[Techtalk] Is it the server???

Raven, corporate courtesan raven at oneeyedcrow.net
Tue Apr 9 17:50:16 EST 2002 

Heya --

Quoth Michelle Murrain (Tue, Apr 09, 2002 at 02:24:10PM -0400):
> >         Could you do a
> >route
> >on the mailservers, and verify that there is a route for the subnet that
> >192.168.1.1 is on in the routing table on your box?
> 
> Here are the routes:
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> localnet        *               255.255.255.0   U     0      0        0 eth0
> default         192.168.1.1     0.0.0.0         UG    0      0        0 eth0
> 
> and
> 
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> 192.168.1.0     *               255.255.255.0   U     0      0        0 eth0
> 127.0.0.0       *               255.0.0.0       U     0      0        0 lo
> default         192.168.1.1     0.0.0.0         UG    0      0        0 eth0

	I was a lot more concerned about that before I realized that you
were doing NAT.  If you have boxes of two different subnets on the same
LAN (as I thought you did), something has to tell the subnets about each
other, whether that's a switch, a router, or the boxes themselves having
appropriate entries in their routing tables.  But since it's all one
netblock, this is less relevant.  

	I do wonder why the first box has 

localnet        *               255.255.255.0   U     0      0 0 eth0
default         192.168.1.1     0.0.0.0         UG    0      0 0 eth0

and the second box has the actual route to the local subnet in there,
though.  (The second setup is more what I'm used to seeing.)  Can you
ping 192.168.1.1 from that first box consistently, with little to no
packet loss?  If so, it's just an oddity, not a problem.  If it were my
network, I'd compare networking setup files (whatever assigns the IPs to
interfaces at boot time, etc.) to see what caused that difference.  But
if the pings are all good that's probably a nicety rather than a
necessity.

> It doesn't happen so frequently - so it's a challenge to find it - but I'll 
> do some more looking, and send more tcpdumps back.
 
	Okay.  I'd love to know what goes to the DNS servers immediately
before you get that servfail (so we can see what sort of requests cause
it to choke), and what packet to 192.168.1.1 from where prompts that
ICMP network unreachable error.
 
Cheers,
Raven 
 
Ben says "WAR IS PEACE FREEDOM IS SLAVERY BACKSPACE IS DELETE"

More information about the Techtalk mailing list