Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 12
Hi, I am new in linux, I have a server with centos 5 and plesk 9 and I have buy an additional IP address for my server, when i create ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Apr 2010
    Posts
    5

    2 Ip address in the same nterface, the second one only respond ping


    Hi,

    I am new in linux, I have a server with centos 5 and plesk 9 and I have buy an additional IP address for my server, when i create it in plesk, there is no problem, all its ok I can assign it to a new domain, but the ip only responds ping, none of other services as http, ssh or smtp.

    I paste here the configuration of files

    ifcfg-eth0

    device=eth0
    bootproto=dhcp
    type=ethernet
    onboot=yes

    ifcfg-eth0:1

    device="eth0:1"
    ipaddr="***.***.***.51"
    netmask="255.255.255.255"

    Asterisk for security
    I have stopped IPTABLES service and nothing happens.
    What is i have making wrong?

    I tried put eth0 as static, but all fails and I have to reinstall the image of the server.

    Thanks for advance

  2. #2
    Linux User
    Join Date
    Dec 2009
    Posts
    262
    You may wanna add something:
    ifcfg-eth0

    device=eth0:0
    bootproto=dhcp
    type=ethernet
    onboot=yes

    ifcfg-eth0:1

    device="eth0:1"
    ipaddr="***.***.***.51"
    netmask="255.255.255.255"

  3. #3
    Just Joined!
    Join Date
    Jun 2007
    Posts
    12
    Not necessary to change the nic name to "eth0:0". Can you give us the full information on the nics? Just change the first two numbers and keep the last two. That way we can figure out if you are on the same subnet or not. Also can you post your routing information? Just run an "ifconfig -a" and either a "netstat -nr" or a "ip route show".

  4. #4
    Just Joined!
    Join Date
    Apr 2010
    Posts
    5

    Here are the responses

    Quote Originally Posted by gumaheru View Post
    Not necessary to change the nic name to "eth0:0". Can you give us the full information on the nics? Just change the first two numbers and keep the last two. That way we can figure out if you are on the same subnet or not. Also can you post your routing information? Just run an "ifconfig -a" and either a "netstat -nr" or a "ip route show".


    DEVICE=eth0
    BOOTPROTO=dhcp
    TYPE=Ethernet
    ONBOOT=yes

    For Eth0 the IP Address is ***.***.53.78

    Eth0:1

    DEVICE="eth0:1"
    IPADDR="***..***.134.51"
    NETMASK="255.255.255.255"

    Asterisks are the same numbers in eth0 and eth0:1


    ifconfig -a result

    eth0 Link encap:Ethernet HWaddr 00:16:3E:30:81:5D
    inet addr:***.***.53.78 Bcast:***.***.53.78 Mask:255.255.255.255
    inet6 addr: fe80::216:3eff:fe30:815d/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:750884 errors:0 dropped:115 overruns:0 frame:0
    TX packets:818854 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:431072769 (411.1 MiB) TX bytes:604781975 (576.7 MiB)
    Interrupt:185 Base address:0x2000

    eth0:1 Link encap:Ethernet HWaddr 00:16:3E:30:81:5D
    inet addr:***.***.134.51 Bcast:***.***.134.51 Mask:255.255.255.255
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    Interrupt:185 Base address:0x2000

    lo Link encap:Local Loopback
    inet addr:127.0.0.1 Mask:255.0.0.0
    inet6 addr: ::1/128 Scope:Host
    UP LOOPBACK RUNNING MTU:16436 Metric:1
    RX packets:17068 errors:0 dropped:0 overruns:0 frame:0
    TX packets:17068 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:4379522 (4.1 MiB) TX bytes:4379522 (4.1 MiB)

    sit0 Link encap:IPv6-in-IPv4
    NOARP MTU:1480 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)


    netstat -nr

    Destination Gateway Genmask Flags MSS Window irtt Iface
    10.255.255.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
    0.0.0.0 10.255.255.1 0.0.0.0 UG 0 0 0 eth0

    ip route show
    10.255.255.1 dev eth0 scope link
    default via 10.255.255.1 dev eth0

  5. #5
    Just Joined!
    Join Date
    Jun 2007
    Posts
    12
    Can you ping and ssh to the new address locally? Can you do the same from another host on the same subnet? Are you trying to access this host externally as in from outside of your network or a system that is connected directly to the internet? From another system can you ping the router? If you can ping the router then I would suggest running a tcpdump on the interface. Check to see if there is any traffic actually hitting it. I would run a tcpdump from both ends.

    Just a tip you should actually use a firewall and NAT out all of the hosts behind it. You shouldn't buy a new IP for every single host that will be facing the internet. If you don't want to spend the money on a Cisco PIX or something along that lines you can just use another Linux host as the firewall.

  6. #6
    Just Joined!
    Join Date
    Apr 2010
    Posts
    5
    Quote Originally Posted by gumaheru View Post
    Can you ping and ssh to the new address locally? Can you do the same from another host on the same subnet? Are you trying to access this host externally as in from outside of your network or a system that is connected directly to the internet? From another system can you ping the router? If you can ping the router then I would suggest running a tcpdump on the interface. Check to see if there is any traffic actually hitting it. I would run a tcpdump from both ends.

    Just a tip you should actually use a firewall and NAT out all of the hosts behind it. You shouldn't buy a new IP for every single host that will be facing the internet. If you don't want to spend the money on a Cisco PIX or something along that lines you can just use another Linux host as the firewall.
    I am accessing this host form a system that is connected directly to the internet, my office, and this is a sdedicated server of 1&1,

    I dont use firewall, I have bougth one server form 1 &1 and 2 ips, the second only respond to ping after configure it in plesk.

  7. #7
    Just Joined!
    Join Date
    Jun 2007
    Posts
    12
    Correct me if I am wrong but you said the second IP responds to a ping? Okay then that is a good sign. That means it is at least accessible. Can you run ssh in debug mode and run a tcpdump on both ends? Just to check from each end if there is any communication over these ports. Do you see any traffic at all? Do you have iptables filtering out any traffic? If not there the problem would lay a step before your system. Maybe those ports aren't being allowed somewhere else.

  8. #8
    Just Joined!
    Join Date
    Apr 2010
    Posts
    5
    Yes i can ping

    If I make ping to ***.***.53.78 ok
    If I make http connection to ***.***.53.78 ok
    If I make smtp connection to ***.***.53.78 ok

    If I make ping to ***.***.134.51 ok
    If I make http connection to ***.***.134.51 not respond
    If I make smtp connection to ***.***.134.51 not respond

    if i try to connect over ssh, the second ip does not respond.
    Putty says "Network error, time out",

    I have stopped iptables "service iptables stop", and all is the same i cant connect only by ping.

    How to make a tcpdump in both ends, what is the syntax?

  9. #9
    Just Joined!
    Join Date
    Jun 2007
    Posts
    12
    on the server side you would run "tcpdump -i eth0:1 src IPofOfficeSystem". On the office system run "tcpdump -i MainInterface dst IPofServer". Then run ssh in another terminal to the server and see what both of them say. Also make sure that you runn ssh with "-vv" or multiple to see more debugging.

  10. #10
    Just Joined!
    Join Date
    Jun 2007
    Posts
    12
    Actually on the server side don't put a src ip at first. Let's just see if there is any traffic coming in. So it would be "tcpdump -i eth0:1"

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •