#1  
Old 13th January 2006, 21:40
daniel_rodriguez daniel_rodriguez is offline
Member
 
Join Date: Jan 2006
Posts: 39
Thanks: 0
Thanked 0 Times in 0 Posts
Thumbs down Sarge routing problems

At work we have a debian sarge as Proxy running Squid with three nics (eth0 -10.0.0.3, eth1 - 10.4.102.2 and eth2 - 10.14.8.2). The idea is that traffic to 10.2.0.0 and 10.10.0.0 pass trough 10.4.102.2, and internet traffic trough 10.0.0.3.

Problem is that entire LAN cannot reach a remote host (10.2.0.4) needed for accounting applications.

Below is routing table
Code:
Destination	Gateway		Genmask			Flags	Metric	Ref	Use	Iface
10.4.102.0	10.4.102.1	255.255.255.0		UG	0	0	0	eth1
10.4.102.0	*		255.255.255.0		U	0	0	0	eth1
localnet	*		255.255.248.0		U	0	0	0	eth2
10.2.0.0	10.4.102.1	255.255.0.0		UG	0	0	0	eth1
10.10.0.0	10.4.102.1	255.255.0.0		UG	0	0	0	eth1
10.0.0.0	*		255.0.0.0		U	0	0	0	eth0
default		10.0.0.2	0.0.0.0			UG	0	0	0	eth0
Code:
10.14.8.0		10.14.8.2		10.2.0.4
LAN			SQUID		Remote Host
There are no iptables rules neither
Code:
firewall:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
If I ping 10.2.0.4 get a response but from LAN, no way.


Any hint will be appreciated.

Last edited by daniel_rodriguez; 13th January 2006 at 21:56.
Reply With Quote
Sponsored Links
  #2  
Old 13th January 2006, 22:09
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Quote:
Originally Posted by daniel_rodriguez
If I ping 10.2.0.4 get a response but from LAN, no way.
But 10.2.0.4 is an IP address from your LAN, not from the internet...
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 13th January 2006, 22:19
daniel_rodriguez daniel_rodriguez is offline
Member
 
Join Date: Jan 2006
Posts: 39
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Goverment agencies are interconnected trough fiber optics ring here, that's why everyone has a proxy/firewall between ring and internal network.
That's the reason I mentioned 10.2.0.4 as a remote host, because reach there trough the fiber optics ring.

For a better explanation...

Last edited by daniel_rodriguez; 13th January 2006 at 23:03.
Reply With Quote
  #4  
Old 14th January 2006, 00:01
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Can you make sure that 10.2.0.4's firewall isn't blocking requests?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 14th January 2006, 00:34
daniel_rodriguez daniel_rodriguez is offline
Member
 
Join Date: Jan 2006
Posts: 39
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

well, certainly yes
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problems with groups/grpconv linuxfast General 28 21st April 2008 09:35
ISP install problems Debian sarge 3.1 lerra Installation/Configuration 1 5th January 2006 16:37
Debian Sarge RAID5 killfrog Installation/Configuration 2 23rd October 2005 21:43
Problems installing ISPConfig Debian Sarge hschel Server Operation 4 22nd August 2005 19:46
Install Debian Sarge with Kernel 2.6 root Installation/Configuration 4 10th May 2005 10:51


All times are GMT +2. The time now is 06:17.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.