logs archiveIRC Archive / Freenode / #centos / 2015 / November / 15 / 1
pj
@bugs miketo
centbot
If you think you have a bug then report it on http://bugs.centos.org - look for similar issues there with possible workarounds. If nothing found open a new ticket. Do the same at https://bugzilla.redhat.com and link the CentOS ticket to the BZ ticket in the field provided.
miketo
thanks
itadder
I can ping my virtual router, from my dhcp / dns centos vm
and from virtual vm router centos based, I can ping external lan, and public wan
e.g. web and my regular lan at home
but
from centos dns and dhcp server I can't ping outside
where do I look first for problem
miketo
what type of vm (and how's the vm network setup)
itadder
okay VMware EXSI and VCENTER
Centos 7 VM ROuter Basic Server (1) connected with two interface cards and two virtual switches
one virtual switch is my home production PLex vm network, and the second virtual switch is for this lab
the centos router on the first interface is connected to my plex Virtual Switch /network (bassically my home network), and the other interface is connected to the lab Virtual switch that also connect my DNS/DHCP server, MYSQL SERVER, and a CLient CENTOS Server
what my first troubleshooting step
when I do on my dns/dhcp server ip route
default via 192.168.2.1 dev ens160 proto static metric 100
default via 192.168.3.1 dev ens192 proto static metric 101
ens160 is on the server subnet and ens192 is on the client subnet
miketo
dont paste in chan (use pastebin or fpaste /whatever)
itadder
Okay sorry
miketo
whats ip route and ip addr for each machine
         

Bahhumbug
"sorry"
It's right there IN THE CHANNEL TOPIC.
itadder
okay let me etry
http://pastebin.centos.org/36196/
not working yet
Bahhumbug: Okay I just read the channel topic, no excuses I was wrong.
iWaldo
is there a way to configure password prompting and mounting of LUKS volumes at boot when installing centos 7? i've unlocked the volumes in the installer but i am unable to enter a mount point.
miketo
itadder: what are the interfaces on approuter (there are 3) -- you have two default routes
itadder
oh I do
ens32 connected to outside world get a IP via DHCP from outside world gateway (the router coonected to my cable modem)
ens33 connects to the server network server behind the centos vm app router / firewal
do I need to remove one of them
the second default route
miketo
i'm just trying to figure out how you've got it setup
itadder
ens34 connects the CLienet CENTOS workstations VM to the ntework
miketo
there are only 2 switches, but you have 3 interfaces?
itadder
and that would include the DHCP server and MY SQL
yea
I am using vmware port security
vlan
http://prntscr.com/92uy8y
miketo
router/ens34 is conneted to the same net/vlan as dns-dhcp/ens192 ?
itadder
no
let me chec
yes they are
THey are both
sorry miketo
miketo
and the x.x.3.x subnet is "lab" -- what's the x.x.2.x subnet?
itadder
x.x.2.x is Server subnet and x.x.3.x is the client both on the lab router
miketo
is labrouter == approuter?
itadder
yes
miketo
the DHCP-DNS server is connected to the client network o.o?
itadder
yes
to both
miketo
what a mess
^^;;
itadder
I think I will make it simpler
miketo
i've drawn a picture, let me know if this looks correct
         

itadder
okay
miketo
http://pasteboard.co/28TXHE8Q.png
and the problem is that you can't ping 192.168.1.1 from DNS-DHCP
itadder
oh
yea
or 8.8.8.8
miketo
ok, and you also intend to have ens160 up (connected to server network), correct?
itadder
yea
to provide dns
miketo
obvious stuff first: is the router corectly routing any traffic? (ip_forward=1)
or put another way: is this one host the only one with connectivity problems?
itadder
nope
the client and the my sql server also
the approuter is the only one wowrking
miketo
is ip forwarding enabled?
cat /proc/sys/net/ipv4/ip_forward
itadder
oh
let me check
cat /proc/sys/net/ipv4/ip_forward 1
I can a reponse of 1
on app router
is that the right syntax
miketo
is router running any sort of firewall --also post iptables -save -c
iptables-save -c (no space first part)
itadder
miketo
wait, i think i know what's happening. your external router only know's about the subnet 192.168.1.x -- so when it sees a packet from 192.168.2.x it responds out it's default gw (internet)
itadder
do I have to annouce it to it
miketo
(also thats *NOT* a full iptable-save)
i don't know if that router supports routing protocols
you can check by adding a static route (192.168.2.0/24 via <lan interface>) to the isp router
since this is all privte ipv4 addresses the isp_router must be doing nat for you. -- you might be better off skipping the router and setting up firewall / nat on the router vm
or using ipv6 (if available)
itadder
maybe I need to be doing nat
not sure How I had it working last week
and I did not document it
:(
I rush to get it to work
miketo
i bet if you run tcpdump (or tshark) on ens32 you wont see the reply coming back from the isp-router.
try this: run "tcpdump -i ens32 -f icmp" on router then start pinging from another host
ping 192.168.1.1 from dns-dhcp
« prev 1 2 3 next »