I'm trying to setup two NICs on one box, and seem to be having trouble eaching the rest of the LAN using eth1. I use eth0 for the DSL connection. ifconfig reports: dsl0 Link encap:Point-to-Point Protocol inet addr:192.168.99.1 P-t-P:192.168.99.99 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) eth0 Link encap:Ethernet HWaddr 00:0A:E6:68:3E:24 inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20a:e6ff:fe68:3e24/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:104 errors:0 dropped:0 overruns:0 frame:0 TX packets:175 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34154 (33.3 Kb) TX bytes:10841 (10.5 Kb) Interrupt:5 Base address:0xc400 eth1 Link encap:Ethernet HWaddr 00:01:02:73:CA:CF inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::201:2ff:fe73:cacf/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:12 errors:0 dropped:0 overruns:0 carrier:5 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:936 (936.0 b) Interrupt:3 Base address:0xc000 ping -I 192.168.1.2 192.168.1.14 produces "host unreachable". I've tried 2 different NICs. I suspect the problem is not dead NICs but perhaps something I need to do differently or additionally. I've setup the hosts file with both NICs listed (and tried it with only eth1's address listed - 192.168.1.2) I'm not quite sure what else to do. Thanks, Don -- DC Parris GNU Evangelist http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere!"
On Saturday 06 November 2004 2:11 pm, Don Parris wrote:
I'm trying to setup two NICs on one box, and seem to be having trouble eaching the rest of the LAN using eth1. I use eth0 for the DSL connection.
ifconfig reports: dsl0 Link encap:Point-to-Point Protocol inet addr:192.168.99.1 P-t-P:192.168.99.99
eth0 Link encap:Ethernet HWaddr 00:0A:E6:68:3E:24 inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0
eth1 Link encap:Ethernet HWaddr 00:01:02:73:CA:CF inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
ping -I 192.168.1.2 192.168.1.14 produces "host unreachable".
I've tried 2 different NICs. I suspect the problem is not dead NICs but perhaps something I need to do differently or additionally. I've setup the hosts file with both NICs listed (and tried it with only eth1's address listed - 192.168.1.2) I'm not quite sure what else to do.
Thanks, Don
How are these NICs cabled? Does eth0 go directly to dsl0? Does eth1 go to a physically separate LAN through an ethernet switch that 192.168.1.14 is also plugged into? Is dsl0 an external DSL modem or is it internal to the PC? Where is the DHCP server or does everything have static IP addresses? Set eth0 and eth1 to different subnets such as eth0=192.168.?.x/24 and eth1=192.168.1.x/24. This is where its nice to have a DHCP server serving the rest of your 192.168.1.x/24 network since everything else that eth1 connects to is already at 192.168.1.x/24. What I did was to set eth0 as the external/Internet device at 192.168.1,x connecting to my broadband router which has a minimal firewall and NAT and DHCP server (which would be serving to only one device, eth0). The router talks to the DSL/Cable modem. Then eth1 as the internal/LAN device talks to the rest of the LAN on 192.168.2.x and does caching DNS, DHCP server, Squid proxy, Shorewall firewall and other security things. There are some other details to check but lets get the basic plumbing straight first... Stan
On Saturday 06 November 2004 16:14, Stan Glasoe wrote:
On Saturday 06 November 2004 2:11 pm, Don Parris wrote:
I'm trying to setup two NICs on one box, and seem to be having trouble eaching the rest of the LAN using eth1. I use eth0 for the DSL connection.
ifconfig reports: dsl0 Link encap:Point-to-Point Protocol inet addr:192.168.99.1 P-t-P:192.168.99.99
eth0 Link encap:Ethernet HWaddr 00:0A:E6:68:3E:24 inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0
eth1 Link encap:Ethernet HWaddr 00:01:02:73:CA:CF inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
ping -I 192.168.1.2 192.168.1.14 produces "host unreachable".
I've tried 2 different NICs. I suspect the problem is not dead NICs but perhaps something I need to do differently or additionally. I've setup the hosts file with both NICs listed (and tried it with only eth1's address listed - 192.168.1.2) I'm not quite sure what else to do.
Thanks, Don
How are these NICs cabled? Does eth0 go directly to dsl0? Does eth1 go to a physically separate LAN through an ethernet switch that 192.168.1.14 is also plugged into? Is dsl0 an external DSL modem or is it internal to the PC? Where is the DHCP server or does everything have static IP addresses?
Set eth0 and eth1 to different subnets such as eth0=192.168.?.x/24 and eth1=192.168.1.x/24. This is where its nice to have a DHCP server serving the rest of your 192.168.1.x/24 network since everything else that eth1 connects to is already at 192.168.1.x/24.
What I did was to set eth0 as the external/Internet device at 192.168.1,x connecting to my broadband router which has a minimal firewall and NAT and DHCP server (which would be serving to only one device, eth0). The router talks to the DSL/Cable modem. Then eth1 as the internal/LAN device talks to the rest of the LAN on 192.168.2.x and does caching DNS, DHCP server, Squid proxy, Shorewall firewall and other security things.
There are some other details to check but lets get the basic plumbing straight first...
Stan Well, I did not setup DHCP - let me get the /etc/hosts file approach first. I left eth0 config'd as 192.168.1.3. I changed the rest of the LAN 192.168.2.x. At least now, when I ping the LAN, the hub lights up for both NICs, whereas before, it would only light up for the NIC I was pinging from.
All other boxes recognize each other, and I can ping via IP or host name. But when I ping from x/2.2 (or to it), ping doesn't return a result, and I have to hit [ctrl]+c. I've also noticed an error message that may have an impact - not sure: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko): Device or resource busy Next step? -- DC Parris GNU Evangelist http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere!"
On Saturday 06 November 2004 7:24 pm, Don Parris wrote:
Well, I did not setup DHCP - let me get the /etc/hosts file approach first. I left eth0 config'd as 192.168.1.3. I changed the rest of the LAN 192.168.2.x. At least now, when I ping the LAN, the hub lights up for both NICs, whereas before, it would only light up for the NIC I was pinging from.
Whoa. I don't think that I like your plumbing here. Do you have both eth0 and eth1 going into the same hub? I recommend not doing that because I like to keep my subnets physically separated. It helps me to know exactly where I want packets to be going. eth1 should be the only cable from the PC to the hub that connects all the other internal LAN devices. eth0 goes to the Internet through whatever; dsl0 or external broadband firewall/router device. eth1 goes to the internal LAN. Physically separate networks. There are ways to do it differently but you are just starting out so lets really keep things separate. This will help you visualize your firewall flow also. FW_EXT_DEV=eth0 and is physically different than FW_INT_DEV=eth1. Different zones per Shorewall Firewall setup.
All other boxes recognize each other, and I can ping via IP or host name. But when I ping from x/2.2 (or to it), ping doesn't return a result, and I have to hit [ctrl]+c. I've also noticed an error message that may have an impact - not sure: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko ): Device or resource busy
Next step?
Tell me eth0 and eth1 are NOT connected to the same hub/switch. Remember to turn on "Enable IP Forwarding" for NICs in Yast, Network Devices, Network Cards.
-- DC Parris GNU Evangelist
Stan
On Saturday 06 November 2004 23:19, Stan Glasoe wrote:
On Saturday 06 November 2004 7:24 pm, Don Parris wrote:
Well, I did not setup DHCP - let me get the /etc/hosts file approach first. I left eth0 config'd as 192.168.1.3. I changed the rest of the LAN 192.168.2.x. At least now, when I ping the LAN, the hub lights up for both NICs, whereas before, it would only light up for the NIC I was pinging from.
Whoa. I don't think that I like your plumbing here. Do you have both eth0 and eth1 going into the same hub? I recommend not doing that because I like to keep my subnets physically separated. It helps me to know exactly where I want packets to be going.
Sorry Stan, eth0 is my DSL connection - should have made that clear. eth1 Goes to the local hub.
eth1 should be the only cable from the PC to the hub that connects all the other internal LAN devices. eth0 goes to the Internet through whatever; dsl0 or external broadband firewall/router device. eth1 goes to the internal LAN. Physically separate networks.
There are ways to do it differently but you are just starting out so lets really keep things separate. This will help you visualize your firewall flow also. FW_EXT_DEV=eth0 and is physically different than FW_INT_DEV=eth1. Different zones per Shorewall Firewall setup.
All other boxes recognize each other, and I can ping via IP or host name. But when I ping from x/2.2 (or to it), ping doesn't return a result, and I have to hit [ctrl]+c. I've also noticed an error message that may have an impact - not sure: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko ): Device or resource busy
Next step?
Tell me eth0 and eth1 are NOT connected to the same hub/switch.
As above , definitely NOT. I guess I was assuming (I know, I know...) that you guys would understand that I was trying to get one NIC to work with the hub - the other already works nicely with the DSL modem. Also, eth0 is the on-board NIC, and eth1 is a used 3Com I picked up today. The original eth1 was a D-Link. Both PCI NICs were recognized & config'd by Yast, and ifconfig showed both setup properly, though, as Anders pointed out - with some errors. I really don't think the hardware is the issue, though. So far, I've been switching the DSL & LAN cables on eth0 as needed to connect to the internet or to the LAN. While this defintely cuts down outsiders' chances of attacking the whole LAN, it is inconvenient. ;) As mentioned in my response to Anders, I can get VNC connections using the LAN cable on eth0, but when using eth1, I get nada. Ok, I do get blinking lights - but that's about it.
Remember to turn on "Enable IP Forwarding" for NICs in Yast, Network Devices, Network Cards.
If it's o.k. with you, I'd like to get eth1 working with the local hub first - then worry about giving my LAN access to the outside world.
--
Don -- DC Parris GNU Evangelist http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere!"
eth0 is my DSL connection - should have made that clear. eth1 Goes to the local hub. snipped < So far, I've been switching the DSL & LAN cables on eth0 as needed to connect to the internet or to the LAN. While this defintely cuts down outsiders' chances of attacking the whole LAN, it is inconvenient. ;) You shouldn't have to do that manual switching of cables. Leave the cables all connected where they are supposed to go. With both interfaces cabled and up and running, do an 'ifdown eth0' (from a root
On Saturday 06 November 2004 11:09 pm, Don Parris wrote: prompt in a konsole/console) to test just eth1 on your internal LAN. This allows you to dictate which NIC is talking to which network and when. Then to test the Internet side do an 'ifdown eth1' and then an 'ifup eth0' to test just external/Internet connectivity from this system. Without setting up the connection/route between the cards with "Enable IP Forwarding" you have to work with only one card at a time. I believe that without the routing setup that all traffic will most likely go to the first NIC available - sometimes - which makes troubleshooting and expecting certain results diabolically threatening to one's sanity/sobriety. Either that or its just my luck! There's a nice little program called KNemo that puts a little network icon in the systray area (and also appears within KDE Control Center); one for each connection you have on the machine. Label them and then you'll know which is up/down with a glance or mouse over.
As mentioned in my response to Anders, I can get VNC connections using the LAN cable on eth0, but when using eth1, I get nada. Ok, I do get blinking lights - but that's about it.
But IF I understand what you've been doing you connect both cables to the same hub once in a while. Or you disconnect eth1 from the hub when you connect eth0 to the hub. Stop that. See above.
Remember to turn on "Enable IP Forwarding" for NICs in Yast, Network Devices, Network Cards.
If it's o.k. with you, I'd like to get eth1 working with the local hub first - then worry about giving my LAN access to the outside world.
Well, that's fine if you don't like to be totally confused. Good plan. That's why you need to start turning off NICs via ifup/ifdown and checking status via 'ifconfig -a' instead of swapping cables.
--
Don
Stan
On Sunday 07 November 2004 13:53, Stan Glasoe wrote:
On Saturday 06 November 2004 11:09 pm, Don Parris wrote:
eth0 is my DSL connection - should have made that clear. eth1 Goes to the local hub. snipped < So far, I've been switching the DSL & LAN cables on eth0 as needed to connect to the internet or to the LAN. While this defintely cuts down outsiders' chances of attacking the whole LAN, it is inconvenient. ;)
You shouldn't have to do that manual switching of cables. Leave the cables all connected where they are supposed to go. With both interfaces cabled and up and running, do an 'ifdown eth0' (from a root prompt in a konsole/console) to test just eth1 on your internal LAN. This allows you to dictate which NIC is talking to which network and when. Then to test the Internet side do an 'ifdown eth1' and then an 'ifup eth0' to test just external/Internet connectivity from this system.
I understand that I should not have to. That's why I'm asking for help. :) I wil run this test this evening - haven't had time to do much in the last 48 hours.
Without setting up the connection/route between the cards with "Enable IP Forwarding" you have to work with only one card at a time. I believe that without the routing setup that all traffic will most likely go to the first NIC available - sometimes - which makes troubleshooting and expecting certain results diabolically threatening to one's sanity/sobriety. Either that or its just my luck!
There's a nice little program called KNemo that puts a little network icon in the systray area (and also appears within KDE Control Center); one for each connection you have on the machine. Label them and then you'll know which is up/down with a glance or mouse over.
This is great to know - I've never even heard of KNemo.
As mentioned in my response to Anders, I can get VNC connections using the LAN cable on eth0, but when using eth1, I get nada. Ok, I do get blinking lights - but that's about it.
But IF I understand what you've been doing you connect both cables to the same hub once in a while. Or you disconnect eth1 from the hub when you connect eth0 to the hub. Stop that. See above.
Remember to turn on "Enable IP Forwarding" for NICs in Yast, Network Devices, Network Cards.
If it's o.k. with you, I'd like to get eth1 working with the local hub first - then worry about giving my LAN access to the outside world.
Well, that's fine if you don't like to be totally confused. Good plan. That's why you need to start turning off NICs via ifup/ifdown and checking status via 'ifconfig -a' instead of swapping cables.
The swapping cables part is definitely a thing of the past. It was merely a temp solution until I decided I didn't know how to solve the problem. Don -- DC Parris GNU Evangelist http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere!"
On Monday 08 November 2004 13:48, Don Parris wrote:
On Sunday 07 November 2004 13:53, Stan Glasoe wrote:
On Saturday 06 November 2004 11:09 pm, Don Parris wrote:
eth0 is my DSL connection - should have made that clear. eth1 Goes to the local hub. snipped <SNIP>
With both interfaces cabled and up and running, do an 'ifdown eth0' (from a root prompt in a konsole/console) to test just eth1 on your internal LAN. This allows you to dictate which NIC is talking to which network and when. Then to test the Internet side do an 'ifdown eth1' and then an 'ifup eth0' to test just external/Internet connectivity from this system.
I understand that I should not have to. That's why I'm asking for help. :) I wil run this test this evening - haven't had time to do much in the last 48 hours.
I finally got to test things further this evening - not yesterday, as planned. At any rate, here's where I am: My LAN is now 192.168.2.x. My DSL card is assigned 192.168.1.3. I'm using etc/hosts for name resolution. I did ifdown 'eth0' and pinged the LAN from eth1. What happens is that I get no output at all, until I hit [Ctrl]+C, at which point the standard ping summary appears with failures across the board. I've tried pinging with and without the -I to assign the NIC to ping from. I even switched to a third NIC, with the same results. I checked that the NIC was properly plugged in. The cable is good, as I can use it with no problems if I plug it into eth0 (which is an on-board ethernet port). The hub port is also good for the same reason. Using the same cable and hub port, but eth0 instead of eth1 (a PCI card), I can access the LAN. I have also switched PCI slots. If I plug the LAN cable into eth1, and try pinging the LAN, I get no result. During the ping process, the respective lights on the hub will flash, and the signal meter lights, but only to the first light (low signal strength). Again, this is not an issue at all when using eth0 - only with eth1. I'm checking the logs now to see what info I can get out of them. Don -- DC Parris GNU Evangelist http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere!"
My LAN is now 192.168.2.x. My DSL card is assigned 192.168.1.3. I'm using etc/hosts for name resolution. So the DSL card is an internal PCI slot device? Yes/No
I did ifdown 'eth0' and pinged the LAN from eth1. What happens is that I get no output at all, until I hit [Ctrl]+C, at which point the standard ping summary appears with failures across the board. I've tried pinging with and without the -I to assign the NIC to ping from.
I even switched to a third NIC, with the same results. I checked that the NIC was properly plugged in. The cable is good, as I can use it with no problems if I plug it into eth0 (which is an on-board ethernet port). The hub port is also good for the same reason. Using the same cable and hub port, but eth0 instead of eth1 (a PCI card), I can access the LAN. I have also switched PCI slots. Excellent troubleshooting. You've isolated it to any PCI Ethernet NIC
On Tuesday 09 November 2004 10:58 pm, Don Parris wrote: plugged into available slots will NOT work.
If I plug the LAN cable into eth1, and try pinging the LAN, I get no result. During the ping process, the respective lights on the hub will flash, and the signal meter lights, but only to the first light (low signal strength). Again, this is not an issue at all when using eth0 - only with eth1. How many PCI slots and what cards are in which slots? The power supply connectors on the motherboards are closest to which PCI slot?
I suspect not enough power is getting to all components. Either its an old power supply that has lost its mojo or you are over loading it; never was big enough to power all this. With hard drives, CD/DVD devices, video card, etc its just too much. One way to verify is unplug from power any device you can to test just the PCI NIC being useable. I ask whether your DSL card is internal or not because if it is internal why not use it as your FW_EXT_DEV and use the embedded eth0 as your FW_INT_DEV? Forget mucking about with another NIC unless you want to make it FW_DEV_DMZ?
I'm checking the logs now to see what info I can get out of them. Good Don Stan
On Wednesday 10 November 2004 08:34, Stan Glasoe wrote:
On Tuesday 09 November 2004 10:58 pm, Don Parris wrote:
My LAN is now 192.168.2.x. My DSL card is assigned 192.168.1.3. I'm using etc/hosts for name resolution.
So the DSL card is an internal PCI slot device? Yes/No
I did ifdown 'eth0' and pinged the LAN from eth1. What happens is that I get no output at all, until I hit [Ctrl]+C, at which point the standard ping summary appears with failures across the board. I've tried pinging with and without the -I to assign the NIC to ping from.
I even switched to a third NIC, with the same results. I checked that the NIC was properly plugged in. The cable is good, as I can use it with no problems if I plug it into eth0 (which is an on-board ethernet port). The hub port is also good for the same reason. Using the same cable and hub port, but eth0 instead of eth1 (a PCI card), I can access the LAN. I have also switched PCI slots.
Excellent troubleshooting. You've isolated it to any PCI Ethernet NIC plugged into available slots will NOT work.
If I plug the LAN cable into eth1, and try pinging the LAN, I get no result. During the ping process, the respective lights on the hub will flash, and the signal meter lights, but only to the first light (low signal strength). Again, this is not an issue at all when using eth0 - only with eth1.
How many PCI slots and what cards are in which slots? The power supply connectors on the motherboards are closest to which PCI slot?
I suspect not enough power is getting to all components. Either its an old power supply that has lost its mojo or you are over loading it; never was big enough to power all this. With hard drives, CD/DVD devices, video card, etc its just too much. One way to verify is unplug from power any device you can to test just the PCI NIC being useable.
When I bring use rcnetwork restart, I get this error message: WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko): Device or resource busy Could this be the issue? The system came with this power supply, but I'll try that. I switched out a broken CD for a DVD drive & a CD-RW. I also swapped out a 1 GB HDD for my 80 GB HDD. Not sure why they only had a 1 GB drive in there to begin with, but...
I ask whether your DSL card is internal or not because if it is internal why not use it as your FW_EXT_DEV and use the embedded eth0 as your FW_INT_DEV? Forget mucking about with another NIC unless you want to make it FW_DEV_DMZ?
I don't have a DSL card. I have a built-in ethernet port and a PCI NIC. I'm plugging my built-in eth port to the DSL modem.
Stan
-- DC Parris GNU Evangelist http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere!"
When I bring use rcnetwork restart, I get this error message: WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko ): Device or resource busy Turn off the firewall while testing. This module pertains to the firewall and the only information file I can find on SUSE 9.1 is in German.
Could this be the issue? The system came with this power supply, but I'll try that. I switched out a broken CD for a DVD drive & a CD-RW. I also swapped out a 1 GB HDD for my 80 GB HDD. Not sure why they only had a 1 GB drive in there to begin with, but... My best guess so far. What's the power supply rating? Unplug the CD-RW and DVD and floppy and whatever else isn't absolutely necessary for testing. If the wattage rating is 250 or so it may not be enough for all you have added. Or the power supply has "settled" over time and isn't putting out like she used to... Meaning the +/- 5V and +/- 12V
I don't have a DSL card. I have a built-in ethernet port and a PCI NIC. I'm plugging my built-in eth port to the DSL modem. OK. Then we need to find out why PCI NICs aren't working right and my best guess is power. If it isn't the power supply then maybe its the
On Wednesday 10 November 2004 9:34 am, Don Parris wrote: lines are down more than 10% to +/- 4.5V and +/- 10.8V or so. If this is the case then go get a higher wattage power supply that'll fit in that case. What about the video card? Is it original or upgraded? May want to back that out also. Newer video card usually means it uses more power. Remember to go over all cable connections every time to make sure nothing is loose, broken, missing, etc. Reseat the power supply's mainboard connectors also. mainboard itself and the slots are all bad. Stan
Quoting Stan Glasoe
On Wednesday 10 November 2004 9:34 am, Don Parris wrote:
When I bring use rcnetwork restart, I get this error message: WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko ): Device or resource busy Turn off the firewall while testing. This module pertains to the firewall and the only information file I can find on SUSE 9.1 is in German.
ipfwadm (IP FireWall ADMinistration) is/was the firewall module in 2.2 kernel or earlier. It is probably trying to grab the firewall hooks/resources after the newer firewall module is loaded. The progression is ipfwadm, ipchains, iptables. If you intended to ipfwadm, it is time to upgrade. HTH, Jeffrey
On Wednesday 10 November 2004 12:14, Jeffrey L. Taylor wrote:
Quoting Stan Glasoe
: On Wednesday 10 November 2004 9:34 am, Don Parris wrote:
When I bring use rcnetwork restart, I get this error message: WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko ): Device or resource busy
Turn off the firewall while testing. This module pertains to the firewall and the only information file I can find on SUSE 9.1 is in German.
ipfwadm (IP FireWall ADMinistration) is/was the firewall module in 2.2 kernel or earlier. It is probably trying to grab the firewall hooks/resources after the newer firewall module is loaded. The progression is ipfwadm, ipchains, iptables. If you intended to ipfwadm, it is time to upgrade.
HTH, Jeffrey Thanks. I really didn't intend anything. I thought it was part of the firewall. I turned on the firewall at install time, and get this error at boot or on restarts. I confess, I'm _not_ real knowledgeable about the firewall.
-- DC Parris GNU Evangelist http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere!"
On Wednesday 10 November 2004 12:55, Don Parris wrote:
On Wednesday 10 November 2004 12:14, Jeffrey L. Taylor wrote:
Quoting Stan Glasoe
: On Wednesday 10 November 2004 9:34 am, Don Parris wrote:
When I bring use rcnetwork restart, I get this error message: WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko ): Device or resource busy
Turn off the firewall while testing. This module pertains to the firewall and the only information file I can find on SUSE 9.1 is in German.
ipfwadm (IP FireWall ADMinistration) is/was the firewall module in 2.2 kernel or earlier. It is probably trying to grab the firewall hooks/resources after the newer firewall module is loaded. The progression is ipfwadm, ipchains, iptables. If you intended to ipfwadm, it is time to upgrade.
HTH, Jeffrey
Thanks. I really didn't intend anything. I thought it was part of the firewall. I turned on the firewall at install time, and get this error at boot or on restarts. I confess, I'm _not_ real knowledgeable about the firewall.
The firewall configuration was the problem. Turning off the firewall allowed me to ping the internal LAN. Turning it back on reproduced the problem. So I looked at the firewall config. The PCI NIC was not set as the internal interface, thus rendering it pretty useless. That tells me a great deal - namely that the firewall does work pretty well. Heck it won't even let me out of my own box! :) I've also learned a bit about troubleshooting. In the future, I'll start with turning off the firewall, then work my way back to the hardware. Anyway, good lessons here, and a working LAN connection. Thanks a lot Stan, Anders & Jeffrey. I appreciate your patience. Don -- DC Parris GNU Evangelist http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere!"
On Saturday 06 November 2004 8:11 pm, Don Parris wrote:
I'm trying to setup two NICs on one box, and seem to be having trouble eaching the rest of the LAN using eth1. I use eth0 for the DSL connection.
ifconfig reports: dsl0 Link encap:Point-to-Point Protocol inet addr:192.168.99.1 P-t-P:192.168.99.99 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
eth0 Link encap:Ethernet HWaddr 00:0A:E6:68:3E:24 inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20a:e6ff:fe68:3e24/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:104 errors:0 dropped:0 overruns:0 frame:0 TX packets:175 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34154 (33.3 Kb) TX bytes:10841 (10.5 Kb) Interrupt:5 Base address:0xc400
eth1 Link encap:Ethernet HWaddr 00:01:02:73:CA:CF inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::201:2ff:fe73:cacf/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:12 errors:0 dropped:0 overruns:0 carrier:5 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:936 (936.0 b) Interrupt:3 Base address:0xc000
ping -I 192.168.1.2 192.168.1.14 produces "host unreachable".
I've tried 2 different NICs. I suspect the problem is not dead NICs but perhaps something I need to do differently or additionally. I've setup the hosts file with both NICs listed (and tried it with only eth1's address listed - 192.168.1.2) I'm not quite sure what else to do.
Thanks, Don
-- DC Parris GNU Evangelist http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere!"
Hi Don Stan Glasoe has picked up the issue about the subnets. I'll chip in with this: If you have 2 NICS, you either DO or DON'T want them on the same subnet according to what you want to do, there is no option. In your case, it seems that you want to use eth1 for your own LAN and eth0/dsl0 as your external connection, in which case [no option], eth0 and eth1 must be on different subnets, to provide separation of internal and external traffic. I am not familiar with how to configure the eth0/dsl0 interface, because I use a router, but there should be no difference between single machine use configuration and configuration for the single machine to act as router for the whole LAN. So, leave aside eth1 for the moment, just get eth0/dsl0 working as a standalone internet setup on the one machine. When this works, go with what Stan says about separate subnets, and work on eth1. The machine with the 2 interfaces is then a router, which must have IP forwarding turned on [YaST2 -> Network Devices -> Network Card -> Change [already configured devices] -> edit -> routing -> enable IP forwarding]. After this, you'll need to set up your LAN clients to access the internet, which means pointing them at your machine as gateway or router and sorting out DNS. hth Vince
On Saturday 06 November 2004 17:19, Vince Littler wrote:
On Saturday 06 November 2004 8:11 pm, Don Parris wrote:
I'm trying to setup two NICs on one box, and seem to be having trouble eaching the rest of the LAN using eth1. I use eth0 for the DSL connection.
ifconfig reports: dsl0 Link encap:Point-to-Point Protocol inet addr:192.168.99.1 P-t-P:192.168.99.99 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
eth0 Link encap:Ethernet HWaddr 00:0A:E6:68:3E:24 inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20a:e6ff:fe68:3e24/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:104 errors:0 dropped:0 overruns:0 frame:0 TX packets:175 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34154 (33.3 Kb) TX bytes:10841 (10.5 Kb) Interrupt:5 Base address:0xc400
eth1 Link encap:Ethernet HWaddr 00:01:02:73:CA:CF inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::201:2ff:fe73:cacf/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:12 errors:0 dropped:0 overruns:0 carrier:5 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:936 (936.0 b) Interrupt:3 Base address:0xc000
ping -I 192.168.1.2 192.168.1.14 produces "host unreachable".
I've tried 2 different NICs. I suspect the problem is not dead NICs but perhaps something I need to do differently or additionally. I've setup the hosts file with both NICs listed (and tried it with only eth1's address listed - 192.168.1.2) I'm not quite sure what else to do.
Thanks, Don
-- DC Parris GNU Evangelist http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere!"
Hi Don
Stan Glasoe has picked up the issue about the subnets. I'll chip in with this:
If you have 2 NICS, you either DO or DON'T want them on the same subnet according to what you want to do, there is no option. In your case, it seems that you want to use eth1 for your own LAN and eth0/dsl0 as your external connection, in which case [no option], eth0 and eth1 must be on different subnets, to provide separation of internal and external traffic.
I am not familiar with how to configure the eth0/dsl0 interface, because I use a router, but there should be no difference between single machine use configuration and configuration for the single machine to act as router for the whole LAN. So, leave aside eth1 for the moment, just get eth0/dsl0 working as a standalone internet setup on the one machine.
If the DSL were not working with eth0, you wouldn't likely be able to post to the list until tomorrow night. :) eth0 is fine, I just need eth1 working with the internal LAN. So I'll finish working with Stan's message and report back in a bit. I didn't think about using different subnets.
When this works, go with what Stan says about separate subnets, and work on eth1. The machine with the 2 interfaces is then a router, which must have IP forwarding turned on [YaST2 -> Network Devices -> Network Card -> Change [already configured devices] -> edit -> routing -> enable IP forwarding].
After this, you'll need to set up your LAN clients to access the internet, which means pointing them at your machine as gateway or router and sorting out DNS.
Opening the LAN to internet access will definitely come a little later.
Don -- DC Parris GNU Evangelist http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere!"
On Saturday, 6 November 2004 21.11, Don Parris wrote:
TX packets:12 errors:0 dropped:0 overruns:0 carrier:5
Aside from what others have mentioned, note that you're getting carrier errors here, which isn't supposed to happen, ever, regardless of routing problems. Did you try using this card only, in other words disable eth0 completely? Perhaps try switching cables around, to see if there's a cabling problem, or if you have a hub try using a different port in the hub
participants (5)
-
Anders Johansson
-
Don Parris
-
Jeffrey L. Taylor
-
Stan Glasoe
-
Vince Littler