[ale] router stupids

James P. Kinney III jkinney at localnetsolutions.com
Thu Aug 26 11:09:26 EDT 2004


My brain has lost a neuron somewhere. I have a .248 network of public
IP's. One of them is for the linux firewall/router. There is an internal
LAN that is NAT'ed. The server has 2 NIC's, iptables (and Bob Toxen's
entire book, 2 ed, in a 36,000 line shell script :).

By default the system sets up the outside NIC to see the Public IP's and
the inside to see the 192's. So I added a route for the publics to be on
the internal nic. 

Currently, the external line from the ISP as well as the internal and
external lines for the router machine are all plugged into a switch so
my testing is a bit vague.

The ISP has a Cisco router between the T1 line and my outside net line.
That box seems to be where I'm having trouble. From the outside, if I
traceroute any machine but the gateway machine, the last address
returning is the external address of the Cisco. This _looks_ like the
Cisco router is doing NAT which the ISP swears it isn't. The gateway
machine has an IP that has never been used by the network before.

Of course, I don't have the password for the router.  Do I need to power
cycle the router to get it to flush or do I need to get the ISP on the
phone and get them to do go in and do a flush?
-- 
James P. Kinney III          \Changing the mobile computing world/
CEO & Director of Engineering \          one Linux user         /
Local Net Solutions,LLC        \           at a time.          /
770-493-8244                    \.___________________________./
http://www.localnetsolutions.com

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part




More information about the Ale mailing list