[afnog] Packet Forwarding Issue with Linux
Hugo Lombard
hal at elizium.za.net
Mon Apr 11 09:58:20 UTC 2011
On Mon, Apr 11, 2011 at 12:20:57PM +0300, Gerald Begumisa wrote:
> On Mon, Apr 11, 2011 at 11:19 AM, Hugo Lombard <[1]hal at elizium.za.net>
> wrote:
>
> Does eth0 and eth2 connect to two different switches?
>
> Yes, on the "router" server, eth0 is connected to the same switch as
> server B, while eth2 is connected to the ISP's switch. However, just in
> case it's worth noting, server B, has another ethernet interface, eth1,
> which is connected to the same switch. I've attached a simple ASCII
> diagram to make it clearer.
>
It doesn't sound like it should be a problem. The traffic is seen on
the right interface. Although, could you re-run the tcpdumps with a -p
switch, so that it doesn't put the card in promiscuous mode? Just in
case it's seeing traffic on the switch, that's not making it to the
NIC... While you're at it, also add -e, so that it will show the
link-layer MACs, and confirm that the destination MAC of the ping
replies is that of eth2 on server A.
Other than that, could you post the output of "/sbin/iptables-save"?
You probably know this, but you can mask the IPs by piping it through a
sed, something like:
/sbin/iptables-save | sed -e 's/a\.b\.c\./1.2.2./g' -e 's/x\.y\.z\./1.2.3./g'
replacing a.b.c with your ISP side network, and x.y.z with your local
network.
--
Hugo Lombard
More information about the afnog
mailing list