point-to-site setup - Server/Site is hosted on Ubuntu 10.04

Twobit · **Joined:** Fri Oct 15, 2010 11:57 pm **Posts:** 16

Hi All,

I have been trying to get a point to site configuration working between Mac, Linux and Windows....

Server-Side Network Setup:
Modem/Router (all in one): 10.1.1.1
Server IP: 10.1.1.7 (static)
NeoRouter DHCP Start: 10.1.1.150

The Server (Site):
NeoRouter 1.3 Client and Server
Server has no Firewall and is DMZ
Bridged eth0 and nrtap, using a startup script:
Path: /etc/init.d/neorouter-bridge
Contents:

Code:

 brctl addbr br0
 brctl addif br0 eth0
 brctl addif br0 nrtap
 ifconfig eth0 0.0.0.0 promisc up
 ifconfig nrtap 0.0.0.0 promisc up
 ifconfig br0 10.1.1.7 netmask 255.255.255.0 broadcast 10.1.1.255 up
 route add default gw 10.1.1.1 br0

NeoRouter Bridge Setup (server and clients):
Linux (host - 10.1.1.151) location: /usr/local/ZebraNetworkSystems/NeoRouter/Feature.ini
Mac (client - 10.1.1.152) location: /usr/local/ZebraNetworkSystems/NeoRouter/Feature.ini
Windows 7 (client - 10.1.1.153) location: c:\Users\All Users\ZebraNetworkSystems\NeoRouter\Feature.ini

Contents:

Code:

[Default]
NetworkBridge=1
LANSegment1=10.1.1.1-10.1.1.150,10.1.1.151

It appears that the server's bridge is functional, as local machines are able to ping both interfaces (eth0 IP and nrtap).

The clients are able to connect to the server and correctly shows the machines as online.

The issue I have is the remote machines are unable to ping/smb/remote any machines on the Site LAN. All machines have been set to the DMZ of their networks and have firewalls disabled.

The only thing I can think of, is that the Feature.ini is not being read correctly on the server?But that should mean its not in bridge mode then?

Any Ideas...

Twobit

Twobit · **Joined:** Fri Oct 15, 2010 11:57 pm **Posts:** 16

I am still at a loss as to what is wrong, as this setup functions perfectly on a windows client/server with a bridge.

Here is the output from my ifconfig on the linux box with br0 created via a script (see previous post):

Code:

br0       Link encap:Ethernet  HWaddr ??:??:??:??:??:??
          inet addr:10.1.1.7  Bcast:10.1.1.255  Mask:255.255.255.0
          inet6 addr: fe80::210:f3ff:fe10:4164/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1300  Metric:1
          RX packets:2931 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2576 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:401257 (401.2 KB)  TX bytes:733233 (733.2 KB)

eth0      Link encap:Ethernet  HWaddr ??:??:??:??:??:??
          inet6 addr: fe80::210:f3ff:fe10:4164/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:31311 errors:0 dropped:0 overruns:0 frame:0
          TX packets:35389 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:4762693 (4.7 MB)  TX bytes:6346702 (6.3 MB)
          Memory:fdae0000-fdb00000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:26403 errors:0 dropped:0 overruns:0 frame:0
          TX packets:26403 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:4736035 (4.7 MB)  TX bytes:4736035 (4.7 MB)

nrtap     Link encap:Ethernet  HWaddr??:??:??:??:??:??
          inet6 addr: fe80::4c84:b4ff:fe5a:df69/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1300  Metric:1
          RX packets:1375 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11042 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:257740 (257.7 KB)  TX bytes:1562615 (1.5 MB)

I know that the bridge means both network devices will now have 10.1.1.7. I have set br0 to be 10.1.1.151, the remote machines can now ping the server but does not grant them access to the remote network. I have also disabled IPV6.. the new ifconfig is:

Code:

br0       Link encap:Ethernet  HWaddr ??:??:??:??:??:??
          inet addr:10.1.1.151  Bcast:10.1.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1300  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:648 (648.0 B)

eth0      Link encap:Ethernet  HWaddr ??:??:??:??:??:??
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:645 errors:0 dropped:0 overruns:0 frame:0
          TX packets:800 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:90776 (90.7 KB)  TX bytes:116012 (116.0 KB)
          Memory:fdae0000-fdb00000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:562 errors:0 dropped:0 overruns:0 frame:0
          TX packets:562 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:86432 (86.4 KB)  TX bytes:86432 (86.4 KB)

nrtap     Link encap:Ethernet  HWaddr ??:??:??:??:??:??
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1300  Metric:1
          RX packets:45 errors:0 dropped:0 overruns:0 frame:0
          TX packets:175 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:6422 (6.4 KB)  TX bytes:19066 (19.0 KB)

kevinz · **Joined:** Sun Nov 16, 2008 6:41 am **Posts:** 1878

Hi Twobit,

To troubleshoot, please use tcpdump to monitor the gateway and try to ping it from a client, then monitor a computer without NR installed, see if the packets have been routed it.

Thanks,
KevinZ - NeoRouter team

Twobit · **Joined:** Fri Oct 15, 2010 11:57 pm **Posts:** 16

Hi Kevinz,

Thank you will will run the tcpdump -i br0 on the gateway, as you suggest. What IP should my gateway's bridge (br0) be?
1. eth0 value (10.1.1.7)
2. NR Client IP (10.1.1.151)
3. Other, another random IP no in use, for example 10.1.1.200

I will setup a linux VM to test when i attempt to ping another local machine.

On the windows gate, that I am phaising out, the local network is able to ping the LAN IP, NR Client IP and Bridge IP. However on the Linux gateway, only the Bridge IP is ping-able.

It this expected?

Here are some outputs of my bridge setup:

Code:

CMD: brctl show br0
bridge name     bridge id               STP enabled     interfaces
br0             8000.0010f3104164       no               eth0 & nrtap

Code:

route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.1.1.0        *               255.255.255.0   U     0      0        0 br0
default         localrouter     0.0.0.0         UG    0      0        0 br0

is the script using at startup to bridge eth0 and nrtap correct?

Community

point-to-site setup - Server/Site is hosted on Ubuntu 10.04

Who is online

Products

Download

Support

Buy

About us

Login