Networking help

bscott at ntisys.com bscott at ntisys.com
Fri Dec 13 19:41:16 EST 2002


On Thu, 12 Dec 2002, at 3:46pm, pll at lanminds.com wrote:
>                                   -------  
>                                  |       |    C'
>                         ---------|   C   |---------
>   -------        __    /         |       |         \
>  |       |      {   } /           -------           \   ----------
>  |   A   |------{ R }<                               > |    S     |
>  |       |      {___} \	    -------           /   ----------
>   -------              \         |       |    B'   /
>                         ---------|   B   |---------
>                                  |       |
>                                   -------

  First: Avoid tab characters (ASCII 9 (decimal)) in text art.  They get
hosed up too easily.  Search the web for "tab lossage" for an explanation.

  Second: That diagram is incomplete.  It does not give networks (although I
can infer most of it), and at least one key gateway has been left out.

  Try this on for size:


|N                  |O
|                   |
|  192.168.10.0/24==|
|                   |
|==10.241.38.0/24   |
|        ___        |
|       |   |       |
|    .11| B |.11    |        ___
|-------|   |-------|       |   |
|     B1|   |B0     |     .1| T |
|       |___|       |-------|   |---???
|                   |       |   |
|        ___        |       |___|
|       |   |       |
|    .16| C |.16    |
|-------|   |-------|
|     C1|   |C0     |
|       |___|
|
|        ___
|       |   |
|     .1| R |
|-------|   |---??
|       |   |              ___
|       |___|             |   |
|                       A1| A |
|        ___         ??---|   |
|       |   |             |   |
|     .2| S |             |___|
|-------|   |---??
|       |   |
        |___|

A  = a Linux node that is relatively "far away" from the rest of this
A0 = an interface on A with address <168.159.36.90>
B  = a Linux node that is directly connected to networks M and N
C  = nearly identical to B
N  = IP network <10.241.38.0/24>
O  = IP network <192.168.10.0/24>
R  = gateway on network N
S  = another gateway on network N (or maybe a second interface on R)
T  = an undescribed gateway on network O
?? = There is an undescribed network cloud between A1 and R/S.

  Is the above analysis accurate?

  If so, what can you add to it?  In particular, what is T?

> Now, one thing I just noticed is that my default route is set to .1, yet
> when I traceroute, I'm going to .2.

  No.  The ICMP "time expired" message your packets caused originated from
<10.241.38.2>.  Your packets are still going to <10.241.38.1>.  Most likely,
this means that <10.241.38.2> is a second interface on the same router.  
You might ask your network people to verify that, though.

> .2 ... might be a switch which hands things off to the .1 gw, I don't
> know.

  I don't think so.  A layer 2 switch would not generate ICMP "time expired"
messages.  A layer 3 switch might, but you should still get one from the
<10.241.38.1> router on the next TTL increment, then.

  Way back when you first started this thread, you mentioned that you can
ping between B and C even when you cannot ping from A and C.  When that was
happening, did you verify what interfaces the ICMP packets were going
through?  I am wondering if they were traveling between B0 and C0, or even
B1 and C0.  There could thus be a fault on or en-route to C1 that was being
masked.

  Are you running any routing daemons, link monitoring/fail-over software,
or anything like that?

  I reiterate my original suggestion of using Ethernet repeaters and a
third-party host to watch what is actually happening on the wire.  Connect
N, B1, and C1 on one repeater.  Connect O, B0, and C0 on another repeater.  
Put sniffers on both repeaters.

-- 
Ben Scott <bscott at ntisys.com>
| The opinions expressed in this message are those of the author and do not |
| necessarily represent the views or policy of any other person, entity or  |
| organization.  All information is provided without warranty of any kind.  |






More information about the gnhlug-discuss mailing list