Message-ID: <3A28F8CD.7598B65@revicon.com> Date: Sat, 02 Dec 2000 14:27:41 +0100 From: Lars Knudsen <gandalf@revicon.com> Subject: Re: [SLE] Two nic's & two hubs Jeroen Verstegen wrote:

Hi all,

I've got a problem with my network.

Here's the situation: One Penium 60 (no PCI slots), and a couple of other PC's being a mixture of different pentiums 100+ mhz I used to have them on a 10mbps hub, but now I bought a 100mbps (not a switch) one. All of the sytems have a 10/100mbps nic, except for the Pentium60. I use the P60 as a firewall/gateway to the outside world. I wanted to save some money and not buy an extra 10/100mbps hub, so I put second nic in my main fileserver, which is always switched on anyway. I hooked it up to the 10mbps hub to let it connect to the P60-firewall. Still with me? So now the situation is as follows:

P60: 1 isdn card connected to outside plus 1 nic 10mbps connected to 10mbps hub p500: 1 pci nic 100 mbps connected to 100mbsp hub and one nic 10 mbps connected to 10 mbps hub All others are connected to 100 mbps hub.

P60 hub10 P500 hub100 ----------- ------- ----------- ------- ISP <----->| ISDN | |10mbps |<----->|192.168.2.1| |100mbps|<--> others |192.168.2.5|<----->| hub | |192.168.1.1|<---->| hub | (192.168.1.*) ----------- ------- ----------- -------

P60 does nothing but firewalling and gatewaying. (Very small HD) P500 does DNS, YPserver, Samba, mail etc. All others are just clients (win and SuSE)

Now there are two problems: 1. I can see (ping, telnet etc) P500 from P60 and from all other PC's. I can also get to P60 from P500. But to everybody else P60 is invisible.

You have a routing problem now. Previously any ethernet packet sent by any of your computers could be seen by any of the others but now your net is divided into two parts by the P500. Any packet sent by the P60 for one of the computers on the 192.168.1 subnet is probably sent to the ISP instead of towards the P500. Even if the P60 sends the packet out towards the P500 the only thing that happens is that the P500 takes a look at the packet, decides it is intended for someone else and leaves it alone. You would want to the P500 to act as router and forward the packet to the 192.168.1 subnet. Go look for "nag" - the Network Administrators Guide on one of the linux documentation sites. It covers these problems in detail. Basically what needs to be done is: P60 needs to be configured so that /sbin/route tells you something like the following Destination Gateway Genmask Flags Metric Ref Use Iface IP_ADDR_OF_ISP * 255.255.255.255 UH 0 0 0 ppp0 192.168.1.1 * 255.255.255.255 UH 0 0 0 eth0 192.168.2.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 default IP_ADDR_OF_ISP 0.0.0.0 UG 0 0 0 ppp0 The P500 needs to be configured like this: Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.2.0 * 255.255.255.0 U 0 0 0 eth0 192.168.1.0 * 255.255.255.0 U 0 0 0 eth1 default 192.168.2.5 0.0.0.0 UG 0 0 0 eth0 You need to make sure ip forwarding is enabled on the P500 cat /proc/sys/net/ipv4/ip_forward gives 0 if it is disabled and 1 if it is enabled. If it is disabled echo 1 >/proc/sys/net/ipv4/ip_forward should enable it.

2. I cannot get ypclient to work on P60 (domain not bound), but it does work on other machines connected to the 100mbps hub.

Two possible causes for this one. Either your yp domain is 192.168.1 and the P60 complains because it is in domain 192.168.2 or the problem is caused by the routing problems. Fix the routing first and see if it goes away.

And a question: Is it true that with two hubs you have to use a different 3rd part of the ip-address? (eg .2.5 vs .1.5)

Not exactly true, when you have two subnets they need to have different subnet addresses, the simplest is to use a different 3rd part of the ip-address but it is possible to do otherwise.

I've tried the roaming the howto's, but to no avail. Can anybody point me in the right direction? I feel it would be a waste of money to go out and get a switch hub altough timewise... :-)

The switching hub would solve your problem for now but by the time you run out of ports on it you would need to figure out how to do the routing stuff anyway.

thanks for any help!

No prob. Please ask again if you have further problems or do not succeed in solving this one. \Gandalf

Message-ID: <3A2AC106.69D8A4AB@pro.procergs.com.br> Date: Sun, 03 Dec 2000 19:54:14 -0200 From: Flavio Arthur Leal Ferreira <arthur@pro.procergs.com.br> Subject: Re: [SLE] Two nic's & two hubs Jeroen, it seems you have routing problems. P500 is acting as a router between two nets ( 192.168.1.0 and 192.168.2.0 ). Netmasks are set to 255.255.255.0 ? has P60 a route to 192.168.1.0 via p500 ? have the stations a default route or a route to 192.168.2.0 via p500 ? Jeroen Verstegen wrote:

Hi all,

I've got a problem with my network.

Here's the situation: One Penium 60 (no PCI slots), and a couple of other PC's being a mixture of different pentiums 100+ mhz I used to have them on a 10mbps hub, but now I bought a 100mbps (not a switch) one. All of the sytems have a 10/100mbps nic, except for the Pentium60. I use the P60 as a firewall/gateway to the outside world. I wanted to save some money and not buy an extra 10/100mbps hub, so I put second nic in my main fileserver, which is always switched on anyway. I hooked it up to the 10mbps hub to let it connect to the P60-firewall. Still with me? So now the situation is as follows:

P60: 1 isdn card connected to outside plus 1 nic 10mbps connected to 10mbps hub p500: 1 pci nic 100 mbps connected to 100mbsp hub and one nic 10 mbps connected to 10 mbps hub All others are connected to 100 mbps hub.

P60 hub10 P500 hub100 ----------- ------- ----------- ------- ISP <----->| ISDN | |10mbps |<----->|192.168.2.1| |100mbps|<--> others |192.168.2.5|<----->| hub | |192.168.1.1|<---->| hub | (192.168.1.*) ----------- ------- ----------- -------

P60 does nothing but firewalling and gatewaying. (Very small HD) P500 does DNS, YPserver, Samba, mail etc. All others are just clients (win and SuSE)

Now there are two problems: 1. I can see (ping, telnet etc) P500 from P60 and from all other PC's. I can also get to P60 from P500. But to everybody else P60 is invisible. 2. I cannot get ypclient to work on P60 (domain not bound), but it does work on other machines connected to the 100mbps hub.

And a question: Is it true that with two hubs you have to use a different 3rd part of the ip-address? (eg .2.5 vs .1.5)

I've tried the roaming the howto's, but to no avail. Can anybody point me in the right direction? I feel it would be a waste of money to go out and get a switch hub altough timewise... :-)