solarbird: (molly-thats-not-good-green)
[personal profile] solarbird
The 1995 P166 that has been until now door.murkworks.net has formally and abruptly retired itself. So I'm having to move the new box into place now. This is the DMZ box I was talking about earlier.

Henceforth, "Door" refers to "New Door," not the old machine that is broken. It is latest Debian.

Door has three network cards: eth0 going to cable modem, eth1 going to fixed IP LAN segment, eth2 going to DHCP LAN segment. Door is running both DNS and DHCP servers.

Door can see everything in the world, on all cards. Complete functionality.

DHCP side can see everything in the world, on all cards. Complete functionality.

Fixed IP machines can all see Door (including its DNS services), and each other, and talk to the DHCP side, but can talk to nothing living out on eth0.

tcpdump on Door shows Door handing off ICMP packets on eth0, so that direction seems okay.

I am not seeing ACKs coming back to Door on eth0 from google.com but I can't be sure they aren't doing something tricky and my filters are confused.

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         173.160.243.46  0.0.0.0         UG    0      0        0 eth0
173.160.243.40  0.0.0.0         255.255.255.248 U     0      0        0 eth1
173.160.243.42  0.0.0.0         255.255.255.255 UH    0      0        0 eth1
173.160.243.43  0.0.0.0         255.255.255.255 UH    0      0        0 eth1
173.160.243.44  0.0.0.0         255.255.255.255 UH    0      0        0 eth1
173.160.243.46  0.0.0.0         255.255.255.255 UH    0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2


Door is 173.160.243.41 (on eth0), 173.160.243.45 (on eth1), 192.168.1.1 (on eth2). 173.160.243.46 is the modem. 173.160.243.40 is a network to eth1.

Anybody know wtf?

eta: The router - in addition to not showing door any ACKs for anything from .42 and .43 - is sending out a lot of ARP packets looking for 173.160.243.42 and 173.160.243.43, and I'm starting to think it won't talk to a gateway box in the fixed-IP range. I try to add .41 as a gateway address for .42 and .43 and it refuses, saying illegal LAN address. SUPER RAGIFICATION ENGAGED.

eta2: And the new problem is that the PS4 won't pick up the gateway information from the Linux-based DHCP server. It will pick up an address! It's also not getting the DNS server number either. Why? Fuck if I know, everything else does it right.

Date: 2017-06-26 06:42 pm (UTC)
mdlbear: the positively imaginary half of a cubic mandelbrot set (Default)
From: [personal profile] mdlbear
OK, now I get it. I can ping 73.160.243.42 (for example) from here.

>host 73.160.243.42
42.243.160.73.in-addr.arpa domain name pointer c-73-160-243-42.hsd1.nj.comcast.net.

So your problem is that the addresses you're trying to use for your fixed IP range are already taken, and live somewhere else on the network. That's why you can send packets but they don't come back.

September 2017

S M T W T F S
     12
3456 789
1011 12 13141516
17 1819 2021 2223
24252627282930

Most Popular Tags

Page Summary