CentOS 5 Networking :: Script For Switch The Network Gateways
May 11, 2010
I installed the CentOS v5.4 on a virtual machine vmware server v1.0. I put the the vmware ethernet on bridged mode and now I have an ip address, subnet mask and dns from my dhcp server from the the office where I am. I edit the file /etc/sysconfig/network and I put there the gateway ip. Now is okay but not at my home where I have another gateway ip. a script who switch between my gateways ?
I have 3 servers interconnected with IPs 192.168.150.1-3. First two has internet connection and third first server uses them as gateways. After googling and reading howtos I managed to get it working: The firewall for ssh on first server is defined
And on third route is defined like this: Code: ip route add default scope global nexthop via 192.168.150.1 dev eth0 nexthop via 192.168.150.2 dev eth0
It works, but the problem is that connections on third server are shown that their connected from 192.168.150.1 or 192.168.150.2. Are there is any way to keep original connection source address, when connecting to 192.168.150.3?
I have a CentOS5 box I use to run ASSP for Anti-spam. It has a single NIC. I configure network settings using Webmin. I have two Internet connections managed by different routers.
Both routers port forward traffic on port 25 (SMTP) to the CentOS box. The SMTP connections only work for the router that is the default gateway on the CentOS box! If Router 1 is configured as the default gateway in CentOS then I can Telnet to that routers WAN IP on port 25 and successfully send mail! On Router 2 I get no connection unless I change the default gateway in CentOS to be the IP of Router 2 thern Router 1 SMTP connections will not work! I imagine that CentOS is sending out it's responses to the default gateway instead of the Router that initiated the port forward?
I`ve got a network (192.168.1.0/24)with common internet gateway (gw 192.168.1.253).Everything works good and i have access to i-net through 192.168.1.253 from all loacl machines. Then I tried to make and internal server as a firewall for local subnetwork. It is CentOS 5.3 based.
Code: [root@router etc]# uname -a Linux router 2.6.9-89.0.16.EL #1 Tue Nov 3 17:15:02 EST 2009 i686 i686 i386 GNU/Linux
I have two NICs and both having different IPs and Default Gateways. Now CentOS by default picks only one default gateway and puts entry in routing table (route -n). I want to keep both default gateway in active mode to achieve redundancy. For example if traffic enters through eth0 then it goes out using default gateway of eth0 and if traffic enters from eth1 then it goes out using default gateway of eth1. I use command route add default gw 192.168.0.1 netmask 0.0.0.0 dev eth2 then both default gateways becomes active. Now I want to make sure that when server reboots both default gateways are setup. For this I wrote shell script/sbin/route add default gw 192.168.0.1 netmask 0.0.0.0 dev eth0/sbin/route add default gw 192.168.0.10 netmask 0.0.0.0 dev eth1I am calling this script via /etc/rc.local but it doesn't work on boot time however once server is booted and I execute script (sh script.sh) then it works fine.
I'm hosting a Sendmail Cyrus-Imap server on fedora 12. I recently installed a second NIC on a second internet gateway and successfully configured source based routing. Clients are able to connect over the mail.domain.com received from the gateway 192.168.0.1 to the interface 192.168.0.254. ETH0. Clients are also able to connect from pop3.domain.com and smtp.domain.com from the second gateway 192.168.1.1 to the interface 192.168.1.254. ETH1
I have cyrus-imap certs configured for the mail.domain.com and a Sendmial cert configured for mail.domain.com. My question is how would I tell sendmail and cyrus that the mail.domain.com goes out the ETH0 but deliver the second and third cert (eg cyrus sends pop3.domain.com and sendmail sends smtp.domain.com) to clients connected on ETH1?
Assume I installed originally CentOS Desktop with IP receiving from DHCP server.Later I decided to assign a fixed IP to the local CentOS installation.How do I switch (permanently) the dynamic DHCP IP assignment to a fixed IP?
I am using 2 wireless network adaptors,one intel 5300 AGN (driver iwlagn)and the other one smc ezconnect ( driver zd1211rw), a usb adaptor The intel 5300 AGN has a hardware switch.
However, everytime i turn off the hardware switch of intel 5300 AGN, the smc ezconnect adaptor is turned off too. How to I prevent this(how to make 2 switch for 2 adaptors?)
We have an old Zonet 10/100 switch in our home network that locks up whenever there's a power glitch longer than about a microsecond. (OK. It's not that bad but if the lights flicker, I usually end up going down to the basement to see if the switch is hung.) None of the computers or peripherals are affected by the glitches, BTW. Power-cycle the switch and everything starts working again. After putting up with this for months I finally picked up a Netgear 8-port 10/100/1000 switch to replace the Zonet. Unfortunately, when the Netgear switch is in the network, everything slows to a crawl before completely freezing up. Pinging other systems barely worksname would not work.Pinging another system by its IP address worked a little but packet losses of 70%-80% were the best I saw. At first. Then it gets to where the loss is 100%.
All systems were rebooted after the Netgear switch was inserted into the network. The systems that were capable of gigabit connections autosensed the new switch and set their port speed accordingly. And that's about all that works when the Netgear switch is present. (The Zonet is back in the network now.)One thing I have not tried is forcing the port speed on the gigabit-capable systems to 100Mb and re-inserting the Netgear switch into the network to see if the problem if due to running some of the ports at 1000Mb.The systems on the network are running various versions of Linux (with different kernel versions, of course). Most are due for upgrades to get them current but I was planning on hitting the systems that had gigabit-capable ethernet interfaces thinking that a.) 100Mb speeds have been around forever and no problems have been seen when everything was running at 100Mb in the past and b.) the gigabit support for the older kernels should be better (one system only supports an MTA of 1500 max at 1000Mb).
Our ISP provides us with Layer 2 hardware (Modem?/Switch? (Hatteras)) for our leased line and internet access. I have been told that I should set up a VLAN capable router to separate the internet traffic from the internal traffic. I found that linux is capable of VLAN routing. Nice!
I have setup opensuse 10.3 put in two NICs and did the following vconfig add eth0 10 vconfig add eth0 20 ifconfig public.ip.add.ress netmask 255.255.255.252 eth0.10 up ifconfig 192.168.0.1 netmask 255.255.255.0 eth0.20 up
Plugged this NIC into the HATTERAS hardware (with a straight cable), and thought that this way I should be able to ping the public gateway or any ip out on the internet. My ISP is telling me that I should create a VLAN trunk to be able to 'use the internet', but as I understand in linux if I create any number of VLANs on one NIC they are already trunked. I also got the info, that the traffic is tagged, and I can separate the traffic reading the tags. I already read that some NICs are not able to VLAN because they are not able to handle the increased packet size.
Also that the MTU setting is important (dono' the exact value though, only that its important). I thought that a linux machine can act as a router and firewall in such a case, because proprietary switches/routers use linux as embedded os. This is my first meeting with VLAN so if this whole post does not make any sense or you think that I just need to RTFM more then tell me! I also have some (3) Dlink 3226 Layer2 switches around, but I think it would be waste to use a 24 port switch on this subject.
I have router based on CentOS system with DHCP server. In one eth I have fiber converter attached in second one I have Cisco Catalyst switch connected. From the switch rest of ports are used to provide internet traffic to rest of network. I wanted to divide each segment of network (based on switch ports) that they don't see each other (it'll be good for me if someone will connect his wireless router to the network not to WAN by LAN port and start be a second DHCP server). So my network configuration:
CentOS:
DHCP with range 10.0.0.1/8 network
Switch ports
1 - CentOS DHCP 2 - second server
[code]....
Parts of networks I've assigned IPs 10.network_part.subnet_part.client_ip so I have addresses for clients: 10.1.1.2/8, 10.2.1.3/8, 10.3.0.4/8, etc ...
I've decided to give each port it's own VLAN like below:
And after doing that whole network stopped working. I think that cisco part of configuration is OK (at least customer ports, I don't know if there is any additional info needed for trunk port). On CentOS router I didn't setup anything regarding VLANs ...
I followed the instructions on this page ([URL]) in order to secure my sshd and prevent anyone form accessing the server directly as root. Therefore I changed the "PermitRootLogin yes" to "PermitRootLogin no" and restarted sshd. After that root access was denied directly but for some reason I am unable to switch to root from any of the normal user accounts with "su -" because I keep getting the "Incorrect password" errors. I am sure that the password is correct but for some, to me unclear, reasons I am unable to access the root account over SSH from a normal user account. I also noticed that after that I lost the ability to access the server as root over SFTP. why I am unable to generally use the root account after doing the named changes to sshd_config/ I am running CentOS 5.4 with the newest update.
I had something I think if very odd happen to one of my computers at work today, it appears to have spontaneously switched from having a static address set to getting its address by dhcp.this is a small office with a mix of mostly linux servers and desktops with a few stand alone windows computers, mostly notebooks. Most of the desktop computers get their address by dhcp, they all have NIS /NFS for remote mounted home directories (interchangeable desktops so anyone can log in at any desk). The particular desktop computer in question here has a shared printer on its parallel port, so has a static IP. Yesterday a UPS in the server rack died, after pulling it and plugging things back in and restarting the servers, it was easiest just to reboot all the desktops, everything came up ok including the desktop in question, and the printer did work.
Today I pulled the oversized UPS from this desktop to replace the dead one, and put a more appropriately sized one in its place, shut the servers down again, rebooted, etc,About an hour later someone tells me the printer is not working on the desktop, and after a lot of searching I find this desktop has the wrong IP address, I ran system-config-network and it showed the address was set to dhcp, I changed this back to the correct static IP and things seem to be working ok now.
When there is a power failure at my university for about 30 minute, my computer stays up because of a UPS, but the switch it is connected to via ethernet is reset. After this, my machine loses network connectivity until I manually select the network using nm-applet.
In System -> Preferences -> Network Connections, the network has the "Connect automatically" box checked.
However, in /etc/NetworkManager/nm-system-settings.conf, there is a line that says:
Code: no-auto-default=00:30:48:b0:11:07, and that is the MAC address of the ethernet card.
Have a strange problem with the network icon on my laptop.
I have two users (me & my wife). We often log in and use switch users so we're both logged in at the same time.
Whoever logs in first will get the network manager icon in the top panel, and whoever logs in second won't get the icon.
The second user does get a message (growl notification?) saying the wireless network <whatever> is now connected & it is indeed connected.
It's a bit annoying, as if I log in second, I can't chnage my wireless network to the other one we have, I'm stuck using whichever one my wife selected.
I have a program that attaches to an interface. I can run two copies of the program on two systems (each running one instance), connect it to a switch, say 1.1.1.1 & 1.1.2.1. In this configuration two instances of the program can communicate and everything is fine.
Now, to reduce cost, it want to use only one system with two nics connected to the same switch, running two instances of the above program, each instance attached to two interfaces respectively on the system. I have the following settings:
eth1 Link encap:Ethernet HWaddr XXXXXXXXXXXXXXX inet addr:1.1.1.1 Bcast:1.1.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth2 Link encap:Ethernet HWaddr XXXXXXXXXXXXXXX inet addr:1.1.2.1 Bcast:1.1.2.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
i want to authenticate user (client) via switch to the radius server(CentOS)Can anyone tell me the authentication/authorization configuration that should be made in the switch (huawei) and the radius server(centos).Esp. the main files under /etc/raddb/ in the Server& the configuration to be made under the radius server template "test"( as of my case)...
I have a server that is on both a standard network and a virtual network, as follows: server1 attached to standard network server1 acting as Dom0 with two linux DomU guests (under Xen) I only have one network card. How do I configure server1 to have a different hostname on the standard network than on the virtual network? Here are the relevant network configuration files for server1:
I am attempting to setup a network to network VPN tunnel between our main office and a temporary location. This location need full VPN access back to the main office's network.Anyhow we have spent about 3 solid days attempting to make this work without any great success. Here is our network scheme for these two devices.
Network A (Main Office) (OpenBSD using isakmpd) Network: 172.16.8.0/24 External IP: 1.1.1.1 (obviously not the real IP)[code].....
I just upgraded from Ubuntu 9.04 64-bit, to CentOS 5.5 64-bit and my RT-73 USB network card doesn't seem to want to function. It always worked fine in Ubuntu by default (plug and play). Is there some setting I need to make to get this working?Even BT-3 (which is quite old) recognizes the RT-73.
I have a laptop connected to the the net thru an adsl modem, when I switch off the laptop network interface,(thru system-config-network) the light of the laptop network card plugged in the router stays on ( green) where as in my pc, when i do the same thing , the light of my pc network card goes off in the modem
I am having some troubles using iptable rules on two Servers that act as Gateways pointed to one backend server with only one interface.
To be more exact, i have 3 Servers, 2 of those have a public and a private interface, with different public ips but common private interface ( they connect to the same switch ), the last one only has 1 private interface and is connected to that same switch.
Those 2 servers also act as a gateway and a firewall for the private network.
My problem is that i cannot seem able to route traffic from both of those to the third one and back to the same public ip that the request came from ( effectivly using two gateways on the machine with only one interface ).
As a testing scenario i am using ferm for applying iptable rules that forward ssh traffic ( for example ) to the backend server, and it works well when i do it with one gateway.
When i apply something like this in /etc/network/interfaces on the backend server though:
Even though forcing selection of an interface from the backend server ( like curl --interface ) seems to work well, meaning that the request to the curl appear to happen from the correct public ip, i can still only use one of the public ips to access the server with the ferm rules. Ideally i should be able to ssh to the backend server from both public ips using their ferm rules for forwarding traffic to the backend server.
I feel like i am missing some details on routing that should happen on the firewalls as the backend server seems to be able to use both gateways to access the internet and receive replies from it.
I had trouble connecting to a wireless network with openSUSE, so I tried the YAST network manager to see if that fixed it. Not only did it not fix it, but now I cannot connect to any network, wired or wireless. I tried to open the default network manager and it said "Network management disabled". How do I re-enable it?I also have set YAST settings back to their originals with no luck.
I'm a Linux n00b (very fluent in Windows, though ) that is attempting to set up a (currently) 3-computer cluster. My server node is a Pentium 4, and my client nodes are a Pentium 4 and a Pentium 3 (whatever I have lying around ) I chose to use OSCAR for my clustering interface and CentOS 5 for my server node OS. Yay. I made it through the installation prerequisites, but when it came to configure the NIC, I got stuck.
I opened the /etc/hosts file, tinkered with it, but something inevitably got screwed up. I can still use the Internet, but it won't let me install OSCAR. Running a system-sanity check returns:
All I need to know is what the /etc/hosts file should look like for a CentOS 5.4 installation with 1 NIC that is not connected to a domain (only a LAN). It is connected to a router which in turn is connected to my home network (I don't know what to do about that). The hostname should be surgeonfishr and the IP address should be 192.168.0.150.
I know this question is probably really stupid, but I've logged a total of about 10 hours time on Linux...ever. (And 35000 hours on Windows.)
I am trying to learn about networking and am looking to set up a mini network between three bare bones Centos machines in Virtualbox. I set up the machines with a static IP. In the Virtualbox I am using NAT and have the IPs as follows Centos-1 IP: 10.0.2.15 Gateway: 10.0.2.2 DNS: 10.0.2.3
On all machines i can ping google.com, and yum updates, but I can not ping any other machine. It says they are unreachable. NOt really sure what to do. Any help would be much appreciated.