Am Tue, 23 Sep 2008 11:58:37 -0500 schrieb Kevin Martin <kevintm@xxxxxxxxxxxxx>: > > > ppps wrote: > >> First off, what is that extra netstat -rn entry for eth6 > >> (169.254.0.0...looks like some Windows default garbage)? Can't > >> help but wonder what that's doing to routing to the 192.168.10 > >> network on the machine. > >> > > I have tried to eliminate that route with the command > > route del -net 169.254.0.0 netmask 255.255.0.0 > > This eliminates the route but on reboot again and lift it > > I do not know which file to modify to be removed. > > > > > Ok, this has been answered by Mr. Wright. > > I think that you really don't need to worry about this route. > > It's used for default networking when your system is set to DHCP > > but does not get an address from a DHCP server (NIC self-assigns a > > 169.254.x.x address to itself). This also happens on Windows. I > > think that, the route itself will have no effect on your > > connectivity or networking. > > > > > >> Next, why do you get two different traceroute results when you > >> traceroute host 192.168.10.20 as shown below (doesn't make any > >> sense)?: > > > > In the first tcpdump command, > > ping from 192.168.10.250 to 192.168.10.20 > > > > |firewall |--x-->|switch |----> | host 192.168.10.20 | > > > > In de Second tcpdump command > > ping from 192.168.10.20 to 192.168.5.1 > > > > |host 192.168.10.20 |---->|switch |----> | FIRWALL |--x-->| switch > > |-----> | HOST 192.168.5.1 | > > > > > Ah, ok, my bad for not noticing that. > > Let's take this from the top (please correct me if I'm wrong): > > Your firewall has the 3 interfaces with 192.168.1.231/24, > 192.168.5.254/24, and 192.168.10.250/24 as the interface addresses. > You have 3 machines off-firewall with addresses 192.168.1.201, > 192.168.5.1, and 192.168.10.20 (all in the /24 bit network, right?). > > 1).From the firewall, if you ping/traceroute to the 3 off firewall > addresses, do they all work or only some of them? > > 2).From the off firewall addresses, does ping/traceroute to the 3 > firewall addresses *on the same network* (so from ...1.201 > to ...1.231, ...5.1 to ...5.254, and ...10.20 to ...10.250) work? > > 3).On the off firewall machines, what does a tcpdump show about the > traffic coming from the firewall in (1) (when it works and when it > doesn't work)? > > 4).From the off firewall machines, what are the results of > pings/traceroutes from those machines to the other machines (so from > 1.201 to 5.1, 1.201 to 10.20, 5.1 to 10.20, 5.1 to 1.201, 10.20 to > 5.1, and 10.20 to 1.201...you need to do all of them to verify that > the traceroutes are all using the same paths coming and going...I've > seen networking weirdness where a traceroute from a -> b shows 5 hops > on 5 routers while a traceroute from b -> a shows different > routers/hops ). > > 5).On the off firewall machines, what do the routing tables look > like? And what are the results of the command "arp"? Are all of the > off firewall machines Linux boxes or are there Windows or other O.S. > machines (and is the 5.1 box just a router?)? > > FWIW, it's often handy from a troubleshooting point of view and the > sake of consistency to, if possible, have your firewall interfaces > have the same ending octet (again, if possible in the network(s) that > you are working with). If the firewall interfaces *always* have .254 > as the last octet (or .110 or .1 or whatever as long as they are the > same on each interface) then it makes it easier to understand your > routing/network setup. > > <snip> > > erm, btw, what the nic-setup of one of your client-computers? Roger -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
