* iptables masquerade cache problems
@ 2003-09-29 8:23 lu
2003-09-29 11:04 ` Mickael DILY
0 siblings, 1 reply; 5+ messages in thread
From: lu @ 2003-09-29 8:23 UTC (permalink / raw)
To: netfilter
Hi,
I have two lines that were masqueraded, one ADSL and another is ISDN for
backup. When the line ADSL is broken I switch the line to ISDN. The problem
is: when I use ping to test (ping -t from windows client), after the line
was switched to ISDN, the source address was still that of ADSL instead of
ISDN. But, when I stopped the ping from client for a while, all things went
well. It seems a problem of cache. What is the work-around for it? At a
moment I just down the ADSL interface. You can do this test with two lan
interfaces.
The Configuration is:
iptables -t nat -A POSTROUTING -o hsb0 -j MASQUERADE # for ADSL
iptables -t nat -A POSTROUTING -o ippp0 -j MASQUERADE # for ISDN
default gw dev was hsb0 (ADSL)
when ADSL was down then :
route del default dev hsb0
route add default dev ippp0
Best regards,
Jianliang Lu
TieSse s.p.a Ivrea (to) Italy
j.lu@tiesse.com
luj@libero.it
http://www.tiesse.com
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: iptables masquerade cache problems
2003-09-29 8:23 iptables masquerade cache problems lu
@ 2003-09-29 11:04 ` Mickael DILY
2003-09-29 11:19 ` Ray Leach
0 siblings, 1 reply; 5+ messages in thread
From: Mickael DILY @ 2003-09-29 11:04 UTC (permalink / raw)
To: j.lu, netfilter
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi, i have already had this problem with windows clients. It seems it's not a
bug from your linux box, but only from the windows client, whose still have
your old ip in cache. For my part, i don't know how to work around for this
bug
Le Lundi 29 Septembre 2003 10:23, lu a écrit :
Hi,
I have two lines that were masqueraded, one ADSL and another is ISDN for
backup. When the line ADSL is broken I switch the line to ISDN. The problem
is: when I use ping to test (ping -t from windows client), after the line
was switched to ISDN, the source address was still that of ADSL instead of
ISDN. But, when I stopped the ping from client for a while, all things went
well. It seems a problem of cache. What is the work-around for it? At a
moment I just down the ADSL interface. You can do this test with two lan
interfaces.
The Configuration is:
iptables -t nat -A POSTROUTING -o hsb0 -j MASQUERADE # for ADSL
iptables -t nat -A POSTROUTING -o ippp0 -j MASQUERADE # for ISDN
default gw dev was hsb0 (ADSL)
when ADSL was down then :
route del default dev hsb0
route add default dev ippp0
Best regards,
Jianliang Lu
TieSse s.p.a Ivrea (to) Italy
j.lu@tiesse.com
luj@libero.it
http://www.tiesse.com
- --
- - M. DILY, administrateur réseau, geek :-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE/eBHIzEzekoYhlpsRAnbvAJwMYms5Vg+d0gVfoPH3rJ/jV7s1LgCfTyKN
SJ8P+jawRbS97afL3VxnNKg=
=ZeBt
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: iptables masquerade cache problems
2003-09-29 11:04 ` Mickael DILY
@ 2003-09-29 11:19 ` Ray Leach
2003-09-29 13:17 ` Mickael DILY
0 siblings, 1 reply; 5+ messages in thread
From: Ray Leach @ 2003-09-29 11:19 UTC (permalink / raw)
To: Netfilter Mailing List
[-- Attachment #1: Type: text/plain, Size: 2102 bytes --]
On Mon, 2003-09-29 at 13:04, Mickael DILY wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi, i have already had this problem with windows clients. It seems it's not a
> bug from your linux box, but only from the windows client, whose still have
> your old ip in cache. For my part, i don't know how to work around for this
> bug
>
You need to use ipconfig on the windows clients to flush the dns and
routing cache. See the docs on ipconfig /? on winblows.
> Le Lundi 29 Septembre 2003 10:23, lu a écrit :
> Hi,
> I have two lines that were masqueraded, one ADSL and another is ISDN for
> backup. When the line ADSL is broken I switch the line to ISDN. The problem
> is: when I use ping to test (ping -t from windows client), after the line
> was switched to ISDN, the source address was still that of ADSL instead of
> ISDN. But, when I stopped the ping from client for a while, all things went
> well. It seems a problem of cache. What is the work-around for it? At a
> moment I just down the ADSL interface. You can do this test with two lan
> interfaces.
> The Configuration is:
> iptables -t nat -A POSTROUTING -o hsb0 -j MASQUERADE # for ADSL
> iptables -t nat -A POSTROUTING -o ippp0 -j MASQUERADE # for ISDN
>
> default gw dev was hsb0 (ADSL)
> when ADSL was down then :
> route del default dev hsb0
> route add default dev ippp0
>
>
> Best regards,
> Jianliang Lu
>
> TieSse s.p.a Ivrea (to) Italy
> j.lu@tiesse.com
> luj@libero.it
> http://www.tiesse.com
>
> - --
> - - M. DILY, administrateur réseau, geek :-)
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
>
> iD8DBQE/eBHIzEzekoYhlpsRAnbvAJwMYms5Vg+d0gVfoPH3rJ/jV7s1LgCfTyKN
> SJ8P+jawRbS97afL3VxnNKg=
> =ZeBt
> -----END PGP SIGNATURE-----
--
--
Raymond Leach <raymondl@knowledgefactory.co.za>
Network Support Specialist
http://www.knowledgefactory.co.za
"lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import"
Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28
--
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: iptables masquerade cache problems
2003-09-29 11:19 ` Ray Leach
@ 2003-09-29 13:17 ` Mickael DILY
2003-09-29 13:55 ` Ray Leach
0 siblings, 1 reply; 5+ messages in thread
From: Mickael DILY @ 2003-09-29 13:17 UTC (permalink / raw)
To: Ray Leach, Netfilter Mailing List
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thanks for your help, but i think it's something more vicious thant ipconfig.
When I boot the win2000 client, he's got an ip via dhcp. all is correct.
Now, i disconnect it physically from the network, ipconfig /renew, same thing.
I reboot it without cable, same thing : the same ip, and it also find a dhcp
(remember it is not connected).
3 or 4 reboot later, everything is correct.... I don't know where it comes
from, but it is from windows, and i don't have time to find an answer
Le Lundi 29 Septembre 2003 13:19, Ray Leach a écrit :
On Mon, 2003-09-29 at 13:04, Mickael DILY wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi, i have already had this problem with windows clients. It seems it's
> not a bug from your linux box, but only from the windows client, whose
> still have your old ip in cache. For my part, i don't know how to work
> around for this bug
You need to use ipconfig on the windows clients to flush the dns and
routing cache. See the docs on ipconfig /? on winblows.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE/eDDhzEzekoYhlpsRAmM3AKDI6n6ygpj9m+O62GxawR5RP9TTqACfSlV3
U0F3OQlw30moaF20r+hkQOM=
=Bkse
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: iptables masquerade cache problems
2003-09-29 13:17 ` Mickael DILY
@ 2003-09-29 13:55 ` Ray Leach
0 siblings, 0 replies; 5+ messages in thread
From: Ray Leach @ 2003-09-29 13:55 UTC (permalink / raw)
To: woksy; +Cc: Netfilter Mailing List
[-- Attachment #1: Type: text/plain, Size: 1920 bytes --]
On Mon, 2003-09-29 at 15:17, Mickael DILY wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Thanks for your help, but i think it's something more vicious thant ipconfig.
> When I boot the win2000 client, he's got an ip via dhcp. all is correct.
> Now, i disconnect it physically from the network, ipconfig /renew, same thing.
> I reboot it without cable, same thing : the same ip, and it also find a dhcp
> (remember it is not connected).
> 3 or 4 reboot later, everything is correct.... I don't know where it comes
> from, but it is from windows, and i don't have time to find an answer
>
Do you have a domain controller that uses ADS? Is this machine
configured to register with the DNS server? If so, then you also need to
purge the DNS record on the DC and flush the machine from the DC's
Netbios name cache.
Winblows is broken ...
>
> Le Lundi 29 Septembre 2003 13:19, Ray Leach a écrit :
> On Mon, 2003-09-29 at 13:04, Mickael DILY wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hi, i have already had this problem with windows clients. It seems it's
> > not a bug from your linux box, but only from the windows client, whose
> > still have your old ip in cache. For my part, i don't know how to work
> > around for this bug
>
> You need to use ipconfig on the windows clients to flush the dns and
> routing cache. See the docs on ipconfig /? on winblows.
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
>
> iD8DBQE/eDDhzEzekoYhlpsRAmM3AKDI6n6ygpj9m+O62GxawR5RP9TTqACfSlV3
> U0F3OQlw30moaF20r+hkQOM=
> =Bkse
> -----END PGP SIGNATURE-----
--
--
Raymond Leach <raymondl@knowledgefactory.co.za>
Network Support Specialist
http://www.knowledgefactory.co.za
"lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import"
Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28
--
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2003-09-29 13:55 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-09-29 8:23 iptables masquerade cache problems lu
2003-09-29 11:04 ` Mickael DILY
2003-09-29 11:19 ` Ray Leach
2003-09-29 13:17 ` Mickael DILY
2003-09-29 13:55 ` Ray Leach
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox