Hi My vyatta architecture is
Now my eth0 is forwarding packets from eth0 to vlans by masquerading for internet access. Now some of the packets are getting wrongly forwarded to other vlans, for example look at this log *Quote:* Mar 6 23:59:47 localhost kernel: [vLAN20_Inbound 20 accept] IN= eth1.20 OUT=eth0 SRC=192.168.20.47 DST=69.67.52.37 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=29130 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=36353 Mar 6 23:59:47 localhost kernel: [OUTBOUND 1 accept] IN=eth0 OUT=eth1.20SRC= 69.67.52.37 DST=192.168.20.47 LEN=60 TOS=0x00 PREC=0x00 TTL=112 ID=9007 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=36353 Mar 6 23:59:48 localhost kernel: [vLAN30_Inbound 100 drop] IN=eth1.30OUT=eth0 SRC= 192.168.20.47 DST=69.67.52.37 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=29132 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=36609 Mar 6 23:59:53 localhost kernel: [vLAN40_InBound 100 drop] IN=eth1.40OUT=eth0 SRC= 192.168.20.47 DST=69.67.52.37 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=29138 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=36865 Mar 6 23:59:58 localhost kernel: [vLAN20_Inbound 20 accept] IN=eth1.20OUT=eth0 SRC= 192.168.20.47 DST=69.67.52.37 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=29183 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=37121 Mar 6 23:59:59 localhost kernel: [OUTBOUND 1 accept] IN=eth0 OUT=eth1.20SRC= 69.67.52.37 DST=192.168.20.47 LEN=60 TOS=0x00 PREC=0x00 TTL=112 ID=9069 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=37121 and again here *Quote:* Mar 7 00:00:20 localhost kernel: [vLAN20_Inbound 20 accept] IN= eth1.20 OUT=eth0 SRC=192.168.20.47 DST=69.67.52.37 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=29318 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=42753 Mar 7 00:00:21 localhost kernel: [OUTBOUND 1 accept] IN=eth0 OUT=eth1.20SRC= 69.67.52.37 DST=192.168.20.47 LEN=60 TOS=0x00 PREC=0x00 TTL=112 ID=9207 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=42753 Mar 7 00:00:21 localhost kernel: [vLAN30_Inbound 100 drop] IN=eth1.30OUT=eth0 SRC= 192.168.20.47 DST=69.67.52.37 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=29322 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=43009 Mar 7 00:00:27 localhost kernel: [vLAN20_Inbound 20 accept] IN=eth1.20OUT=eth0 SRC= 192.168.20.47 DST=69.67.52.37 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=29325 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=43265 Mar 7 00:00:27 localhost kernel: [OUTBOUND 1 accept] IN=eth0 OUT=eth1.20SRC= 69.67.52.37 DST=192.168.20.47 LEN=60 TOS=0x00 PREC=0x00 TTL=112 ID=9240 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=43265 The packets are arriving at vLAN40 vLAN30 which indeed should have arrived to vLAN 20. So I think there is some sort of forwarding problem from eth0 to vLANs. Can someone tell me how to debug more into vyatta to find why is it happening or give me some pointers please. a new find when I issued arp -a from vyatta system bash prompt it gave me this output *Quote:* vyatta:~# arp -a ? (192.168.40.41) at 00:13:20:26:0B:C3 [ether] on eth1.20 ? (192.168.20.47) at 00:13:20:22:6A:43 [ether] on eth1.20 ? (192.168.40.41) at 00:13:20:26:0B:C3 [ether] on eth1.30 ? (202.xxx.yyy.zzz) at 00:A0:12:17:8F:00 [ether] on eth0 ? (192.168.40.41) at 00:13:20:26:0B:C3 [ether] on eth1.40 where 202.xxx.yyy.zzz is my public ip. Now I went to vyatta webgui and typed "show arp" it gave me this output *Quote:* MAC Address IP Address State Interface ----------- ---------- ----- --------- 00:13:20:22:6A:43 192.168.20.47 reach eth1.20 00:A0:12:17:8F:00 202.53.13.73 reach eth0 00:13:20:26:0B:C3 192.168.40.41 reach eth1.40 Now again i went back to vyatta bash prompt to check arp -a and this was the output *Quote:* vyatta:~# arp -a ? (192.168.20.47) at 00:13:20:22:6A:43 [ether] on eth1.20 ? (202.xxx.yyy.zzz) at 00:A0:12:17:8F:00 [ether] on eth0 ? (192.168.40.41) at 00:13:20:26:0B:C3 [ether] on eth1.40 so its kind of clear that a routing problem exist isn't it? and there is no /etc/ethers file
_______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
