Fedora Users — Re: FC 4 Networking bridge

Thanks for the replies.

The idea was to try and test the throughput from server 1 to server 2 via the cisco and still be able to access the cisco on its public IP as another thing we want to test is pptp vpn and ipsec access (doing that using NAT and server 1 as the access IP would create more headaches than solve.

We would have rpeferred to all the testing with the server nicely racked up with all being able to do everything remotely, but I think I may give that up as a bad idea and do the vpn testing and throughput testing as 2 separate set ups.

Ah well, back to the drawing board for me. :)

Thanks again

Mark

Jeff Vian wrote:

On Sat, 2006-01-28 at 07:03 +0000, Mark wrote:

Hi all

Perhaps I am being a lil dim here as a new linux sysadmin personage 
(previous preference was for windows, emphasis on "was")

For some reason I have not been able to get a working network along the 
following lines.

NOTE this network is purely for systems testing, bandwidth etc, hence 
the daisy chain effect.

I have 2 servers, both running FC4 and a cisco router.

The aim is to test throughput from one server to the other via the cisco.

My proposed solution is as follows:
Both servers have 2 gigE nics
Cisco has 2 interfaces which I have named ciscoLan and ciscoWan

Basically I want server 1 with eth0 connected to my DMZ network (and the 
world at large) witha  public IP address
I then want to configure eth1 with another public IP to connect directly 
to the ciscoWan

I already have the cisco connected via ciscoLan to server 2 using NAT 
and private IPs but I cannot get eth1 on server 1 to come up with the IP 
address I need and then talk to the cisco.

I think the issue may be that I need to enable bridging of sorts between 
the 2 NICs, as MS does with ICS etc.

So the question is, how do I acheive that?

As far as I can tell, I have all the interfaces configured correctly.

I can`t give the actual IPs here, but I will give an example:
All Xs give the same subnet

Server 1
/etc/sysconfig/network
NETWORKING=yes
HOSTNAME=test-server-01.domain.net
GATEWAY=X.X.X.33

/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
HWADDR=00:14:22:22:04:1A

TYPE=Ethernet
IPADDR=X.X.X.41
NETMASK=255.255.255.224
GATEWAY=X.X.X.33

/etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=00:14:22:22:04:1A

TYPE=Ethernet
NETMASK=255.255.255.224
IPADDR=X.X.X.42
GATEWAY=217.30.126.33  <- is this a problem????

Have I really missed something and thats why this server can`t talk to 
my cisco on eth1?  By the way, the cisco has an IP of X.X.X.62

1)  You should not have the default gateway defined in 3 places. In my
experience it seems best in /etc/sysconfig/network.  It may not get
defined at all if the sequence of reading/processing the files is not
what you want.  You can also only have *one* default gateway.  If those
in the other two files are the correct one, then certainly the one in
ifcfg-eth1 is a problem.

2)  You should *not* have 2 different interfaces on the same machine on
the same subnet.  Many problems are related to having this type setup,
which causes the system to get confused about which adapter to use for
what. (slow communications, lost packets, routing messed up, to name a
few.)

3) What is the output of "route -n"?  Which device has the default
gateway defined (eth0 or eth1)? Is it what you expected (X.X.X.33) or
the other one (217.30.126.33)?

Why are you trying to have this machine talk to the cisco on the same
subnet as is used on the other interface?  Nothing is gained and a lot
is lost by trying this.  If you are connecting directly to the cisco
with no other connections on that network segment, why not use one of
the private network addresses for both the cisco and this server on
eth1?

I am trying to have both eth0 and eth1 having IPs only 1 apart and the 
gateway for eth1 is set to the same as eth0.  Is this adding to the 
problems?

Yes, see 1 & 2 above.

I can solve it fairly easily by installing windows on server 1 and 
configure ICS etc, but I would rather avoid that for 2 reasons:
- having FC4 on the server is beneficial for us after this roject
- I don`t want to give in to this problem, I would rather solve it.

I am not sure I understand completely.  
Are you connecting both servers to the internet with a single public IP?
If so iptables and setting up nat is the best way to go. (This works
similarly to ICS but has much more functionality.) That is exactly what
I use for my connections at home.  A Cable modem with one IP available
and my home network has 4 PCs (using a private IP network) that access
the internet at any time.  Server 1 would have one interface with a
public IP and the other interface would have a LAN ip, similar to what a
router does.

If the cisco is the connection to the internet and you are sharing the
local LAN with all machines accessing the internet through the cisco
then all should be on the same network segment/subnet.

If you are using multiple public IPs then each should be connected
directly and not in the way that ICS works from M$.

Thanks in advnace.

Mark

-- 

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed.  
If you have received this email in error please notify the sender. Any 
offers or quotation of service are subject to formal specification.  
Errors and omissions excepted.  Please note that any views or opinions 
presented in this email are solely those of the author and do not 
necessarily represent those of Lumison, nplusone or lightershade ltd.  
Finally, the recipient should check this email and any attachments for the 
presence of viruses.  Lumison, nplusone and lightershade ltd accepts no 
liability for any damage caused by any virus transmitted by this email.

--

-- 
Virus scanned by Lumison.