list: [EMAIL PROTECTED] >https://lists.sourceforge.net/lists/listinfo/leaf-user >SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > -- ------------------------------------"Never tell me the odds!"--- Ray Olszewski -- Han Solo Palo Alto, CA [EMAIL PROTECTED] ---------------------------------------------------------------- _______________________________________________________________ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
