Find the answer to your Linux question:
Results 1 to 7 of 7
I'm sorry I haven't really searched for it, so links are ok. I have no idea what I should search for. --- I have a server that is mostly headless ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jan 2010
    Posts
    3

    Question Multi-NIC Issues


    I'm sorry I haven't really searched for it, so links are ok.

    I have no idea what I should search for.

    ---

    I have a server that is mostly headless running with a public facing dedicated IP. I decided I wanted to transfer files between it and my local home network more quickly so I purchased a second NIC to connect to my home switch.

    Upon dhcp connection ssh fail's (STALLS?)

    From remote machine(with eth0 up)
    Code:
    # ifconfig eth1 up
    # dhclient eth1
    #
    Beyond getting the prompt I can no longer connect to the remote computer via my public IP.

    My iptables has exceptionally permisive at this point and has no interface usage.

    I was under the impression that if a OpenSSHD was listening on the wild card it could listen to all Interfaces (Am I wrong?)
    sshd is the only program that switches bindings.

    So how can I have it listen to both NICs?

    Also I want to know how force eth0 to be my primary connection and eth1 to connect only to its local subnet (Do I just use iptables I what does gnome network manager do when you click the check-box "Use connection for local access only")

    Sorry My questions are jumbled I'm really confused

  2. #2
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Post the output from the following commands;

    Code:
    ifconfig
    route -n

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  3. #3
    Just Joined!
    Join Date
    Jan 2010
    Posts
    3
    ifconfig
    Code:
    eth0      Link encap:Ethernet  HWaddr 00:1C:25:3F:52:22  
              inet addr:174.0.131.xx  Bcast:255.255.255.255  Mask:255.255.252.0
              UP BROADCAST RUNNING MULTICAST  MTU:576  Metric:1
              RX packets:8651958 errors:0 dropped:562 overruns:0 frame:562
              TX packets:2368491 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:2793546271 (2664.1 Mb)  TX bytes:164478767 (156.8 Mb)
              Interrupt:19 
    
    eth1      Link encap:Ethernet  HWaddr 00:25:86:BD:53:12  
              inet addr:172.16.0.1  Bcast:172.16.0.15  Mask:255.255.255.240
              inet6 addr: fe80::225:86ff:febd:5312/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:267 errors:0 dropped:0 overruns:0 frame:0
              TX packets:226 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:31850 (31.1 Kb)  TX bytes:46440 (45.3 Kb)
              Interrupt:21 Base address:0xe000 
    
    lo        Link encap:Local Loopback  
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:482 errors:0 dropped:0 overruns:0 frame:0
              TX packets:482 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0 
              RX bytes:36535 (35.6 Kb)  TX bytes:36535 (35.6 Kb)

    route -n
    Code:
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    172.16.0.0      0.0.0.0         255.255.255.240 U     0      0        0 eth1
    174.0.128.0     0.0.0.0         255.255.252.0   U     0      0        0 eth0
    169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
    127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
    0.0.0.0         172.16.0.14     0.0.0.0         UG    0      0        0 eth1
    0.0.0.0         174.0.128.1     0.0.0.0         UG    0      0        0 eth0

    netstat -lnt
    Code:
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name   
    tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      2902/sshd           
    tcp        0      0 :::8080                 :::*                    LISTEN      3571/java           
    tcp        0      0 :::22                   :::*                    LISTEN      2902/sshd

    iptables -L -n
    Code:
    Chain INPUT (policy DROP)
    target     prot opt source               destination         
    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW,ESTABLISHED tcp dpt:8080 
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22 
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination         
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    First thing I would say is to configure this headless box with static ip addresses. Turn off ipv6 if you are not using it.

    Don't understand why you have 2 default routes in your routing table. There should only be one and that pointing to the internet.

    Check your ssh configs to see how they are setup and ensure that it is not locked down to listen on one interface (which it really shouldn't be).

    Setup a firewall to block everything and then open what you want to allow through. Make sure you have a established, related line in your output rules also.

    Looking at what you posted ssh doesn't seem to be setup as a stateful rule which it should be. Post the iptables file so we can see raw rules and not just what iptables -ln prints.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  6. #5
    Just Joined!
    Join Date
    Jan 2010
    Posts
    3
    I spent a few hours googling it. I when it clicked I had to static roughts to the internet. All my packets where getting lost.

    As for static IPs this would work, however I cannot do that with my current ISP. And it required more work.

  7. #6
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    What does your setup look like now?

    <internet><firewall><server><lan>?

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  8. #7
    Just Joined!
    Join Date
    Mar 2010
    Posts
    1

    Ahh HELLO!!!!!

    That's my life you messing with!
    Why are you trying to manipulate my system? Have I done something to upset the delicate balance of "tech world" that has promted such interest and such an personal assault? WTF u guys?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •