[OpenIndiana-discuss] OpenIndiana server networking, problem.
DormitionSkete@hotmail.com
dormitionskete at hotmail.com
Mon Jul 1 23:23:56 UTC 2013
On Jul 1, 2013, at 4:49 PM, Marcus Agehall wrote:
>
> Hang on a second. Which vmic is 192.168.0.3? vnic3? If so, I think you are in trouble.
>
> I'm struggling to make sense of what you are trying to do here. To me, it seems like you are creating a very complicated network setup for something that is very straight forward.
>
>
> Let's get back to some basics. Can you ping 192.168.0.1? Can you ping anything else on your local network?
>
> I suspect that the ICMP-redirects are screwing you over big time. I'm with James on this one, DO NOT USE THEM. There are certainly cases where they are useful, but this does not seem to be one. From what I can tell, you are to do NAT and port mapping.
>
> I'd recommend you drop all the ICMP redirects for now - it's probably where things goes wrong and it's not the right solution for your problem. If you still insist that you need the redirects, capture a few ping requests with tcpdump and let us have a look at what is going on.
>
> //Marcus
192.168.0.3 is the vnic for routert3.vnic0
I can not ping 192.168.0.1 from the OI server. I can get it just fine from the Linux server.
Please forgive me, but I don't even know what you are talking about with the ICMP redirects, or how to turn them off.
In the routert3 zone's /etc/ipf/ipnat.conf file, I have the following:
# /zones/routert3/root/etc/ipf/ipnat.conf
# webphp4
rdr routert3.vnic0 192.168.0.3/16 port 80 -> 192.168.3.50 port 80
rdr routert3.vnic0 192.168.0.3/16 port 443 -> 192.168.3.50 port 443
rdr routert3.vnic0 192.168.0.3/16 port 35022 -> 192.168.3.50 port 22
# mysql
rdr routert3.vnic0 192.168.0.3/16 port 3306 -> 192.168.3.51 port 3306
# tomcat
rdr routert3.vnic0 192.168.0.3/16 port 8080 -> 192.168.3.53 port 8080
rdr routert3.vnic0 192.168.0.3/16 port 8443 -> 192.168.3.53 port 8443
rdr routert3.vnic0 192.168.0.3/16 port 35322 -> 192.168.3.53 port 22
From what I can tell, this should not be causing any problems. It's been working fine on our network.
In the physical router, I also have a rule that points 192.168.3.0 to 192.168.0.3.
Those are the only redirections that I have -- that I know of !!!
And from what I can tell, they should not cause the OI box's 192.168.0.4 nic to not even be able to ping 192.168.0.1 -- much less get out onto the internet.
I'm not much of a networker -- I've said that before -- but I'm stumped here.
So, I'd really appreciate any insight / suggestions...
I finally gave up on it for the day about a half hour ago, and came home. I should be able to ssh into it if anyone needs more info from it, or has any suggestions that I can try from here.
Unless someone can clue me into something that might get things working again, my plan for tomorrow is to take a fresh OI server there that only has 192.168.0.something, and try it, to see if it can get to the internet. If it can, I'm half-tempted to just use that server, and build everything into the global zone, and not use any non-global zones.
Thoughts???
Thank you all, very much, so far... I do greatly appreciate it.
fp
More information about the OpenIndiana-discuss
mailing list