From: Fernando Serto (fernando_at_serto.com.br)
Date: Tue 01 Jul 2003 - 08:09:01 BST
hi folks, it seems strange, but I can't open any connections from my vserver
to any other box on the LAN. even ping is not working... here goes the
details:
fenestra is the root server, and cartman is the vserver i'm talking about:
[root_at_fenestra root]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:xx:xx:xx:xx:1C
inet addr:61.x.x.3 Bcast:61.x.x.x Mask:255.255.255.128
eth0:cart Link encap:Ethernet HWaddr 00:xx:xx:xx:xx:1C
inet addr:61.x.x.101 Bcast:61.x.x.x Mask:255.255.255.128
eth1 Link encap:Ethernet HWaddr 00:90:27:75:FC:66
inet addr:192.168.10.2 Bcast:192.168.10.255 Mask:255.255.255.0
eth1:cart Link encap:Ethernet HWaddr 00:90:27:75:FC:66
inet addr:192.168.10.101 Bcast:61.8.29.127 Mask:255.255.255.0
My cartman.conf file has the following configuration (just the networking
config):
IPROOT="eth0:61.8.29.101/255.255.255.128 eth1:192.168.10.101/255.255.255.0"
IPROOTDEV=eth0
If I comment the IPROOTDEV line, it seems to not configure the interfaces...
while inside the vserver, I can ping the outside world:
[root_at_vserver:cartman /]ping www.telstra.com.au
PING www.telstra.com.au (144.135.18.41) from 61.x.x.x: 56(84) bytes of data.
64 bytes from 144.135.18.41: icmp_seq=1 ttl=248 time=71.9 ms
64 bytes from 144.135.18.41: icmp_seq=2 ttl=248 time=123 ms
64 bytes from 144.135.18.41: icmp_seq=3 ttl=248 time=163 ms
--- www.telstra.com.au ping statistics ---
3 packets transmitted, 3 received, 0% loss, time 2371ms
rtt min/avg/max/mdev = 71.963/119.879/163.855/37.618 ms
but, I can't ping my desktop on the LAN:
[root_at_vserver:cartman /]ping 192.168.10.142?
PING 192.168.10.142 (192.168.10.142) from 61.x.x.x (WHY NOT THE INTERNAL
IP?): 56(84) bytes of data.
--- 192.168.10.142 ping statistics ---
31 packets transmitted, 0 received, 100% loss, time 30018ms
here comes the "weirdest" part... While trying to ping my desktop, I started
tcpdump, and look what I got here:
[root_at_fenestra root]# tcpdump -i eth1 -n | grep 192.168.10.142
tcpdump: listening on eth1
16:58:32.585950 61.x.x.x > 192.168.10.142: icmp: echo request (DF)
16:58:32.586143 192.168.10.142 > 61.8x.x.x : icmp: echo reply
16:58:33.603579 61.x.x.x > 192.168.10.142: icmp: echo request (DF)
16:58:33.603701 192.168.10.142 > 61.x.x.x : icmp: echo reply
why the hell is it trying to connect using the external ip? is this the
problem?
my routing table looks like this:
[root_at_fenestra root]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
61.x.x.0 0.0.0.0 255.255.255.128 U 0 0 0 eth0
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 61.x.x.1 0.0.0.0 UG 0 0 0 eth0
any ideas? I'm running a squid proxy on this vserver, but, I'll create
another vserver to use as our mail relay, just to hide the exchange, and
this "mail vserver" will have to forward the mails to the exchange server,
but how? If I can't even reach it?
from the root server:
[root_at_fenestra root]# telnet 192.168.10.20 25
Trying 192.168.10.20...
Connected to 192.168.10.20.
Escape character is '^]'.
220 HARRIS.localdomain ESMTP Server (Microsoft Exchange Internet Mail
Service 5.5.2656.59) ready
but, from the vserver:
[root_at_vserver:cartman /]telnet 192.168.10.20 25
Trying 192.168.10.20...
Cheers,
Fernando