routing frustrations

I've hit the wall> I amtrying to set up RHes3 at my office to serve
it's database. Currently have a ScoUnix box and many PC's with windows
as clients. Long torm plan to migrate everything to Redhat. The
office has a router and 2 switches (growth has been piecemeal) conneted
to a T1.

T1
|
Router(D-Link)
|
switch1---switch2
| | | | | | | | | |
PCPCPCPC PCPCPCPCPCScobox

all works well, can access the internet, etc.

Ater adding the RH server, everything still works but the RHbox cannot
access the router.
T1
|
Router(D-Link)
|
switch1-------switch2
| | | | | | | | | | |
PCPCPCPC RH PCPCPCPCPCScobox

The windoze boxes talk to the scobox and each other. The RHes3 talks
to the other machines with Samba and the scobox directly.
ping returns "Host unreachable" and the man page says to set up a
static route.
I thought I did!

output of netstat -r
Kernal ip routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0

cat of /etc/resolv.conf
nameserver 2XX.XXX.XXX.XX0 \
nameserver 2XX.XXX.XXX.X1 \ assigned by ISP telcom
nameserver 2XX.XXX.XXX.XX3 /

output of ifconfig:
eth0 Link encap: Ethernet HWaddr XX:XX:XX:XX:XX:XX
inetaddr: 192.168.0.15 Bcast: 192.168.0.255 Mask:255.255.255.0
UP BROADCAT RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2695 errors:0 dropped:0 overruns:0 frame:0
TX packets:519 errors:0 dropped:0 overruns:0 carrier:0
Collisions:0 txqueuelen:1000
RX bytes:310171 (302.9kb) TX bytes: 38142 (37.2kb)
interrupt:48 Base address:0xd8c0 Memory:dfce0000-dfd00000

Lo Link encap: Local Loopback
inetaddr: 127.0.0.1 Mask:255.255.255.0
UP BROADCAT RUNNING MULTICAST MTU:16436 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
Collisions:0 txqueuelen:0
RX bytes:700 (700.b) TX bytes: 700 (7b)

cat of /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.0.15 Bigiron.xxxx.com (Ip address assigned by me to RHes3)
192.168.0.1 router
192.168.0.10 scobox with static ip assigned by me.
192.168.0.xxx \windoze boxes with IP's assigned by router
etc. /

Here's the rub. I'm typing this on the RHes3 that I brought home to
work on this weekend and it had no problem getting on my home (linksys)
router and connecting to the internet!!! Is there something I need to
know about the switches? I thought they should be transparent to the
network. I've even scrutenized the router thinking there might be some
limit to the number of machines but I cannot find any.
One last point. The office router is wireless and I have it set up to
filter using MAC addresses and I have double checked and they are
entered correctly.

Appreciate any help to solve this problem. I am totally frustrated
after reading man pages, tldp.com HOWTO's, and the many posts here.
This seems to be a relatively common problem from the number of posts.
Can you direct me to any other source?
Thanks

> ping returns "Host unreachable" and the man page says to set up a
> static route.
> I thought I did!
>
> output of netstat -r
> Kernal ip routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
> 169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
> 127.0.0.0 * 255.0.0.0 U 0 0 0 lo
> 0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
>
> cat of /etc/hosts
> 127.0.0.1 localhost.localdomain localhost
> 192.168.0.15 Bigiron.xxxx.com (Ip address assigned by me to RHes3)
> 192.168.0.1 router
> 192.168.0.10 scobox with static ip assigned by me.
> 192.168.0.xxx \windoze boxes with IP's assigned by router
> etc. /

Not sure if this will help you, but I had a problem where my router's
default gateway was always being tried first. Even though there were
other routes 192.168.1.0 for interfaces setup. This caused ftp-ing
between local boxes to be really slow as it would try each packet on the
default one first, and then the correct one after it timed out. The fix
for me was to add a route for each individual IP on the network.

route add -net 192.168.1.2 netmask 255.255.255.255 eth0
etc...

route add -net 192.168.1.0 netmask 255.255.255.0 eth0
(this one gave a route, but lagged greatly because the default was always
tried first)

I suppose I could just not have a default or maybe there's some special
order to create routes in that would fix this. But the dialup
configuration was hard enough to setup to start with.

Other fixes was to bring down idle interfaces.
"ifconfing <interface> down" And this would allow the default to be just
the routes I was using at the time. The howto's are a little awkward in
that you have to fully understand three or four of them just to get the
one thing you're trying to do to work. For dialup, that's
iptables/netfilter, route, DNS, pppd, etc..... Some distros have distro
specific tools to help, but even they don't fill in all the blanks
sometimes.

Also remember that you need a route on the client machine as well as the
router(s). Adding them to /etc/hosts, only allows you to use names
instead of IPs to address the other boxes.

Shadow_7

Thanks for the response. If I understand your reply suggesting adding
a route to each machine on my network, I don't have a problem reaching
anything on the LAN side of the router. It is the router and the T1
gateway that I can't reach with the RHES3 box. It communicates fine
with the other local boxes. PINGing the router (192.168.0.1) returns
"Host Unreachable" even though I have a "default" route noted as GW in
the routing table on the RHES3. All of the windoze machines can access
the internet through the router and each other.
Again, could this have anything to do with traversing the switch? I
wouldn't think so, but I don't know much about their operation. As I
said, I thought they should be transparent. They are to the windoze
boxes. Do I need to specify a number of hops (Metric?)to the router as
2??
Again, I would be glad to RTFM if I knew which one covered this. I've
tried most of the remedies I have found.
Thanks
Gordon

In article <(E-Mail Removed) .com>, sadoc wrote:

>Thanks for the response. If I understand your reply suggesting adding
>a route to each machine on my network, I don't have a problem reaching
>anything on the LAN side of the router.

You snipped all the context - let's look at your routing table:

>> Kernal ip routing table
>> Destination Gateway Genmask Flags Metric Ref Use
>> Iface
>> 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
>> 169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
>> 127.0.0.0 * 255.0.0.0 U 0 0 0 lo
>> 0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0

I'm not going to duplicate your diagram or hosts table here, but this table
should be satisfactory. Everything _other_than_ the far side of the router
is "local". That means the top network route is all you need. (The 169.254
BS is a RedHat feature that doesn't hurt, but is only useful in avoiding
"Martian Packet" error messages when some windoze box can't reach the DHCP
server, and it grabs an address out of nowhere.)

>It is the router and the T1 gateway that I can't reach with the RHES3 box.

And when you use 'tcpdump -i eth0' on the Linux box, what do you see?

>PINGing the router (192.168.0.1) returns "Host Unreachable" even though I
>have a "default" route noted as GW in the routing table on the RHES3.

The default route isn't needed to reach the router, because it's "local"
(on the same wire). The default route is used to reach hosts OTHER THAN
those on 192.168.0.0/24, 169.254.0.0/16 and 127.0.0.0/8.

>All of the windoze machines can access the internet through the router
>and each other. Again, could this have anything to do with traversing
>the switch?

Unlikely - the switch knows how to route packets to/from the Linux box
from/to other systems. I'd be looking at the router, and seeing if it
knows how to reach the Linux box. You might be sending traffic from the
Linux box through the switch to router, but if the router doesn't know
how to send packets to the Linux box, both will be reporting "Host
Unreachable". Remember, it takes two to tango. Ah, look at the
ARP tables on the router (sorry, I use Ciscos where the command would
be 'showarp') and Linux box (/sbin/arp -a).

>I wouldn't think so, but I don't know much about their operation. As I
>said, I thought they should be transparent.

Your diagram on Sunday showed the Linux box on the same switch as the
router. The fact that the Linux box and router can talk to/from windoze
boxes says that the switch knows how to send stuff in the right directions.
There are only two possibilities I'd see:

1. Router doesn't know how to route to Linux (either it's using host routes,
or it has a firewall that says 192.168.0.15 doesn't exist).

2. Red Hat box has a firewall that says 192.168.0.1 is a bad guy and not to
be spoken to. /sbin/iptables -L

Old guy