Re: routing problem ={
MIX System Operator (sysop@mixcom.com)
Mon, 11 Nov 1996 17:58:58 -0600
At 04:38 PM 11/11/96 -0500, Chris Orem wrote:
>I have a slight routing problem which may or may-not be in my portmaster
>configuration but somebody on this list has *GOT* to be able to help me =}
>
>My problem:
>When I assign modem pools on the portmaster to a different network than
>the one my ether) is on I can'r reach the local net but the rest of the
>world is reachable..
>
>ie. I can ping microsoft but not my own web server ={
>
>I have configured everything the way josh (from livingston tech support)
>suggested but it does not work can anyone see my problem here are my
>configs from the portmaster and cisco..
>
>destination Gateway Flag Met Interface
>--------------------- -------------------- ---- --- ---------
>0.0.0.0 208.128.114.1 NS 1 ether0
>208.128.114.32 208.128.114.11 HD 2 ether0
>208.128.114.33 208.128.114.11 HD 2 ether0
>208.128.114.37 208.128.114.11 HD 2 ether0
>208.128.114.38 208.128.114.11 HD 2 ether0
>208.128.114.40 208.128.114.11 HD 2 ether0
>208.128.114.41 208.128.114.11 HD 2 ether0
>208.128.114.42 208.128.114.11 HD 2 ether0
>208.128.114.43 208.128.114.11 HD 2 ether0
>208.128.114.45 208.128.114.11 HD 2 ether0
>208.128.114.46 208.128.114.11 HD 2 ether0
>208.128.114.47 208.128.114.11 HD 2 ether0
>208.128.114.48 208.128.114.11 HD 2 ether0
>208.128.114.49 208.128.114.11 HD 2 ether0
>208.128.114.50 208.128.114.11 HD 2 ether0
>208.128.114.244 208.128.114.11 HD 2 ether0
>208.128.114.53 208.128.114.11 HD 2 ether0
>208.128.114.55 208.128.114.11 HD 2 ether0
>208.128.114.247 208.128.114.11 HD 2 ether0
>208.128.114.248 208.128.114.11 HD 2 ether0
>208.128.114.59 208.128.114.11 HD 2 ether0
>208.128.114.31 208.128.114.11 HD 2 ether0
>208.128.114.0 208.128.114.12 NL 1 ether0
>208.130.147.240 208.128.114.11 ND 2 ether0
>208.130.147.7 208.128.114.7 NS 1 Unknown
>
>ppm2> sh table netmask
>Active Netmasks:
>Network Netmask Type
>---------------- ---------------- -------
>208.142.72.0 255.255.255.224 Static
>208.142.73.0 255.255.255.240 Static
>208.130.147.0 255.255.255.248 Static
>Stored Netmasks:
>Network Netmask
>---------------- ----------------
>208.142.72.0 255.255.255.224
>208.142.73.0 255.255.255.240
>208.130.147.0 255.255.255.248
>
>ppm2> sh global
> System Name: ppm2
> Default Host: 208.128.114.2
> Alternate Hosts: 208.128.114.3
> IP Gateway: 208.128.114.1
> Gateway Metric: 1
> Default Route: Broadcast, Listen (On)
> Name Service: DNS
> Name Server: 208.128.114.2
> Domain: purplenet.net
>Telnet Access Port: 23
> Loghost: 0.0.0.0
> Assigned Address: 208.142.72.33
> RADIUS Server: 208.128.114.2
> Alternate Server: 208.128.114.3
> Accounting Server: 208.128.114.2
> Alt. Acct. Server: 0.0.0.0
>
>ppm2> sh ether0
> Ethernet Status: IP - Enabled IPX - Disabled
>
> Interface Addr: ppm2.purplenet.net (208.128.114.12)
> Netmask: 255.255.255.0
>Broadcast Address: 208.128.114.255
>
> IPX Network: 00000000
> IPX Frame Type: ETHERNET_802.2
> Ethernet Address: 00:c0:05:01:4f:50
>
> Routing: Broadcast, Listen (On)
> Input Filter:
> Output Filter:
>
>
>Cisco 2501 config
>
>Current configuration:
>!
>! Last configuration change at 01:32:07 UTC Sat Nov 9 1996
>! NVRAM config last updated at 03:57:54 UTC Thu Nov 7 1996
>!
>version 10.3
>service config
>no service udp-small-servers
>no service tcp-small-servers
>!
>hostname gatekeeper.purplenet.net
>!
>enable secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
>enable password XXXXXXXXX
>!
>!
>interface Ethernet0
> description purplenet
> ip address 208.128.114.1 255.255.255.0
> ip access-group 111 in
Judging by you route table I would guess that the above filter is the
culprit, try dropping it.
>!
>interface Serial0
> ip address 204.70.199.14 255.255.255.252
> ip access-group 111 out
Should have some spoof filters on the 'in' and don't forget the
>!
>interface Serial1
> no ip address
> shutdown
>!
>router igrp 2
> network 208.128.114.0
> network 204.70.199.0
> network 208.130.147.0
> network 208.142.72.0
> network 208.142.73.0
Why do you have RIP on the PM, but no RIP here?
IMHO, you should RIP the 208.128.114.0 network so your machines know what is
on the local ether.
>!
>ip name-server 208.128.114.2
>ip default-network 208.128.114.0
>ip route 0.0.0.0 0.0.0.0 204.70.199.13
>ip route 208.130.147.0 255.255.255.0 208.128.114.11
>ip route 208.130.147.32 255.255.255.248 208.128.114.248
>ip route 208.130.147.240 255.255.255.248 208.128.114.11
>ip route 208.142.72.32 255.255.255.224 208.128.114.12
This is correct for the PM.
>ip route 208.142.73.0 255.255.255.0 208.128.114.11
>access-list 111 permit ip 208.128.114.0 0.0.0.255 any
>access-list 111 permit ip 208.130.147.0 0.0.0.255 any
>access-list 111 permit ip 208.142.72.0 0.0.0.255 any
>access-list 111 permit ip 208.142.73.0 0.0.0.255 any
>access-list 111 deny ip any any
>route-map route-map permit 10
Generally I find it better to have specific filters for each port. Both
spoof in and out on the serial port. When doing your filter make sure, draw
charts if need be, but make sure that they are not the problem.
Not sure what 208.128.148.11 is, but everything seems to point there, yet
the gateway on the PM is the router as it should be.
------------
Jeff Mountin
sysop@mixcom.com
MIX Communications
Serving the Internet since 1990
Sure my business card says "Senior Network Administrator"
They still make me do just about anything.