strange problem connecting 2 linux boxes

Hello,
- Last week I had posted here a
strange problem I had connecting 2 linux boxes.
I had done some more tests and I am quite in despair.
please help!

- I had tried to conenct 2 Linux boxes directly.
I did it with a cross cable connecting directly
one nic to the other nic.
(also tried all my tests with non-cross cable,
but AFAIK it should be with cross cable).

Clifford Kite asked about that cable: it is a brand new cable
that I bought, and testd today on other machines, and
it's OK.

For this I set the address of one of them to
192.168.0.2
subnet: 255.255.255.0

the other is
192.168.0.1
subnet: 255.255.255.0


Now I can't ping from 192.168.0.2
to 192.168.0.1.

I tried to remove the GW declaration from
192.168.0.2 (the gw was 192.168.0.254 , and
in this connection both of them were not conneced to
192.168.0.254).
I also tried, on 192.168.0.2 ,to set the gw to itself,
namely 192.168.0.2 but it did not help.

what adds to this strangeness is , that when
I took the 192.168.0.1 and connected it to a different
machine with the same non-corss cable - I could ping it!!


Now , I had done another test:
connecting them through a hub, with 2 non cross
cables. And again - no ping.

I know for sure that these cables are OK,
because immedaitely afterwards
I connected them to a cable modem and they were OK
(I am currently posting this message using one of them ...
were it not OK you could not read this post...).

Clifford asked about some data:
the output of route from 192.168.0.2:

routing table at work
Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.0.254 0.0.0.0 UG 0 0 0 eth0





ifconfig of 192.168.0.2 gives:
ifconfig
eth0 Link encap:Ethernet HWaddr 00:0D:61:10:B8:AC
inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3109 errors:0 dropped:0 overruns:0 frame:0
TX packets:2820 errors:0 dropped:0 overruns:0 carrier:0
collisions:661 txqueuelen:100
RX bytes:912643 (891.2 Kb) TX bytes:2277008 (2.1 Mb)
Interrupt:11 Base address:0x9000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
.......

what can it be ?
please help !

regards,
sting

Sting wrote:

> Hello,
> - Last week I had posted here a
> strange problem I had connecting 2 linux boxes.
> I had done some more tests and I am quite in despair.
> please help!
>
> - I had tried to conenct 2 Linux boxes directly.
> I did it with a cross cable connecting directly
> one nic to the other nic.
> (also tried all my tests with non-cross cable,
> but AFAIK it should be with cross cable).
>
> Clifford Kite asked about that cable: it is a brand new cable
> that I bought, and testd today on other machines, and
> it's OK.
>
> For this I set the address of one of them to
> 192.168.0.2
> subnet: 255.255.255.0
>
> the other is
> 192.168.0.1
> subnet: 255.255.255.0
>
>
> Now I can't ping from 192.168.0.2
> to 192.168.0.1.
>
> I tried to remove the GW declaration from
> 192.168.0.2 (the gw was 192.168.0.254 , and
> in this connection both of them were not conneced to
> 192.168.0.254).
> I also tried, on 192.168.0.2 ,to set the gw to itself,
> namely 192.168.0.2 but it did not help.
>
> what adds to this strangeness is , that when
> I took the 192.168.0.1 and connected it to a different
> machine with the same non-corss cable - I could ping it!!
>
>
> Now , I had done another test:
> connecting them through a hub, with 2 non cross
> cables. And again - no ping.
>
> I know for sure that these cables are OK,
> because immedaitely afterwards
> I connected them to a cable modem and they were OK
> (I am currently posting this message using one of them ...
> were it not OK you could not read this post...).
>
> Clifford asked about some data:
> the output of route from 192.168.0.2:
>
> routing table at work
> Kernel IP routing table
>
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 192.168.0.0 * 255.255.255.0 U 0 0 0
> eth0
> 169.254.0.0 * 255.255.0.0 U 0 0 0
> eth0
> 127.0.0.0 * 255.0.0.0 U 0 0 0 lo
> default 192.168.0.254 0.0.0.0 UG 0 0 0
> eth0
>
>
>
>
>
> ifconfig of 192.168.0.2 gives:
> ifconfig
> eth0 Link encap:Ethernet HWaddr 00:0D:61:10:B8:AC
> inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:3109 errors:0 dropped:0 overruns:0 frame:0
> TX packets:2820 errors:0 dropped:0 overruns:0 carrier:0
> collisions:661 txqueuelen:100
> RX bytes:912643 (891.2 Kb) TX bytes:2277008 (2.1 Mb)
> Interrupt:11 Base address:0x9000
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> ......
>
> what can it be ?
> please help !
>
> regards,
> sting
Hi,

first of all, routes and gateways don't play a role in this case.
Can both machines ping themselfs? Can both machines ping 127.0.0.1.
Is the firewall acrivated (post iptables-save)? Use the cable you use to
connect your modem. This is a cross link, and you can plug it in directly
in both machines, without a hub.

Alex

Sting <(E-Mail Removed)> wrote:

> Now I can't ping from 192.168.0.2
> to 192.168.0.1.

> I tried to remove the GW declaration from
> 192.168.0.2 (the gw was 192.168.0.254 , and
> in this connection both of them were not conneced to
> 192.168.0.254).
> I also tried, on 192.168.0.2 ,to set the gw to itself,
> namely 192.168.0.2 but it did not help.

That's what MS would show as the default route, but doing that certainly
will not work for *nix. It will in fact screw up *nix default routing.

> what adds to this strangeness is , that when
> I took the 192.168.0.1 and connected it to a different
> machine with the same non-corss cable - I could ping it!!

So the problem is caused by something on the 192.168.0.2 host.

Here are two messages and/or symptoms when pinging an IP address fails
(given that the cross-over connection to the second host succeeded),
along with probable causes:

NO ROUTE TO IP ADDRESS
o - Ping a non-local dotted quad IP address.
ping: sendto: Network is unreachable

WRONG ROUTE TO IP ADDRESS
o - ping 192.168.0.1
Hangs (Does "arp who-has 192.168.0.1 tell <192.168.0.1 host>") forever?

In addition to these since 192.168.0.1 is a firewall and, presumably
does NAT, iptables may be involved here. I don't have a great depth
of insight into iptables but these rules are used here (in addition to
other rules that probably don't apply) for a LAN interface:

#
# Rules for special networks not part of the Internet
#
$IPTABLES -A INPUT -p ALL -i $LAN_IFACE -s $LAN_IP_RANGE -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LO_IFACE -s $LO_IP -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LO_IFACE -s $LAN_IP -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LO_IFACE -s $INET_IP -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LAN_IFACE -d $LAN_BCAST_ADDRESS -j ACCEPT

With the obvious (I hope) meanings for the environmental variables.
These rules are a part of a firewall script by Oskar Andreasson.

Since the routing you posted looked okay to me, the firewall is very
likely causing the problem. The firewall host here could ping a host
attached with a cross-over cable, so I can't provide any symptom for
a ping failure due to a firewall.

--
Clifford Kite Email: "echo xvgr_yvahk-(E-Mail Removed)|rot13"
PPP-Q&A links, downloads: http://ckite.no-ip.net/

Clifford Kite <(E-Mail Removed)> wrote:
> Sting <(E-Mail Removed)> wrote:

>> what adds to this strangeness is , that when
>> I took the 192.168.0.1 and connected it to a different
>> machine with the same non-corss cable - I could ping it!!
^^^^^^^^^
I missed this. It doesn't make sense that you could ping through
a straight through UTP-Cat5 cable connecting the Ethernet cards on
the hosts.

Moreover, where I got the idea that the 192.168.0.2 host had a firewall
is a mystery to me. As long as the two hosts are configured for the same
subnet, and neither is a firewalled host, then you should be able to ping
between them.

The odd thing is that somehow eth0 has two subnets configured:

Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0

Perhaps the last network route added takes preference just as the last
default route added does. Get rid of the 169.254.0.0/16 subnet and see
if a ping works.

--
Clifford Kite Email: "echo xvgr_yvahk-(E-Mail Removed)|rot13"
PPP-Q&A links, downloads: http://ckite.no-ip.net/

Thnxs;
I did not mentioned it but I did the tests also after
stoping iptables service, so it seems unlikely that the
problem is because of a firewall.
regards,
sting


Clifford Kite <(E-Mail Removed)> wrote in message news:<(E-Mail Removed)>...
> Sting <(E-Mail Removed)> wrote:
>
> > Now I can't ping from 192.168.0.2
> > to 192.168.0.1.
>
> > I tried to remove the GW declaration from
> > 192.168.0.2 (the gw was 192.168.0.254 , and
> > in this connection both of them were not conneced to
> > 192.168.0.254).
> > I also tried, on 192.168.0.2 ,to set the gw to itself,
> > namely 192.168.0.2 but it did not help.
>
> That's what MS would show as the default route, but doing that certainly
> will not work for *nix. It will in fact screw up *nix default routing.
>
> > what adds to this strangeness is , that when
> > I took the 192.168.0.1 and connected it to a different
> > machine with the same non-corss cable - I could ping it!!
>
> So the problem is caused by something on the 192.168.0.2 host.
>
> Here are two messages and/or symptoms when pinging an IP address fails
> (given that the cross-over connection to the second host succeeded),
> along with probable causes:
>
> NO ROUTE TO IP ADDRESS
> o - Ping a non-local dotted quad IP address.
> ping: sendto: Network is unreachable
>
> WRONG ROUTE TO IP ADDRESS
> o - ping 192.168.0.1
> Hangs (Does "arp who-has 192.168.0.1 tell <192.168.0.1 host>") forever?
>
> In addition to these since 192.168.0.1 is a firewall and, presumably
> does NAT, iptables may be involved here. I don't have a great depth
> of insight into iptables but these rules are used here (in addition to
> other rules that probably don't apply) for a LAN interface:
>
> #
> # Rules for special networks not part of the Internet
> #
> $IPTABLES -A INPUT -p ALL -i $LAN_IFACE -s $LAN_IP_RANGE -j ACCEPT
> $IPTABLES -A INPUT -p ALL -i $LO_IFACE -s $LO_IP -j ACCEPT
> $IPTABLES -A INPUT -p ALL -i $LO_IFACE -s $LAN_IP -j ACCEPT
> $IPTABLES -A INPUT -p ALL -i $LO_IFACE -s $INET_IP -j ACCEPT
> $IPTABLES -A INPUT -p ALL -i $LAN_IFACE -d $LAN_BCAST_ADDRESS -j ACCEPT
>
> With the obvious (I hope) meanings for the environmental variables.
> These rules are a part of a firewall script by Oskar Andreasson.
>
> Since the routing you posted looked okay to me, the firewall is very
> likely causing the problem. The firewall host here could ping a host
> attached with a cross-over cable, so I can't provide any symptom for
> a ping failure due to a firewall.

(E-Mail Removed) (Sting) wrote in message news:<(E-Mail Removed). com>...
> Thnxs;
> I did not mentioned it but I did the tests also after
> stoping iptables service, so it seems unlikely that the
> problem is because of a firewall.
> regards,
> sting
>
> Clifford Kite <(E-Mail Removed)> wrote in message news:<(E-Mail Removed)>...
> > Sting <(E-Mail Removed)> wrote:
[snip]
> >
> > > what adds to this strangeness is , that when
> > > I took the 192.168.0.1 and connected it to a different
> > > machine with the same non-corss cable - I could ping it!!
> >
> > So the problem is caused by something on the 192.168.0.2 host.
> >
> > Here are two messages and/or symptoms when pinging an IP address fails
> > (given that the cross-over connection to the second host succeeded),
> > along with probable causes:
> >
> > NO ROUTE TO IP ADDRESS
> > o - Ping a non-local dotted quad IP address.
> > ping: sendto: Network is unreachable
> >
> > WRONG ROUTE TO IP ADDRESS
> > o - ping 192.168.0.1
> > Hangs (Does "arp who-has 192.168.0.1 tell <192.168.0.1 host>") forever?
> >
[snip]
> >
> > Since the routing you posted looked okay to me, the firewall is very
> > likely causing the problem. The firewall host here could ping a host
> > attached with a cross-over cable, so I can't provide any symptom for
> > a ping failure due to a firewall.

Seems you're covering the bases, but ...

No ifconfig or route output from 192.168.0.1 ...

However, note the ifconfig output from 192.168.0.2 :
[quote]
ifconfig of 192.168.0.2 gives:
ifconfig
eth0 Link encap:Ethernet HWaddr 00:0D:61:10:B8:AC
inet addr:192.168.0.2 Bcast:192.168.0.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3109 errors:0 dropped:0 overruns:0 frame:0
TX packets:2820 errors:0 dropped:0 overruns:0 carrier:0
collisions:661 txqueuelen:100
RX bytes:912643 (891.2 Kb) TX bytes:2277008 (2.1 Mb)
Interrupt:11 Base address:0x9000
[end quote]

You have some sort of hardware related problem with so many collisions
-- ie., someone or something else is interferring with clean
transmissions from this interface by trying to transmit before this
eth0 has properly finished.

You may want to double check link status/speed on all hosts with :
# mii-tool -v

You can monitor the route cache for dynamic changes (on this or other
Linux hosts) with:
$ /bin/netstat -rncC
Sometimes it provides clues if connectivity is flakey or intermittent.

You may have to test/decide if this nic is on the down-and-outs :-(

hth,
prg
email above disabled

P Gentry <(E-Mail Removed)> wrote:

> Seems you're covering the bases, but ...

> No ifconfig or route output from 192.168.0.1 ...

If you assume that the second connection is meaningful and the 192.168.0.1
host's interface and routing didn't change before that connection then
that would seem to be irrelevant:

I took the 192.168.0.1 and connected it to a different
machine with the same non-corss cable - I could ping it!!

> However, note the ifconfig output from 192.168.0.2 :
> [quote]
> ifconfig of 192.168.0.2 gives:
> ifconfig
> eth0 Link encap:Ethernet HWaddr 00:0D:61:10:B8:AC
> inet addr:192.168.0.2 Bcast:192.168.0.255
> Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:3109 errors:0 dropped:0 overruns:0 frame:0
> TX packets:2820 errors:0 dropped:0 overruns:0 carrier:0
> collisions:661 txqueuelen:100
> RX bytes:912643 (891.2 Kb) TX bytes:2277008 (2.1 Mb)
> Interrupt:11 Base address:0x9000
> [end quote]

> You have some sort of hardware related problem with so many collisions
> -- ie., someone or something else is interferring with clean
> transmissions from this interface by trying to transmit before this
> eth0 has properly finished.

I think that may be true - or traffic from the second subnet and routing
on the eth0 interface is causing the collisions. (I did notice the
collisions, and they also seemed excessive to me, but my experience with
such things is limited so I passed on remarking about it.)

> You may want to double check link status/speed on all hosts with :
> # mii-tool -v

> You can monitor the route cache for dynamic changes (on this or other
> Linux hosts) with:
> $ /bin/netstat -rncC
> Sometimes it provides clues if connectivity is flakey or intermittent.

> You may have to test/decide if this nic is on the down-and-outs :-(

And yet he said pings from a second host to this one succeeded, albeit
with the "same non-corss cable." So unless that reference to the cable
is simply a mistake, something very strange seems to be going on.

--
Clifford Kite Email: "echo xvgr_yvahk-(E-Mail Removed)|rot13"
PPP-Q&A links, downloads: http://ckite.no-ip.net/
/* I hear and I forget. I see and I remember. I do and I understand.
--Confucius, 551-479 BC */