* iptables masquerade cache problems @ 2003-09-29 8:23 lu 2003-09-29 11:04 ` Mickael DILY 0 siblings, 1 reply; 5+ messages in thread From: lu @ 2003-09-29 8:23 UTC (permalink / raw) To: netfilter Hi, I have two lines that were masqueraded, one ADSL and another is ISDN for backup. When the line ADSL is broken I switch the line to ISDN. The problem is: when I use ping to test (ping -t from windows client), after the line was switched to ISDN, the source address was still that of ADSL instead of ISDN. But, when I stopped the ping from client for a while, all things went well. It seems a problem of cache. What is the work-around for it? At a moment I just down the ADSL interface. You can do this test with two lan interfaces. The Configuration is: iptables -t nat -A POSTROUTING -o hsb0 -j MASQUERADE # for ADSL iptables -t nat -A POSTROUTING -o ippp0 -j MASQUERADE # for ISDN default gw dev was hsb0 (ADSL) when ADSL was down then : route del default dev hsb0 route add default dev ippp0 Best regards, Jianliang Lu TieSse s.p.a Ivrea (to) Italy j.lu@tiesse.com luj@libero.it http://www.tiesse.com ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: iptables masquerade cache problems 2003-09-29 8:23 iptables masquerade cache problems lu @ 2003-09-29 11:04 ` Mickael DILY 2003-09-29 11:19 ` Ray Leach 0 siblings, 1 reply; 5+ messages in thread From: Mickael DILY @ 2003-09-29 11:04 UTC (permalink / raw) To: j.lu, netfilter -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, i have already had this problem with windows clients. It seems it's not a bug from your linux box, but only from the windows client, whose still have your old ip in cache. For my part, i don't know how to work around for this bug Le Lundi 29 Septembre 2003 10:23, lu a écrit : Hi, I have two lines that were masqueraded, one ADSL and another is ISDN for backup. When the line ADSL is broken I switch the line to ISDN. The problem is: when I use ping to test (ping -t from windows client), after the line was switched to ISDN, the source address was still that of ADSL instead of ISDN. But, when I stopped the ping from client for a while, all things went well. It seems a problem of cache. What is the work-around for it? At a moment I just down the ADSL interface. You can do this test with two lan interfaces. The Configuration is: iptables -t nat -A POSTROUTING -o hsb0 -j MASQUERADE # for ADSL iptables -t nat -A POSTROUTING -o ippp0 -j MASQUERADE # for ISDN default gw dev was hsb0 (ADSL) when ADSL was down then : route del default dev hsb0 route add default dev ippp0 Best regards, Jianliang Lu TieSse s.p.a Ivrea (to) Italy j.lu@tiesse.com luj@libero.it http://www.tiesse.com - -- - - M. DILY, administrateur réseau, geek :-) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE/eBHIzEzekoYhlpsRAnbvAJwMYms5Vg+d0gVfoPH3rJ/jV7s1LgCfTyKN SJ8P+jawRbS97afL3VxnNKg= =ZeBt -----END PGP SIGNATURE----- ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: iptables masquerade cache problems 2003-09-29 11:04 ` Mickael DILY @ 2003-09-29 11:19 ` Ray Leach 2003-09-29 13:17 ` Mickael DILY 0 siblings, 1 reply; 5+ messages in thread From: Ray Leach @ 2003-09-29 11:19 UTC (permalink / raw) To: Netfilter Mailing List [-- Attachment #1: Type: text/plain, Size: 2102 bytes --] On Mon, 2003-09-29 at 13:04, Mickael DILY wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, i have already had this problem with windows clients. It seems it's not a > bug from your linux box, but only from the windows client, whose still have > your old ip in cache. For my part, i don't know how to work around for this > bug > You need to use ipconfig on the windows clients to flush the dns and routing cache. See the docs on ipconfig /? on winblows. > Le Lundi 29 Septembre 2003 10:23, lu a écrit : > Hi, > I have two lines that were masqueraded, one ADSL and another is ISDN for > backup. When the line ADSL is broken I switch the line to ISDN. The problem > is: when I use ping to test (ping -t from windows client), after the line > was switched to ISDN, the source address was still that of ADSL instead of > ISDN. But, when I stopped the ping from client for a while, all things went > well. It seems a problem of cache. What is the work-around for it? At a > moment I just down the ADSL interface. You can do this test with two lan > interfaces. > The Configuration is: > iptables -t nat -A POSTROUTING -o hsb0 -j MASQUERADE # for ADSL > iptables -t nat -A POSTROUTING -o ippp0 -j MASQUERADE # for ISDN > > default gw dev was hsb0 (ADSL) > when ADSL was down then : > route del default dev hsb0 > route add default dev ippp0 > > > Best regards, > Jianliang Lu > > TieSse s.p.a Ivrea (to) Italy > j.lu@tiesse.com > luj@libero.it > http://www.tiesse.com > > - -- > - - M. DILY, administrateur réseau, geek :-) > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.7 (GNU/Linux) > > iD8DBQE/eBHIzEzekoYhlpsRAnbvAJwMYms5Vg+d0gVfoPH3rJ/jV7s1LgCfTyKN > SJ8P+jawRbS97afL3VxnNKg= > =ZeBt > -----END PGP SIGNATURE----- -- -- Raymond Leach <raymondl@knowledgefactory.co.za> Network Support Specialist http://www.knowledgefactory.co.za "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import" Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28 -- [-- Attachment #2: This is a digitally signed message part --] [-- Type: application/pgp-signature, Size: 198 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: iptables masquerade cache problems 2003-09-29 11:19 ` Ray Leach @ 2003-09-29 13:17 ` Mickael DILY 2003-09-29 13:55 ` Ray Leach 0 siblings, 1 reply; 5+ messages in thread From: Mickael DILY @ 2003-09-29 13:17 UTC (permalink / raw) To: Ray Leach, Netfilter Mailing List -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks for your help, but i think it's something more vicious thant ipconfig. When I boot the win2000 client, he's got an ip via dhcp. all is correct. Now, i disconnect it physically from the network, ipconfig /renew, same thing. I reboot it without cable, same thing : the same ip, and it also find a dhcp (remember it is not connected). 3 or 4 reboot later, everything is correct.... I don't know where it comes from, but it is from windows, and i don't have time to find an answer Le Lundi 29 Septembre 2003 13:19, Ray Leach a écrit : On Mon, 2003-09-29 at 13:04, Mickael DILY wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, i have already had this problem with windows clients. It seems it's > not a bug from your linux box, but only from the windows client, whose > still have your old ip in cache. For my part, i don't know how to work > around for this bug You need to use ipconfig on the windows clients to flush the dns and routing cache. See the docs on ipconfig /? on winblows. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE/eDDhzEzekoYhlpsRAmM3AKDI6n6ygpj9m+O62GxawR5RP9TTqACfSlV3 U0F3OQlw30moaF20r+hkQOM= =Bkse -----END PGP SIGNATURE----- ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: iptables masquerade cache problems 2003-09-29 13:17 ` Mickael DILY @ 2003-09-29 13:55 ` Ray Leach 0 siblings, 0 replies; 5+ messages in thread From: Ray Leach @ 2003-09-29 13:55 UTC (permalink / raw) To: woksy; +Cc: Netfilter Mailing List [-- Attachment #1: Type: text/plain, Size: 1920 bytes --] On Mon, 2003-09-29 at 15:17, Mickael DILY wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Thanks for your help, but i think it's something more vicious thant ipconfig. > When I boot the win2000 client, he's got an ip via dhcp. all is correct. > Now, i disconnect it physically from the network, ipconfig /renew, same thing. > I reboot it without cable, same thing : the same ip, and it also find a dhcp > (remember it is not connected). > 3 or 4 reboot later, everything is correct.... I don't know where it comes > from, but it is from windows, and i don't have time to find an answer > Do you have a domain controller that uses ADS? Is this machine configured to register with the DNS server? If so, then you also need to purge the DNS record on the DC and flush the machine from the DC's Netbios name cache. Winblows is broken ... > > Le Lundi 29 Septembre 2003 13:19, Ray Leach a écrit : > On Mon, 2003-09-29 at 13:04, Mickael DILY wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Hi, i have already had this problem with windows clients. It seems it's > > not a bug from your linux box, but only from the windows client, whose > > still have your old ip in cache. For my part, i don't know how to work > > around for this bug > > You need to use ipconfig on the windows clients to flush the dns and > routing cache. See the docs on ipconfig /? on winblows. > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.7 (GNU/Linux) > > iD8DBQE/eDDhzEzekoYhlpsRAmM3AKDI6n6ygpj9m+O62GxawR5RP9TTqACfSlV3 > U0F3OQlw30moaF20r+hkQOM= > =Bkse > -----END PGP SIGNATURE----- -- -- Raymond Leach <raymondl@knowledgefactory.co.za> Network Support Specialist http://www.knowledgefactory.co.za "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import" Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28 -- [-- Attachment #2: This is a digitally signed message part --] [-- Type: application/pgp-signature, Size: 198 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2003-09-29 13:55 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2003-09-29 8:23 iptables masquerade cache problems lu 2003-09-29 11:04 ` Mickael DILY 2003-09-29 11:19 ` Ray Leach 2003-09-29 13:17 ` Mickael DILY 2003-09-29 13:55 ` Ray Leach
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox