CentOS 5 Networking :: Incomplete Route Table: 5.4 On ESX4
Feb 11, 2010
New Centos 5.4 64bit install on vmware esx 4, NAT net setup. I can ping/trace other servers on IP, do nslookup's on name..Ping(traceroute on name gets me "distination unreachable", indicating an ICMP issue, so I checked the network setup, all looks like usual.Well, except that my routing table lacks the 127.0.0.0 and 0.0.0.0 def. gw entries, as in this working box example:
192.168.9.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.9.1 0.0.0.0 UG 0 0 0 eth0
FWIW, during install, I did the usual basic firewall steps,including SSH.Tried with/without iptables, no change; no wonder given the lacky routing table. Sure, I can add what's missing to the routing table, but I'd like to know why it's missing; i.e. what I missed on basic setup, as I'm going to repeat this with a nof new installations (replacing SLES).
Going haywire on a new Centos 5.4 64bit install on vmware esx 4. I should know, but my mind is obviously fucked up today. I get the "distination unreachable", indicating something ICMP related, checked network setup, all looks like usual. Except my routing table lacks the 127.0.0.0 and 0.0.0.0 def. gw entries, as in this working box example:
192.168.9.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.9.1 0.0.0.0 UG 0 0 0 eth0
FWIW, during install, did the usual basic firewall steps, not'n extra added but SSH. Tried with/without iptables, no change; no wonder given the lacky routing table. Sure, I can add what's missing, but I'd like to know why it's missing; i.e. what I missed on basic setup, as I'm going to repeat this with a nof Centos/RHEL installations (replacing SLES).
I got this definition:"a process that replaces a series of related, specific routes in a route table with a more generic route." honestly I found it not so clear.. I want to know if this definition is correct and also more details about this subject..
I use a secure connection to reach company network from outside. There's a client application "Juniper network", which creates the secured tunnel to a company network. However, the connection never survives more than 8 seconds, when it goes disconnected with the message "Route monitor alarm". From my recent search for a solution I've found that this error is caused by a change in a route table, which violates a connection policy.
"This disconnect is typically triggered by a change in the routing table of the client machine, the change is such that the split tunnel policies defined by the administrator will be violated" - from [URL]
This is how a routing table looks before, during and after the connection attempt:
We purchased a virtual server from GoDaddy (1 month trial) to set up as a proxy for our networks (24 of them). I am having 2 separate issues. The first is I can't configure/install NAT and support is telling me the only way I can is to purchase a dedicated server. Here's the error:
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. Here's the fix: [URL] So, what I am hoping to do is configure this by just opening port 3128 directly, and only allowing access from our networks. As a test I did this and allowed only from our office and it did not work. However I can't connect, so I am wondering what I am doing wrong? Here's my squid configuration:
There are two connections in my Ubuntu server: eth0 is a normal interface and, eth1 is configured with an static IP, and has an domain name with that IP. But this connection is charged by bytes, very expensive.
how to set up the route table so that: everyone can access my server with the domain name, and let the traffic goes from eth0 as much as possible(I have a proxy service on my server. At least, let the proxy traffic goes from eth0)?
I have a 4.7 VPS web server on the net and it works very well. I am intending to upgrade it to Centos 5.x and have been having a play using VMWare Appliances and VMWare Player. I have therefore installed a local 4.7 applicance (all works well) and a 5.2 appliance (can't get basic internet connectivity).
I am running VMWare in Vista (apologies) and am connecting via a broadband modem (which effectively presents a serial modem to the computer via a USB interface). Using VMWare I am hooking this up to either the 4.7 appliance (works fine) or the 5.2 appliance (detects fine and connects but there is a problem). I think the issue with 5.2 is a firewall or a routing issue
I have prepared a report of the most common things people would need to know. The 5.2 appliance can see the USB device (lsusb), connects fine and obtains an IP and DNS addresses (wvdial) but ping fails. However the same on the 4.7 appliance works fine - I can use yum, ping and lynx etc. I have turned off the firewall on both appliances, but something is still getting in the way in 5.2!
*********************************** CENTOS 5.2 - ROUTING ISSUES? *********************************** * Have disabled the firewall using system-config-security-level > lsusb lsusb Bus 001 Device 007: ID 0fce:d0c5 Sony Ericsson Mobile Communications AB
So everything coming from the IAX-provider on port 4569 is forwarded to the Asterisk-server's WAN-interface (eth1). This needs then be routed to an internal SIP-phone (an IVR-system will define which one) via eth0.
When a call is initiated from an internal SIP-phone (they register to the IP-address assigned to eth0) it needs to be routed via eth1 to the gateway (192.168.4.250). Asterisk will setup an IAX-channel on WAN-interface (eth1) to the IAX-provider (via gateway).
So... will this work :
route add -net ip_IAXprovider netmask 255.255.255.0 gw 192.168.4.250 dev eth1
I'm setting up apache on centOS 5.5 and administering it from another host on my LAN(this web server has no Xorg). I can ping from the config host to the web server but not the other way. My network is quite a way from being set up so i'm just configuring the web server at the moment, the simplest way i can. It's just trying to get two LAN hosts both with 192.168.1.0/24 I.Ps to talk to each other using a router to connect them.
Here are the outputs of ifconfig and netstat -rn for the web server, the config host and the router:
The ifconfig -a and netstat -rn of the config host are: lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
br0 - 192.168.0.1 - Internet eth2 - 192.168.1.1 - LAN tun0 - 10.0.0.2 - VPN (via br0)
What I'd like to do is to route all TCP packets coming from eth2 to tun0 where a VPN client is running on 10.0.0.2. If I delete all default routes and if I add a new route to tun0 like :
Code:
route del default route add default gw 10.0.0.2
Everything is fine, and everyone on eth2 can reach the Internet using the VPN access. Now the problem is that my VPN client does not allow any other protocols other than TCP. And I also want to allow VPN access only to eth2, no other LAN nor the router itself. use iptables to filter any TCP packets and mark them, so they can be sent to tun0, while any other packets can reach the Internet via br0 (192.168.0.1). I found on the Internet that we can mark packets before they get routed. Using the following commands :
Code:
iptables -t mangle -A PREROUTING -j MARK --set-mark 85 -i eth2 -p tcp --dport 80 ip route add table 300 default via 10.0.0.2 dev tun0 ip rule add fwmark 0x55 table 300
First of all, --dport 80 never work... :/ I wanted to filter TCP 80 packets coming from eth2, but none of them seems to be HTTP packets... oO (very strange...). Nevermind, I decided to forget about the --dport option. I use the "iptables -L -v -t mangle" command to see how many packets are marked, and it is working fine, all TCP packets coming from eth2 are marked. Now the problem is that none of them are routed to tun0 they are all respecting the "route -n" rules... and not the "table 300" rule I have created.
I have openvpn tunnel setup between two CentOS servers. One of the CentOS servers also acts as a DHCP server for some client computers.
Server A= OpenVPN server Server B= OpenVPN client (connects to Server A with OpenVPN)
The two CentOS servers can ping each other (172.16.0.0/24) via the tun0.
However, client computer connected to Server B (DHCP server) can't reach 172.16.0.1 (which is the OpenVPN server).
I think I am missing some routing in my "ip route show". Following is the full picture:
What command can I issue to get this fixed? something along ip route add?
There is no firewall service on both end. service iptables stop! I can't bridge eth1 and tun0 as DHCP server might mess up the other side. I can't do a push of "redirect-gateway def1" because then clients loose their IP as they send DHCP requests to Server A.
Having trouble getting my Netgear WNA1000 working thru wireless router. Have tried lots of suggestions from other threads to no avail. Someone suggested that th routing table isn't set correctly, so have been trying to use the follwing to make the proper entry in the routing table: sudo route add -net 192.168.0.1 netmask 255.255.255.0 dev wlan0
Result: error message stating with: "route: netmask does not match route address"
followed by "Usage" instructions which tell me to do what I just did. Any ideas on how I can populate my routing table with correct entry for my wireless card? Not to complicate matters, but I temporarily turned off encryption on my router to eliminate that as a possibility until I get connected. So maybe it'still trying to connect via encrypted mode - do I need to turn off encryption on my (client) end?
I need to setup two ethernets in my Centos box. OK no problem both ethernet and 1 virtual works perfect. eth0, eth1 and eth1:0. I'm trying to set up diferent routes for eth0 and eth1/eth1:0 I need eth0 has a 192.168.1.1 gateway and eth1/eth1:0 192.168.1.100 gateway.I think I've tried almost every thing but always get one gateway for all the eth.These are my config..
/sbin/ifconfig eth0 Link encap:Ethernet HWaddr 00:XX:XX:XX:XX:XX inet addr:192.168.1.168 Bcast:192.168.1.255 Mask:255.255.255.0[code]......
I have setup FTP Server on my Windows machine with Filezilla server. Now, if I try to copy files from it using Ubuntu 10.04, Lucid, it downloads incomplete files if I don't switch to binary mode.
Is there some config issue from Ubuntu client or something needs to be changed from Windows Client.
I installed ntop on our server, after installing it, i ran ntop as a daemon. shortly after we lost the ability to ssh into the server.tried restarting ssh, but it didn't work, so had to restart the entire server.Where should we look to find why ssh suddenly stopped?
the error ssh gave when we try to connect was like: ssh: no route to host what log files should i look at and what should i look for to find the cause of the error?
On my old centos 5.2 installation, yesterday my system stopped. The only daemon working was the ping. Every other were not working ( http, svnserver, vncserver, ssh ... ) but yesterday morning everything worked fine! Since the system is headless, I rebooted the computer this morning. Then it never came back. I placed a screen on the computer and when the computer boots, I can see : loading grub stage 2 then I have a black screen with grub>
There is something wrong ... I'm sad because I moved in my new house and did not took the time to restart my backups ( in fact, I did not found the AC adapter for the external drive ) ... I downloaded the brand new centos 5.5 installation DVD and when I try to upgrade my system the installer tells me that the partition on 1 hd is not readable. Then I ignore the message but before getting to the partition manager, it tells me that the partition table for the lvm 00 ( /home ) can not be found and I have to reboot. Since this hard disk is the biggest ( 1tb ) and all of my data is on this one, I'd like to know what I can do to recover this data ?
I seem to be having a strange problem configuring Piranha to load balance (Direct route) 2 ports across 2 w2k3 servers in a test environment. What is strange is that 1 of the ports are working fine but the other port doesn't work. I've read many how-to and after many frustrating hours I disabled the firewall, iptables and arptables services and one of the ports are load balanced across the 2 real servers. Here's the environment.
[Code]....
I can telnet from the client to the realserves on both ports and it's works. When I telnet to the VIP only one port gets through and the other gives me "could not open connection to host port 32777 : connect failed. The configuration in Piranha for one port is the same as the other. I can't help but think that some other configuration for port 32777 was missed.
You piece of advice will be very useful for me! How to execute "ALTER TABLE" for a lot of tables in database? I'm going to change engine from MyISAM to NDBCLUSTER. There are several hundreds of tables in database.Command like ALTER TABLE * ENGINE=NDBCLUSTER
# iptables -t tproxy -n -L iptables v1.3.5: can't initialize iptables table `tproxy': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. Does exist a tproxy module for CentOS's kernel (2.6.18) ?
i did make a raid server out of some old hardware and 2 new sata disks.setup is: 15 Gb ide harddisk as hda,a pci serial ata controller, with two equal sata harddisk on it (320 Gb each)did a minimal install of centos 5.3 on this (with a yum update after install).i choose for a raid1 configuration of the serial disks.on the command line fdisk -l gives:hda1 hda2, hda3 (swap), hda4 (extended) and hda5 (logical, data partition).added to thatdev/sda1 linux raid autodetect (the first sata disk)dev/sdb1 linux raid autodetect (the second sata disk).both sata disks only have one folder /raiddiskthe last line of the fdisk -l output gives:/dev/md0the size is as each of the sata's is (320 Gb), the listed heads etc. are not equal to those of sda1 and sdb1 (which are fully equal to each other).
as the utmost 'last line' of the fdisk -l output there is a line stating:"disk /dev/md0 does not contain a valid partition table"when i output the fdisk -l command to a text file (fdisk -l > whattheheck.txt) that last line is not in the text file, so centos seems to print it additionally to what fdisk -l brings up.my concern: what does that last line about md0 mean, and how risky is it to ignore it?(writing to the sata disks seems to be okay, both seem to have the same data on them)
I have an external USB drive, with GPT partition label. The drive is cut up into two ~1.5TB partitions When I plug this into my CentOS 5.5 box, the drive is not detected. Instead, dmesg gives me this:
usb-storage: device found at 7 usb-storage: waiting for device to settle before scanning Vendor: Seagate Model: FA GoFlex Desk Rev: 0155 Type: Direct-Access ANSI SCSI revision: 04 SCSI device sdh: 732566645 4096-byte hdwr sectors (3000593 MB) sdh: Write Protect is off
i need to prepare a presentation for that i have to copy a table from [URL] to my power point slide. but when i am copying it i am just getting a table with single column. is there a method to import the contents from web page table to my presentation table?
I just installed a MySQL server but for unknown reason im not able to set a root password. CentOS 5.4 - 2.6.18-164.9.1.el5PAE MySQL Ver 14.12 Distrib 5.0.77, for redhat-linux-gnu (i686) using readline 5.1 # yum install -y mysql mysql-server php-mysql # service mysqld start # mysql -u root ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
when I try to send emails to new created emails account, I get this error:
<teste@topdapop.com>: Recipient address rejected: User unknown in virtual mailbox table� And if I try to send a e-mail, the authentication fails if I setup the account at the desktop email client to password requirement on.
But it works when I try it using a webmail client (Horde) and I receive the email.The old emails accounts work fine. The new accounts and old ones were created with Plesk.I find an entry with
Kmail 1.13.2 Problem on startup, error is from nepomuk, data storage. "cannot find Redland backend, nepomuk is disabled until fixed. Also see the following error from the akonadi console:
100503 10:00:15 [Note] Plugin 'ndbcluster' is disabled. 100503 10:00:15 InnoDB: Started; log sequence number 0 31413862 100503 10:00:15 [Warning] Can't open and lock time zone table: Table 'mysql.time_zone_leap_second' doesn't exist trying to live without
I have a server in the office and when I need to connect via cable I have to start up a root terminal and type in:
route add -net 0.0.0.0 gw 10.0.1.10 dev eth0
Is there a way to have this saved so I don't have to re-type it every time ? I already tried adding the command in /etc/rc.local and also in /etc/network/interfaces but it doesn't.
I've succesfullly connected to my vpn with kvpnc, but none of my traffic is going through the vpn! I dont know how to route traffic to the vpn. for instance, when I go to whatsmyip.com it still has my previous ip.
