[vox-tech] Re: troubleshooting internet connection

Jeff Newmiller vox-tech@lists.lugod.org
Sat, 25 Jan 2003 17:41:05 -0800 (PST) 

On Sat, 25 Jan 2003, Robin Snyder wrote:

> On Sat, 25 Jan 2003, Robin Snyder wrote:
> 
> > > My setup: I'm on a fixed IP address, using a DSL line.  I have two
> > > ethernet cards.
> 
> >   Ahh yes... a kernel recompile could very easily be causing problems.
> > I forgot that was done.
> >
> > > Is it
> > > possible that the firewall/something with ipchain could be messing
> > > things up?
> >
> >   Yes... ipchains is meant for the 2.2 kernel series, iptables is
> > for the 2.4... it's very likely that something firewall related is
> > causing problems.
> >
> > oh yes, 2.4.... please run:
> >   iptables -L -n -v
> 
> I'll post the output to this when I'm able.  (The computer I'm borrowing
> has no disk drive.)  (?!!?)  Basically, INPUT, FORWARD, and OUTPUT have
> policies set, but the tables below each are without entries.
> 
> > > > ifconfig
> > >
> > > eth0      Link encap:Ethernet  HWaddr 00:10:4B:96:E8:A8
> > >           inet addr:168.150.243.52  Bcast:168.150.243.255  Mask:255.255.255.0
> > >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> > >           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> > >           TX packets:2089 errors:0 dropped:0 overruns:0 carrier:2089
> > >           collisions:0 txqueuelen:100
> > >           RX bytes:0 (0.0 b)  TX bytes:204356 (199.5 KiB)
> > >           Interrupt:9 Base address:0xdc00
> >
> >   something is odd about this... it seems to be transmitting a bunch,
> > but there are no receives.  The carrier errors are odd too... but I'm
> > certain that we used eth0 at the installfest with that new kernel.
> 
> We did indeed use eth0.
> 
> > > > one of:
> > > >   mtr -n -c 3 -r  169.237.104.199
> >
> > that was an IP address of www.ucdavis.edu... so you certainly have some
> > a valid network connection.
> >
> >   Can you also run "ifconfig eth0" _after_ running the mtr from above...
> > I would expect to see RX bytes increment... if you don't see the count
> > go up, then can you run "lsmod" and display the output.  I think there
> > are two available drivers for your ethernet card... both were compiled
> > as modules so we can switch to the other one very easily.  we may
> > want to try that if the iptables command above doesn't show anything
> > exciting.
> 
> The RX bytes did increment (from 0 to 123) after running mtr again.  And
> you're right about my having some sort of valid connection.  I can ping
> 169.237.104.199 (ucdavis.edu) but not 169.237.66.192 (my machine at UCD).

This symptom makes me think of munged routing tables... in particular,
when the netmask is wrong, some hosts will become unroutable.

I don't recall seeing your routing table here... "route -n".

Firewall rules can also cause these problems, but the state of your
firewall is not clear... is an iptables-based package like shorewall (my
favorite) active? ("iptables -L -n")  You mentioned that ipchains failed,
so it would seem unlikely that your previous firewall configuration is
still functioning, so blockages resulting from firewall rules seem
unlikely unless some iptables package is installing them.

---------------------------------------------------------------------------
Jeff Newmiller                        The     .....       .....  Go Live...
DCN:<jdnewmil@dcn.davis.ca.us>        Basics: ##.#.       ##.#.  Live Go...
                                      Live:   OO#.. Dead: OO#..  Playing
Research Engineer (Solar/Batteries            O.O#.       #.O#.  with
/Software/Embedded Controllers)               .OO#.       .OO#.  rocks...2k
---------------------------------------------------------------------------