2 nics on same redhat 7.1 box. Someone please help me with this proble

[ForumKid]

THis works great:
eth0=192.168.3.2
eth1=192.168.6.10

This works great :
eth0=192.168.3.2
eth1=192.168.4.10

This doesnt work and i need it to be a 192.168.1.x:
eth0=192.168.3.2
eth1=192.168.1.10

WHy would it matter if i change it to 192.168.1.2. What could cause this. When i change it to 192.168.1.2 it kills eth0 and eth1.

Any ideas. Here is the output of when it works
eth0 Link encap:Ethernet HWaddr 00:02:B3:28:80:5C
inet addr:192.168.3.2 Bcast:192.168.3.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:376 errors:0 dropped:0 overruns:0 frame:0
TX packets:308 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
Interrupt:22 Base address:0xec80

eth1 Link encap:Ethernet HWaddr 00:B00:B0:22:9B
inet addr:192.168.4.10 Bcast:192.168.4.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:39 errors:0 dropped:0 overruns:39 carrier:0
collisions:0 txqueuelen:100
Interrupt:16 Base address:0xccc0

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:24 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0


ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:02:B3:28:80:5C
inet addr:192.168.3.2 Bcast:192.168.3.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:400 errors:0 dropped:0 overruns:0 frame:0
TX packets:327 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
Interrupt:22 Base address:0xec80

eth1 Link encap:Ethernet HWaddr 00:B00:B0:22:9B
inet addr:192.168.6.10 Bcast:192.168.6.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:39 errors:0 dropped:0 overruns:39 carrier:0
collisions:0 txqueuelen:100
Interrupt:16 Base address:0xccc0

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:24 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0

Its nothing to do with routes,at least i dont think so. Cant even ping them once i active the second nic as 192.168.1.10. I then change eth1 to 192.168.4.10 and everything works includes connections and ping.
Thanks for your time

 

[pcunix]

You say it has nothing to do with routing but what are the networks these things are connected to?

Describe the topology and maybe this will make more sense. What's out there on the eth0 side and eth1? What are these connected to? Tony Lawrence
SCO Unix/Linux Resources

http://pcunix.com

tony@pcunix.com

 

[ForumKid]

Lets call this ServerA (its behind dmz1) **THIS WORKS FINE**
eth0=192.168.2.2
eth1=192.168.1.3
default gateway is 192.168.2.200

Lets call this ServerB (its behind dmz2) **THIS IS THE PROBLEM ONE**
eth0=192.168.3.2
eth1=192.168.1.4
default gateway is 192.168.3.200

my firewall - cisco pix
eth0(outside)65.x.x.x
eth1(inside)192.168.1.200 --> connects to internal switch
eth2(dmz1 for http stuff)192.168.2.200 --> connects to serverA
eth3(dmz2 for smtp stuff)192.168.3.200 --> Connects to serverB

This is all connected to a pix. The dmz2 interface on my pix is 192.168.3.200. The inside interface on my pix is 192.168.1.200. So all computers on my internal network are all connected to a switch and all ip addresses are 192.168.1.x. This is where the second nic in the servers comes in. 1 card in the servers is for internet traffic. The other card is for LAN traffic. Both 192.168.1.3 and 192.168.1.4 are connected to the internal switch. I can access both cards on serverA. ServerB is the problem. If i make eth1 192.168.4.2 or 192.168.5.2, I can still connect to 192.168.3.2(eth0). If i change the ip to 192.168.1.2, the second my network reloads itself on the server, the card(eth0) shuts down. No ping no nothing.So i need this card = 192.168.1.x because i dont have a router on the internal network. Just a switch. And this should really work. Been working on this for so long.
Im running RedHat 7.1 on both servers. iptables is disabled until i get this to work. Also i can verify that the pix is working correctly. No syslog errors.
Has anyone ever heard of this before? I was thinking about reinstalling the OS, but i doubt that will help. Im at a loss here.
I will take any suggestions. I have no clue why serverA is ok and ServerB doesnt work. Maybe someone can shed come light on this.
Thanks SO MUCH!!!!!!!

 

[ForumKid]

Well it turns out that both servers dont work. I rebooted both of them.

I enable just one nic on serverA. I can then access my server on port 80. I enable the second nic on serverA. I can no longer access my server on port 80. But i can ping both interfaces from the pix. I can also access eth1 via ssh from the inside network. I think this means its a routing issue.

route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 * 255.255.255.0 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.2.200 0.0.0.0 UG 0 0 0 eth0

route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.2.200 0.0.0.0 UG 0 0 0 eth0

 

[ForumKid]

Well it turns out that both servers dont work. I rebooted both of them.

I enable just one nic on serverA. I can then access my server on port 80. I enable the second nic on serverA. I can no longer access my server on port 80. But i can ping both interfaces from the pix. I can also access eth1 via ssh from the inside network. I think this means its a routing issue.

route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 * 255.255.255.0 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.2.200 0.0.0.0 UG 0 0 0 eth0

route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.2.200 0.0.0.0 UG 0 0 0 eth0

 

[ForumKid]

Maybe this will help.
I enabled both cards on serverA. I can ssh to eth1. I cannot ssh to eth0. Here is the dump.
tcpdump -i eth0
Kernel filter, protocol ALL, TURBO mode (575 frames), datagram packet socket
tcpdump: listening on eth0
05:21:31.330035 < 192.168.1.2.1297 > myhost.mydomain.com.ssh: S 1878096992:1878096992(0) win 16384 <mss 1380,nop,nop,sackOK> (DF)
05:21:31.330035 > myhost.mydomain.com.32770 > cache03.ns.uu.net.domain: 61894+ PTR? 2.1.168.192.in-addr.arpa. (42) (DF)
05:21:31.410035 < cache03.ns.uu.net.domain > myhost.mydomain.com.32770: 61894 NXDomain 0/1/0 (108) (DF)
05:21:31.410035 > myhost.mydomain.com.32770 > cache03.ns.uu.net.domain: 61895+ PTR? 4.1.6.198.in-addr.arpa. (40) (DF)
05:21:31.490035 < cache03.ns.uu.net.domain > myhost.mydomain.com.32770: 61895 1/3/3 PTR cache03.ns.uu.net. (182) (DF)
05:21:34.330035 < 192.168.1.2.1297 > myhost.mydomain.com.ssh: S 1878096992:1878096992(0) win 16384 <mss 1380,nop,nop,sackOK> (DF)
05:21:36.330035 > arp who-has 192.168.2.200 tell myhost.mydomain.com (0:b0:d0:78:92:7)
05:21:36.330035 < arp reply 192.168.2.200 is-at 0:2:b3:17:fe:c3 (0:b0:d0:78:92:7)
05:21:36.330035 > myhost.mydomain.com.32770 > cache03.ns.uu.net.domain: 61896+ PTR? 200.2.168.192.in-addr.arpa. (44) (DF)
05:21:36.410035 < cache03.ns.uu.net.domain > myhost.mydomain.com.32770: 61896 NXDomain 0/1/0 (110) (DF)
05:21:40.350035 < 192.168.1.2.1297 > myhost.mydomain.com.ssh: S 1878096992:1878096992(0) win 16384 <mss 1380,nop,nop,sackOK> (DF)

11 packets received by filter

 

[ForumKid]

THis is the dump for when both cards are enabled and i goto my server on port 80.
tcpdump -i eth0
Kernel filter, protocol ALL, TURBO mode (575 frames), datagram packet socket
tcpdump: listening on eth0
05:28:04.470035 < 192.168.1.2.1348 > myhost.mydomain.com.http: S 2820326073:2820326073(0) win 16384 <mss 1380,nop,nop,sackOK> (DF)
05:28:04.470035 > myhost.mydomain.com.32770 > cache03.ns.uu.net.domain: 56254+ PTR? 2.1.168.192.in-addr.arpa. (42) (DF)
05:28:04.550035 < cache03.ns.uu.net.domain > myhost.mydomain.com.32770: 56254 NXDomain 0/1/0 (108) (DF)
05:28:04.550035 > myhost.mydomain.com.32770 > cache03.ns.uu.net.domain: 56255+ PTR? 4.1.6.198.in-addr.arpa. (40) (DF)
05:28:04.630035 < cache03.ns.uu.net.domain > myhost.mydomain.com.32770: 56255 1/3/3 PTR cache03.ns.uu.net. (182) (DF)
05:28:07.410035 < 192.168.1.2.1348 > myhost.mydomain.com.http: S 2820326073:2820326073(0) win 16384 <mss 1380,nop,nop,sackOK> (DF)
05:28:13.430035 < 192.168.1.2.1348 > myhost.mydomain.com.http: S 2820326073:2820326073(0) win 16384 <mss 1380,nop,nop,sackOK> (DF)

7 packets received by filter

 

[ifincham]

Hi,

Well, firstly changing the IP/address subnet on eth0 will always give connectivity to eth1 because they are on the same box. The subnet will automatically appear in the routing table . The question is why it doesn't like the 192.168.1.0 subnet .

Does anything look strange in the routing tables ?

/sbin/route -n

Also, what happens if you disable the eth0 interface and bring up eth1 as 192.168.1.4 ?

Regards

 

[ForumKid]

I disable eth0 and just bring up eth1. I can ping eth1 but cannot access it via ssh. I get the same dump as before with eth0.

Any ideas??? I thought this should just work. I dont understand why its being so stubborn. Im not sure what else to try.

 

[ForumKid]

Routing tables look ok. Take a look up a few lines and youll see my routing tables.


whew......This ones taking me for a loop.