| View previous topic :: View next topic |
| Author |
Message |
kash04
n00b
Joined: 08 Nov 2005
Posts: 5
Location: Houston
|
 Posted: Wed Nov 01, 2006 4:40 am Post subject: [solved] Multi Network Gentoo box |
 |
|
i have 2 boxes (aries) (iris) i can ssh in though eth0 ( att t1 line) but not though att dsl line i used to be able to ssh in though att dsl lines before we got the t1 but it was just one Ethernet interface that was setup
aries routing table
| Code: |
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
206.189.99.96 * 255.255.255.224 U 0 0 0 eth0
192.168.2.0 * 255.255.255.0 U 1 0 0 eth1
loopback * 255.0.0.0 U 0 0 0 lo
default 209.198.99.97 0.0.0.0 UG 0 0 0 eth0
default 192.168.2.1 0.0.0.0 UG 1 0 0 eth1
|
aries /etc/conf.d/net
| Code: |
config_eth0=( "206.189.99.98 netmask 255.255.255.224" )
routes_eth0=( "default via 206.189.99.97" )
dns_domain_eth0="fastnet.core-hou.sbc.com"
dns_search_eth0="fastnet.core-hou.sbc.com core-hou.sbc.com"
dns_search_domains_eth0="fastnet.core-hou.sbc.com core-hou.sbc.com"
dns_servers_eth0=" 68.94.156.1 68.94.157.1 "
config_eth1=( "dhcp" )
dhcp_eth1="nodns nontp nonis"
dns_domain_eth1="core-hou.sbc.com"
dns_search_eth1="core-hou.sbc.com"
dns_search_domains_eth1="core-hou.sbc.com"
dns_servers_eth1=" 68.94.156.1 68.94.157.1 "
|
iris routing table
| Code: |
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
68.94.156.240 0.0.0.0 255.255.255.248 U 0 0 0 eth1
206.189.99.96 0.0.0.0 255.255.255.224 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 209.189.99.97 0.0.0.0 UG 0 0 0 eth0
0.0.0.0 68.94.156.246 0.0.0.0 UG 1 0 0 eth1
|
iris /etc/conf.d/net
| Code: |
config_eth0=( "209.189.99.98 netmask 255.255.255.224" )
routes_eth0=("default via 209.189.99.97")
dns_domain_eth0="fastnet.core-hou.sbc.com"
dns_search_eth0="fastnet.core-hou.sbc.com core-hou.sbc.com"
dns_search_domains_eth0="fastnet.core-hou.sbc.com core-hou.sbc.com"
dns_servers_eth0=" 68.94.156.1 68.94.157.1 "
config_eth1=( "68.94.156.243 netmask 255.255.255.248" )
routes_eth1=("default via 68.94.156.246")
dns_domain_eth1="core-hou.sbc.com"
dns_search_eth1="core-hou.sbc.com"
dns_search_domains_eth1="core-hou.sbc.com"
dns_servers_eth1=" 68.94.156.1 68.94.157.1 "
|
linked is a picture to network setup
http://sirius.securedlabs.com/~akash/Drawing1.jpg
i cant access any services though the dsl network anymore 
ssh/web anything asterisk
on both computers /etc/init.d/net.eth0 and /etc/init.d/net.eth1 start and apache, bind, asterisk, ssh all start but can only be accessed though fast net interfaces
Last edited by kash04 on Mon Nov 06, 2006 2:14 am; edited 1 time in total |
|
| Back to top |
|
 |
PMcCauley
Apprentice
Joined: 14 Mar 2006
Posts: 283
Location: Alberta, Canada
|
| Posted: Wed Nov 01, 2006 6:46 am Post subject: |
|
|
Try removing the gateway from the lan side, that will probably do the trick. If you want to do multi route(multihoming) you need to do some route setup try googling it. I read the post kinda quickly so this may not answer and I am kinda in the middle of something now. If you cannot ssh from one box to another, can you ping it? Maybe run nmap to see open ports and tcpdump or wireshark or similar packet monitor to view traffic.
Patrick |
|
| Back to top |
|
|
kash04
n00b
Joined: 08 Nov 2005
Posts: 5
Location: Houston
|
| Posted: Wed Nov 01, 2006 2:45 pm Post subject: |
|
|
| there is no "lan" side to these computers, both of them are connected to the internet i just would like to ssh to each computer via two ip addresses it seems all traffic though the dsl interface has ceased since we added the fastnet interface |
|
| Back to top |
|
|
Utoxin
Guru
Joined: 19 Apr 2002
Posts: 413
Location: American Fork, UT
|
| Posted: Wed Nov 01, 2006 5:21 pm Post subject: |
|
|
I do almost this exact thing. I have a server with two NICs, and two blocks of IPs. Here's my config, hope it helps.
Note that this requires iproute2, and ip policy routing enabled in the kernel.
Edit: Oops. Had some bad search and replaces in my first version of the config. 
| Code: | config_eth0=(
"yyy.yyy.yyy.{130..254}/25"
)
routes_eth0=(
"yyy.yyy.yyy.128/25 dev eth0 src yyy.yyy.yyy.130 table T1"
"default via yyy.yyy.yyy.129 table T1"
"default via yyy.yyy.yyy.129"
)
rules_eth0=(
"from yyy.yyy.yyy.128/25 table T1"
)
routes_eth1=(
"xxx.xxx.xxx.64/26 dev eth1 src xxx.xxx.xxx.86 table T2"
"default via xxx.xxx.xxx.65 table T2"
)
config_eth1=(
"xxx.xxx.xxx.{86..95}/26"
"xxx.xxx.xxx.{97..126}/26"
)
rules_eth1=(
"from xxx.xxx.xxx.64/26 table T2"
)
postup() {
local x="rules_${IFVAR}[@]"
local -a rules=( "${!x}" )
if [[ -n ${rules} ]] ; then
einfo "Adding IP policy routing rules"
eindent
if ! ip rule list | grep -q "^" ; then
eerror "You need to enable IP Policy Routing (CONFIG_IP_MULTIPLE_TABLES)"
eerror "in your kernel to use ip rules"
else
for x in "${rules[@]}" ; do
ebegin "${x}"
ip rule del ${x}
ip rule add ${x}
eend $?
done
fi
eoutdent
ip route flush cache dev "${IFACE}"
fi
}
|
Oops. Almost forgot one last bit.
In /etc/iproute2/rt_tables:
| Code: |
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
151 T1
152 T2
|
_________________
Gentoo:
1. A small fast penguin from Antarctica.
2. A small fast penguin on your computer.
Cool. |
|
| Back to top |
|
|
PMcCauley
Apprentice
Joined: 14 Mar 2006
Posts: 283
Location: Alberta, Canada
|
| Posted: Wed Nov 01, 2006 7:43 pm Post subject: |
|
|
| kash04 wrote: | | there is no "lan" side to these computers, both of them are connected to the internet i just would like to ssh to each computer via two ip addresses it seems all traffic though the dsl interface has ceased since we added the fastnet interface |
Ok I am with you, sorry I should've read that post more carefully. Sounds like Utoxin has the solution if not you can take a look at this:
http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.rpdb.multiple-links.html
Patrick |
|
| Back to top |
|
|
Utoxin
Guru
Joined: 19 Apr 2002
Posts: 413
Location: American Fork, UT
|
| Posted: Fri Nov 03, 2006 6:26 pm Post subject: |
|
|
So, did we help solve your problem? If not, do you have any questions about my solution that I might be able to help you with?
_________________
Gentoo:
1. A small fast penguin from Antarctica.
2. A small fast penguin on your computer.
Cool. |
|
| Back to top |
|
|
kash04
n00b
Joined: 08 Nov 2005
Posts: 5
Location: Houston
|
| Posted: Sat Nov 04, 2006 10:12 pm Post subject: |
|
|
hi sorry it took so long i recompiled the kernel for the required options
CONFIG_IP_ADVANCED_ROUTER -e CONFIG_IP_MULTIPLE_TABLES
and i restarted and the boxes wouldnt come up so i had to make a trip to pick them up
brought them home and booted up fine so here's now my configs are now
| Code: |
modules=( "iproute2" )
config_eth0=( "209.189.99.98/27" )
routes_eth0=(
"default via 209.189.99.97 table fastnet"
"default via 209.189.99.97"
)
rules_eth0=( "from 209.189.99.98/27 table fastnet" )
dns_domain_eth0="fastnet.core-hou.sbc.com"
dns_search_eth0="fastnet.core-hou.sbc.com core-hou.sbc.com"
dns_search_domains_eth0="fastnet.core-hou.sbc.com core-hou.sbc.com"
dns_servers_eth0=" 68.94.156.1 68.94.157.1 "
config_eth1=( "68.94.156.243/29" )
routes_eth1=(
"default via 68.94.156.243 table dsl"
"default via 68.94.156.243"
)
rules_eth1=( "from 68.94.156.243/29 table dsl" )
dns_domain_eth1="core-hou.sbc.com"
dns_search_eth1="core-hou.sbc.com"
dns_search_domains_eth1="core-hou.sbc.com"
dns_servers_eth1=" 68.94.156.1 68.94.157.1 "
postup() {
local x="rules_${IFVAR}[@]"
local -a rules=( "${!x}" )
if [[ -n ${rules} ]] ; then
einfo "Adding IP policy routing rules"
eindent
if ! ip rule list | grep -q "^" ; then
eerror "You need to enable IP Policy Routing (CONFIG_IP$
eerror "in your kernel to use ip rules"
else
for x in "${rules[@]}" ; do
ebegin "${x}"
ip rule del ${x}
ip rule add ${x}
eend $?
done
fi
eoutdent
ip route flush cache dev "${IFACE}"
fi
}
|
Routing Tables from /etc/iproute2/rt_tables
| Code: |
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
1 fastnet
2 dsl
|
and i get this error message
RTNETLINK answers: No such process
everything starts fine i guess i cant really try it out to see if its working
so i gotta make sure everything is configured right
edit: oh and i used this
http://gentoo-wiki.com/TIP_Dual-Homed_Gentoo_Server |
|
| Back to top |
|
|
kash04
n00b
Joined: 08 Nov 2005
Posts: 5
Location: Houston
|
| Posted: Mon Nov 06, 2006 2:15 am Post subject: |
|
|
| it works with this config i just dropped off the boxes today |
|
| Back to top |
|
|
|
Networking & Security
