From: David Ford <david+challenge-response@blue-labs.org>
To: Gene Heskett <gene.heskett@verizon.net>
Cc: linux-kernel@vger.kernel.org
Subject: Re: changing ethernet devices, new one stops cold at iptables
Date: Sun, 25 Jul 2004 17:23:33 -0400 [thread overview]
Message-ID: <410424D5.505@blue-labs.org> (raw)
In-Reply-To: <200407251628.14604.gene.heskett@verizon.net>
[-- Attachment #1: Type: text/plain, Size: 1248 bytes --]
No need to reboot it. Simply flush the neighbor cache.
Scott root # ip neigh flush help
Usage: ip neigh { add | del | change | replace } { ADDR [ lladdr LLADDR ]
[ nud { permanent | noarp | stale | reachable } ]
| proxy ADDR } [ dev DEV ]
ip neigh {show|flush} [ to PREFIX ] [ dev DEV ] [ nud STATE ]
David
Gene Heskett wrote:
>On Sunday 25 July 2004 05:50, Henrik Nordstrom wrote:
>
>
>>On Thu, 22 Jul 2004, Gene Heskett wrote:
>>
>>
>>>I can ping the firewall, and I can ssh into it, so that part of
>>>the network is fine, I just cannot get past iptables in the
>>>firewall when eth0 is the nforce hardware, which has a different
>>>MAC address.
>>>
>>>
>>Have you verified that the routing got correctly set up on the new
>>box?
>>
>> ip ro ls
>>
>>The usual cause to the symptoms you describe is that the default
>>route has gone missing or is invalid.
>>
>>
>
>The routing was good, showing the fireall as the default gateway
>address.
>
>In this case, the fix was to reboot the firewall so that its arp
>tables got refreshed to match the new MAC address of the onboard
>nforce (forcedeth) nic. Once that was done, everything was peachy.
>
>Thanks, I appreciate the reply, Henrik.
>
>
>
[-- Attachment #2: david+challenge-response.vcf --]
[-- Type: text/x-vcard, Size: 183 bytes --]
begin:vcard
fn:David Ford
n:Ford;David
email;internet:david@blue-labs.org
title:Industrial Geek
tel;home:Ask please
tel;cell:(203) 650-3611
x-mozilla-html:TRUE
version:2.1
end:vcard
next prev parent reply other threads:[~2004-07-25 21:22 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <Pine.LNX.4.44.0407251149290.25333-100000@filer.marasystems.com>
2004-07-25 20:28 ` changing ethernet devices, new one stops cold at iptables Gene Heskett
2004-07-25 21:23 ` David Ford [this message]
2004-07-25 23:45 ` Gene Heskett
[not found] <200407222114.20301.gene.heskett@verizon.net>
[not found] ` <4100F2F0.3080300@redhat.com>
2004-07-23 12:46 ` Gene Heskett
2004-07-23 13:25 ` Gene Heskett
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=410424D5.505@blue-labs.org \
--to=david+challenge-response@blue-labs.org \
--cc=gene.heskett@verizon.net \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.