On Tue, 17 Dec 2002, at 9:08am, [EMAIL PROTECTED] wrote:
> Right, I agree with that. My point was that it is not obvious that this
> is stupid, given that Linux is the only OS which allows for *multiple*
> default routes!
Forget about the "default" part entirely. You had a route programmed to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Content-Type: text/plain; charset=us-ascii
[EMAIL PROTECTED] writes:
> Possibly, that's the conclusion I'm leaning towards. However, let's
> assume 'T' did exist. So what? IMO, the icmp packets should never have
> gone to 'T' anyway. Shouldn't
mike ledoux said:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>On Tue, Dec 17, 2002 at 09:08:18AM -0500, [EMAIL PROTECTED] wrote:
>> [2] 'vgrep' is a term coined by Tom Buskey while we worked
>> together in reference to the fact that I'm quite prone
>> to completely miss that wh
In a message dated: Tue, 17 Dec 2002 09:33:55 EST
Bob Bell said:
>> However, let's assume 'T' did exist. So what? IMO, the icmp packets
>> should never have gone to 'T' anyway. Shouldn't have gone back out
>> the interface they came in on?
>
>I was going to reply, but I think Ben already a
On Tue, Dec 17, 2002 at 09:08:18AM -0500, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> In a message dated: Mon, 16 Dec 2002 20:50:31 EST
> [EMAIL PROTECTED] said:
> > This is just a guess, but the timeout on ARP is 20 seconds, IIRC.
>
> Interesting. I didn't know that!
Actually, I think t
In a message dated: Mon, 16 Dec 2002 20:50:31 EST
[EMAIL PROTECTED] said:
>On Mon, 16 Dec 2002, at 2:58pm, [EMAIL PROTECTED] wrote:
>> While I'm inclined to agree, the question I'm still trying to answer is,
>> why did work fine on some systems and not on others.
>
> Paul, you and I both know th
On Mon, 16 Dec 2002, at 2:58pm, [EMAIL PROTECTED] wrote:
> While I'm inclined to agree, the question I'm still trying to answer is,
> why did work fine on some systems and not on others.
Paul, you and I both know that computers have enough trouble working when
everything is configured right. Wh
In a message dated: Mon, 16 Dec 2002 14:44:56 EST
Derek Martin said:
>On Mon, Dec 16, 2002 at 10:46:00AM -0500, [EMAIL PROTECTED] wrote:
>> > In particular, what is T?
>>
>> T doesn't actually exist.
>
>U. Yeah, that would be a case where having multiple
>default routes is wrong. =
One more thing...
On Mon, 16 Dec 2002, at 10:46am, [EMAIL PROTECTED] wrote:
>> Second: That diagram is incomplete. It does not give networks (although I
>> can infer most of it), and at least one key gateway has been left out.
>
> Not really...
Oh, yes it was. Unfortunately, the gateway w
On Mon, 16 Dec 2002, at 10:46am, [EMAIL PROTECTED] wrote:
>> In particular, what is T?
>
> T doesn't actually exist.
Paul, I'm going to kill you. :-) You've got a route programmed for a
gateway that doesn't exist, and you wonder why you're having network
problems! Arggghh! :-)
*bonk*
In a message dated: Fri, 13 Dec 2002 19:41:16 EST
[EMAIL PROTECTED] said:
> Second: That diagram is incomplete. It does not give networks (although I
>can infer most of it), and at least one key gateway has been left out.
Not really...
> Is the above analysis accurate?
Close...
> In partic
On Sun, 15 Dec 2002, at 1:09pm, [EMAIL PROTECTED] wrote:
>> *Nothing* anyone ever says is universally true, Derek.
>
> Including this statement, I wonder? (-:
"This statement is false."
:-)
--
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the auth
On Sun, 15 Dec 2002, at 12:45am, [EMAIL PROTECTED] wrote:
>> Did you read my post? **There is nothing special about a default
>> route.** It is simply a route that matches all packets.
>
> Did you read mine? I never said they weren't... All I said is that
> /historically/, hosts did not play
[EMAIL PROTECTED] writes:
> *Nothing* anyone ever says is universally true, Derek.
Including this statement, I wonder? (-:
--kevin
--
"All Cretans are liars."
--Epimanides the Cretan
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http:
On Sat, 14 Dec 2002, at 1:26pm, [EMAIL PROTECTED] wrote:
> While true, historically this feature of IP has been provided by routers.
> it has not been the case with host routing. That feature in hosts is
> reletively new. In the case of most host IP stacks, only the first
> default route is ever
Okay, I'm coming into this discussion late, but this thread desperately
needs a clue-injection...
There is nothing wrong with having multiple default routes. Not only do
they work just fine under every version of Linux I've tried them with
(including Red Hat 5.mumble, 6.2 and 7.3), they also
On Thu, 12 Dec 2002, at 3:46pm, [EMAIL PROTECTED] wrote:
> ---
> | |C'
> -| C |-
> ---__/ | | \
> | | { } /
In a message dated: Thu, 12 Dec 2002 16:12:26 EST
Marc Evans said:
>I use multiple default gateways on many 2.4.x linux systems. They work
>fine, and provide decent failover when routers go down for whatever
>reason. You may find it useful to contrast that with "ip route show" to
>see more detail
Derek Martin <[EMAIL PROTECTED]> writes:
> Oh, come on Kevin, lots of systems let you do lots of things that
> aren't legal...
Multiple default routes are legal, and I still think that it is
reasonable to expect that if these were in fact illegal that the code
that maintains the routing table
A system with multiple default routes typically works as follows: if
the routing code is presented with an IP datagram that is not
applicable to any other entry in the route table, then the default
routes are used, typically in a round-robin manner.
Multiple default routes are sometimes useful (
> I agree with JABR that this is not a good default configuration,
> even if it does work now. You shouldn't have multiple default
> routes unless you KNOW it will work. If the second network is a
> private network that does not route to the Internet, then having
> a default route that goes the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Content-Type: text/plain; charset=us-ascii
[EMAIL PROTECTED] writes:
> Traditionally, yes. However, Linux done gone and gotten smarter on us and
> creates a default route for each interface. This has been default
> behavior for some time, and I'v
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Content-Type: text/plain; charset=us-ascii
[EMAIL PROTECTED] writes:
> >Are those multiple default routes,
>
> Yes,
>
> >which would be b0rken?
>
> Not under Linux, at least IME with multi-homed systems.
You may have seen systems like that, and n
I use multiple default gateways on many 2.4.x linux systems. They work
fine, and provide decent failover when routers go down for whatever
reason. You may find it useful to contrast that with "ip route show" to
see more details about the routing rules though.
- Marc
On Thu, 12 Dec 2002, Derek Mar
Smells like iptables or ipchains then. The ssh -v -v -v combined with
tcpdump should provide a pretty good answer for you.
- Marc
On Thu, 12 Dec 2002 [EMAIL PROTECTED] wrote:
>
> In a message dated: Thu, 12 Dec 2002 15:22:03 EST
> Kevin D. Clark said:
>
> >Can you just humor us and run "ipchains
In a message dated: Thu, 12 Dec 2002 15:41:00 EST
Michael O'Donnell said:
Dude, you have two default gateways. This is almost always
a problem on Linux boxen, IME. Lose one of them.
>>
>>This is standard when you have 2 interfaces. All my boxes are
>>configured similarly, but this o
In a message dated: Thu, 12 Dec 2002 15:31:30 EST
Michael O'Donnell said:
>> 0.0.0.0 10.241.38.1 0.0.0.0 UG 40 0 0 eth1
>> 0.0.0.0 192.168.10.10.0.0.0 UG 40 0 0 eth0
>
>Are those multiple default routes,
Yes,
>which would be
In a message dated: Thu, 12 Dec 2002 15:32:11 EST
Derek Martin said:
>Please try removing one of them. You may need to add a static route
>to the other network. I have seen this cause problems on more than
>one occasion. Removing the extra default route always fixed the
>problem.
I have, it d
In a message dated: Thu, 12 Dec 2002 15:22:03 EST
Kevin D. Clark said:
>Can you just humor us and run "ipchains --flush" on the system that
>won't respond to pings/ssh connections -- and then try again. (or do
>whatever you have to do to ensure that the target machine isn't
>configured to discar
In a message dated: 12 Dec 2002 15:01:05 EST
Ed Robbins said:
>Paul,
>
>Can you draw a rough diagram of the layout. In your original post you
>refer to them as SystemA, SystemB and SystemC. I find it helpful, to
>know the layout with the addresses.
>Where does 10.241.38.2 come into play? Is
>>> Dude, you have two default gateways. This is almost always
>>> a problem on Linux boxen, IME. Lose one of them.
>
>This is standard when you have 2 interfaces. All my boxes are
>configured similarly, but this one is the one exhibiting problems.
Hmmm. I thought the whole point of a "def
> 0.0.0.0 10.241.38.1 0.0.0.0 UG 40 0 0 eth1
> 0.0.0.0 192.168.10.10.0.0.0 UG 40 0 0 eth0
Are those multiple default routes, which would be b0rken?
___
gnhlug-discuss mailing list
[
In a message dated: Thu, 12 Dec 2002 15:19:31 EST
Marc Evans said:
>I have seen that happen when a Cisco has packet filters turned on and is
>blocking your ssh attempt.
Unfortunately I don't think it's that easy, since I can ssh to/from
other boxes on this subnet. Additionally, once this syste
In a message dated: Thu, 12 Dec 2002 14:52:32 EST
Derek Martin said:
>> Dude, you have two default gateways. This is almost always a problem
>> on Linux boxen, IME. Lose one of them.
This is standard when you have 2 interfaces. All my boxes are
configured similarly, but this one is the one e
Can you just humor us and run "ipchains --flush" on the system that
won't respond to pings/ssh connections -- and then try again. (or do
whatever you have to do to ensure that the target machine isn't
configured to discard packets). Doing this on the source machine
would be nice too, just for th
I have seen that happen when a Cisco has packet filters turned on and is
blocking your ssh attempt.
- Marc
On Thu, 12 Dec 2002 [EMAIL PROTECTED] wrote:
>
> Does this make sense to *anyone*?
>
> This information is from a system currently not responding to pings
> (as described previously in the
Paul,
Can you draw a rough diagram of the layout. In your original post you
refer to them as SystemA, SystemB and SystemC. I find it helpful, to
know the layout with the addresses.
Where does 10.241.38.2 come into play? Is that another multi-homed box
with an interface on the 168.159.36 netw
Does this make sense to *anyone*?
This information is from a system currently not responding to pings
(as described previously in the thread).
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:D0:A8:00:D6:DE
inet addr:192.168.10.11 Bcast:192.168.10.255 Mask:255.255.255.0
Derek Martin <[EMAIL PROTECTED]> writes:
> tcpdump puts the interface in promiscuous mode.
Not necessarily. This is a configurable option.
(however, even if you don't open the interface in promiscuous mode, it
might be in promiscuous mode for other reasons).
Regards,
--kevin
--
Kevin D. Cla
In a message dated: Wed, 27 Nov 2002 12:02:48 EST
Derek Martin said:
>tcpdump puts the interface in promiscuous mode. It doesn't care what
>it's IP address is, or if it even has one...
Duh! (as I smack my head) I should have realized that :)
Thanks for the dope slap!
>Of course, if the sy
In a message dated: Tue, 26 Nov 2002 21:50:56 EST
[EMAIL PROTECTED] said:
>On Tue, 26 Nov 2002, at 8:23am, [EMAIL PROTECTED] wrote:
>>> Is the system multi-homed? If so, is there any chance it is sending the
>>> packets out the wrong interface?
>>
>> Yes it is multi-homed, that's how I ssh to i
On Tue, 26 Nov 2002, at 8:23am, [EMAIL PROTECTED] wrote:
>> Is the system multi-homed? If so, is there any chance it is sending the
>> packets out the wrong interface?
>
> Yes it is multi-homed, that's how I ssh to it. I ssh to systemB on
> it's external interface, then to C on the internal int
In a message dated: Mon, 25 Nov 2002 22:09:35 EST
[EMAIL PROTECTED] said:
>On Mon, 25 Nov 2002, at 3:29pm, [EMAIL PROTECTED] wrote:
>> However, by ssh'ing to systemB, and from there to systemC, I run 'tcpdump
>> -i eth1 icmp' and I can see that systemC *is* in fact receiving the "icmp
>> echo req
On Mon, 25 Nov 2002, at 3:29pm, [EMAIL PROTECTED] wrote:
> However, by ssh'ing to systemB, and from there to systemC, I run 'tcpdump
> -i eth1 icmp' and I can see that systemC *is* in fact receiving the "icmp
> echo request" packets. systemC just isn't replying to them!
That is significant.
In a message dated: Mon, 25 Nov 2002 16:16:12 EST
Dan Coutu said:
>So we need to examine the possibility that System C doesn't know how to
>reach System A even though A does know how to reach C. I'd check netmasks
>on all the systems involved. If I am remembering right you're going from a
>Cla
[EMAIL PROTECTED] wrote:
In a message dated: Mon, 25 Nov 2002 16:10:41 EST
"Ken D'Ambrosio" said:
I shouldn't be an ARP issue -- if it were, then the other machine sending
pings wouldn't work. Namely:
Keep in mind. The pinging machine, systemA *cannot* ping systemC,
but *can* ping system
In a message dated: Mon, 25 Nov 2002 16:10:41 EST
"Ken D'Ambrosio" said:
>I shouldn't be an ARP issue -- if it were, then the other machine sending
>pings wouldn't work. Namely:
Keep in mind. The pinging machine, systemA *cannot* ping systemC,
but *can* ping systemB. B and C are on the same
I shouldn't be an ARP issue -- if it were, then the other machine sending
pings wouldn't work. Namely:
- If it were an ARP issue on the primary pinging machine, then that would
infer the something kaput with the default router's MAC -- since that's
the only MAC that would matter in this scena
In a message dated: Mon, 25 Nov 2002 10:22:24 EST
Marc Evans said:
>When I have seen these in the past, I have usually found them to be caused
>by an ARP issue. Try flushing the arp cache on the systems involved and
>then retry you experiment.
The arp tables are usually empty when this occurs.
In a message dated: Mon, 25 Nov 2002 10:02:11 EST
Kevin D. Clark said:
systemA 192.168.10.10
systemB 10.241.38.11
systemC 10.241.38.16
>Can you ping "A" from "C"?
I can ping from/to
systemA <-> systemB
systemB <-> systemC
but NOT systemA<->systemC.
Whe
When I have seen these in the past, I have usually found them to be caused
by an ARP issue. Try flushing the arp cache on the systems involved and
then retry you experiment. If that doesn't work, look at all routers on
the network to insure that proxy-arp is disabled.
- Marc
On Mon, 25 Nov 2002 [
[EMAIL PROTECTED] writes:
> Hi all,
>
> I have a very bizarre problem going on here. I have a system
A
> on a
> different subnet. From my desktop, I ping the system
B
> and get no
> response.
>
> I ssh to another system
C
> on the same subnet, and can ping that system.
Can you ping
Hi all,
I have a very bizarre problem going on here. I have a system on a
different subnet. From my desktop, I ping the system and get no
response.
I ssh to another system on the same subnet, and can ping that system.
Additionally, I can ssh to that system from the system on the same
subne
53 matches
Mail list logo
