Solaris 10 12/06 IP Routing problems

Similar Messages

• Solaris 10/6/06 Routing

  Hello,
  I am trying to set up my Solaris server as a router and am having trouble. I am brand new to solaris but have had some experience with windoze.
  Basically my server has two nics
  sfe0 and sfe1
  sfe0 is connected through a switch to my private network 192.168.1.0 and has an address of 192.168.1.107
  sfe1 is connected to my DSL modem with network address 192.168.2.0 and an IP address of 192.168.2.3
  My DSL modem has a private address of 192.168.2.1 and a public address assigned by DHCP from my service provider.
  The problem is when I use my laptop to try connectivity to my solaris server I am able to ping both nic's but am unable to ping my DSL modem.
  Details of configurations.
  IFCONFIG
  # ifconfig -a
  lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index
  1
  inet 127.0.0.1 netmask ff000000
  sfe0: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 1500 index 2
  inet 192.168.1.10 netmask ffffff00 broadcast 192.168.1.255
  ether 0:7:95:cc:f9:4
  sfe1: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 1500 index 4
  inet 192.168.2.3 netmask ffffff00 broadcast 192.168.2.255
  ether 0:f:b5:8d:be:a6
  NETSTAT
  # netstat -r
  Routing Table: IPv4
  Destination Gateway Flags Ref Use Interface
  192.168.1.0 solarissvr U 1 5 sfe0
  192.168.2.0 solarissvrpublic U 1 0 sfe1
  base-address.mcast.net solarissvr U 1 0 sfe0
  localhost localhost UH 4 77 lo0
  ROUTEADM
  # routeadm
  Configuration Current Current
  Option Configuration System State
  IPv4 forwarding enabled enabled
  IPv4 routing default (enabled) enabled
  IPv6 forwarding disabled disabled
  IPv6 routing disabled disabled
  IPF.CONF
  # ipf.conf
  # IP Filter rules to be loaded during startup
  # See ipf(4) manpage for more information on
  # IP Filter rules syntax.
  map sfe1 192.168.1.0/24 -> 0/32
  PFIL.AP
  # IP Filter pfil autopush setup
  # See the autopush(1M) manpage for more information.
  # Format of the entries in this file is:
  #major minor lastminor modules
  #iprb -1 0 pfil
  #elxl -1 0 pfil
  #e1000g -1 0 pfil
  #bge -1 0 pfil
  #nf -1 0 pfil
  #fa -1 0 pfil
  #ci -1 0 pfil
  #el -1 0 pfil
  #ipdptp -1 0 pfil
  #lane -1 0 pfil
  #dnet -1 0 pfil
  #pcelx -1 0 pfil
  #spwr -1 0 pfil
  sfe -1 0 pfil
  Can anyone see anything wrong with this setup.
  Thank you in advance
  Jared

  Sorry forgot what you asked me.
  Netstat -rn yeilds
  Routing Table: IPv4
  Destination Gateway Flags Ref Use Interface
  192.168.1.0 192.168.1.10 U 1 2 sfe0
  192.168.2.0 192.168.2.3 U 1 1 sfe1
  224.0.0.0 192.168.1.10 U 1 0 sfe0
  default 192.168.2.1 UG 1 30
  127.0.0.1 127.0.0.1 UH 6 353 lo0
  and ping -s yeilds
  ----192.168.2.1 PING Statistics----
  177 packets transmitted, 177 packets received, 0% packet loss
  round-trip (ms) min/avg/max/stddev = 1.01/42483./1.22e+05/4.096e+04
  after 177 pings.
  Thanks mate.....does this help

• Another routing problem

  I just replaced a FreeBSD box with Solaris 10 x86 U5.
  I want my Windows boxes to reach internet thru Solaris. At the moment windows clients are able to ping both NICs on the Solaris. However, they can not ping default gateway of Solaris box. There is no problem on Solaris. I can reach internet without any problem.
  Before posting, I used routeadm and (1) I enabled only ipv4-forwarding (did not work), (2) I enabled only ipv4-routing (did not work), (3) I enabled both ipv4-forwarding & ipv4-routing (did not help)
  I also read about 5 pages of similar routing problems in forums. No clear solution is provided in any of them. I am posting this with the hope to find a solution.
  Some information about my network is as follows:
  bash-3.00# ifconfig -a
  lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
  inet 127.0.0.1 netmask ff000000
  bge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
  inet 192.168.2.2 netmask ffffff00 broadcast 192.168.2.255
  ether 0:1c:c4:31:5:fd
  e1000g0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
  inet 192.168.1.3 netmask ffffff00 broadcast 192.168.1.255
  ether 0:1b:21:15:15:29
  bash-3.00#
  bash-3.00# netstat -rn
  Routing Table: IPv4
  Destination Gateway Flags Ref Use Interface
  default 192.168.2.1 UG 1 15658
  192.168.1.0 192.168.1.3 U 1 177 e1000g0
  192.168.2.0 192.168.2.2 U 1 8 bge0
  127.0.0.1 127.0.0.1 UH 4 58 lo0
  bash-3.00#
  bash-3.00# routeadm
  Configuration Current Current
  Option Configuration System State
  IPv4 routing disabled disabled
  IPv6 routing disabled disabled
  IPv4 forwarding disabled disabled
  IPv6 forwarding disabled disabled
  Routing services "route:default ripng:default"
  Routing daemons:
  STATE FMRI
  disabled svc:/network/routing/legacy-routing:ipv4
  disabled svc:/network/routing/legacy-routing:ipv6
  disabled svc:/network/routing/ndp:default
  disabled svc:/network/routing/zebra:quagga
  disabled svc:/network/routing/rip:quagga
  disabled svc:/network/routing/ripng:default
  disabled svc:/network/routing/ripng:quagga
  disabled svc:/network/routing/ospf:quagga
  disabled svc:/network/routing/ospf6:quagga
  disabled svc:/network/routing/bgp:quagga
  disabled svc:/network/routing/rdisc:default
  disabled svc:/network/routing/route:default
  bash-3.00#
  bash-3.00# ndd -get /dev/ip ip_forwarding
  0
  bash-3.00#

  kucukoglu wrote:
  I just replaced a FreeBSD box with Solaris 10 x86 U5.
  I want my Windows boxes to reach internet thru Solaris. At the moment windows clients are able to ping both NICs on the Solaris. However, they can not ping default gateway of Solaris box. There is no problem on Solaris. I can reach internet without any problem.Does the outside world know how to route to the clients behind Solaris? I'll bet they do not.
  If that's true, then routing/forwarding isn't useful. You'll have to set up the Solaris box as a NAT gateway instead. Ipfilter can do that. There are several cookbooks for it.
  Before posting, I used routeadm and (1) I enabled only ipv4-forwarding (did not work), (2) I enabled only ipv4-routing (did not work), (3) I enabled both ipv4-forwarding & ipv4-routing (did not help)
  I also read about 5 pages of similar routing problems in forums. No clear solution is provided in any of them. I am posting this with the hope to find a solution.Your solution is fine for outbound packets (the clients use Solaris as a gateway and then it forwards them on to the internet). But for the return packet, that's not possible. There's no route published.
  Darren

• TV Guide fails - router problem?

  When the guide failed on our main TV is the family room, I tried trouble-shooting it -- no luck.  Then I "chatted" online with Verizon's "Raul" for two hours, trying everything he asked, including swapping the box with the one in the bedroom -- Raul thought it was the biox and gave me an 800 number to call to get a swap in boxes.  However, before the weekend is over, all but one TV has the same problem.  Right now, we get the guide on one TV and no guide on four TVs.
  I've worked on this all day so far today.  Verizon's In-Home Agent reports that none of the TVs have connectivity with the router.  So I've concentrated on that, I've unplugged the router and the boxes, reset the router, accessed the router's control panel to see it seems to be working well.  The only thing I can see wrong is this:  The router's "WAN Ethernet" light stays dark, though its "WAN Coax" light stays lit.  I wonder if this could be the problem; and, if so, how could I fix that?
  One thing worries me about a router problem, though: Why would I still have the guide on one of the six TVs?
  Anyone have a clue if I'm on the right track?
  Thanks,
  George

  Yes, sounds like a router problem.
  The STB has to download the program guide via the router. Each box should download 10 days worth of programing. So when the router goes out it could take as much as 10 days before the guide disappears. So the one box that still has the guide, was the last one to update and had more guide data stored than the others. It will go as well just given time.
  If you have rebooted and reset the router, then the problem is either you have a bad router or possibly a bad splitter. Either way, you need to call tech support so they can get a tech out.
  ====================================================================================
  Error exists between keyboard and chair.

• Router problems how can I connect direct

  I am continually having router problems from my service provider. How can i connect my printer directly to my computer? Thanks

  Hi,
  You need a printer which supports this first and then use the following instructions:
       http://www8.hp.com/au/en/campaigns/wireless-printing-center/wireless-direct.html
  Regards.
  BH
  **Click the KUDOS thumb up on the left to say 'Thanks'**
  Make it easier for other people to find solutions by marking a Reply 'Accept as Solution' if it solves your problem.

• Mysterious routing problem / interface determination

  Hi,
  I have a very very strange routing problem with XI.
  A message is sent from R/3 to XI and then send via adapter to an external party. The routing is configured well. But sometimes I have the following problem:
  A message is received by XI (from R/3). The receiver is determinated. Although an interface determination and receiver agreement is configured, the trace shows "no interface determination fpr party xyz and service abc found". The very strange thing is that finally the receiver interface DELINS.DELFOR01 with namespace urn:sap-com:document:sap:idoc:messages is set!!
  Finally, the error message is "no receiver agreement found for "... DELINS.DELFOR01, urn:sap-com:document:sap:idoc:messages", which is reasonable because this receiver interface has never ever been configured!
  Any idea why the interface determination cannot be found and nevertheless a completely wrong receiver interface is set?
  This error occurs just sometimes for certain partners, but not always with all messages for these partners!
  Help appreciated!
  Christopher

  Hi,
  all routing objects are 100% correct. Particularly the receiver service has definitely no DELINS.DELFOR01 interface, but nevertheless the Integration Runtime tries to send the message to this interface. Another strange thing is that in the trace there is the warning "no interface determination for party xxx and service xxx found".
  By the way: The Receiver Determination was configured to terminate message processing when no receiver can be found.
  CHRIS

• On the continuing saga of third party router problems......

  I got an Apple TV which works great with my wireless Airport WDS, but then I was looking into any problems people could be having with it and ran into this:
  http://discussions.apple.com/thread.jspa?threadID=901401&tstart=0
  Check the third party router problems where Airports worked great.
  Networking is ...networking, but you also get what you pay for.

  Hi mgrant,
  The information at the bottem of the article in in Keith_Beddoe's personal website may help. Link: Using your own router for Infinity
  The MTU Size needs to be set as 1492
  Cheers
  jac_95 | BT.com Help Site | BT Service Status
  Someone Solved Your Question?
  Please let other members know by clicking on ’Mark as Accepted Solution’
  Try a Search
  See if someone in the community had the same problem and how they got it resolved.

• E2000 + WAG160N routing problem?

  Hi all,
  I have a new E2000 router with address 192.168.0.1 connected to a WAG160N Modem router with address 192.168.1.1
  and several computers at each router.  All have DHCP activated and wifi active and working.
  The cascading connection between both devices seems working well only in one direction.
  All seems ok as I can access to internet from any computer. Also, computers connected to E2000 have accces 
  to computers on WAG160N modem BUT computers connected at modem do NOT have access to computer at router.
  In fact from a computer connected to the E2000 I can configure the web interface of the E2000 and also the WAG160N
  but from a computers connected at WAG160N I have access only to this interface but not to the E2000 interface.
  I don't know if could be a routing problem. Any help will be appreciated.
  Thanks in advance,
  Marti

  The E2000 is configured to do NAT and thus protects the LAN from the internet side. If it was easily accessible your WAG LAN would be easily accessible from the internet.
  You want to set up the E2000 as simple access point:
  Unplug the E2000 from the WAG160N and open the web interface of the E2000 from a computer wired to the E2000.
  On the main setup page
  1. change the internet connection type to Automatic/DHCP (in case you have changed it).
  2. change the LAN IP address from 192.168.0.1 to 192.168.1.2.
  3. Disable the DHCP server.
  4. Save settings.
  Unplug the computer.
  Now wire one of the numbered LAN ports of the E2000 to the WAG160N. Don't use the internet port on the E2000.
  That's the best setup you can do with your two routers... The E2000 is only used as simple access point and ethernet switch.

• Route problem

  Hi all,  I am new to this forum and also new to Archlinux. I have been using SuSE for 4 years and learned how to use that gui. I never learned the grassroot of linux though. I completed the install on my TPad 600e without any problem at all. I am using a old orinoco gold that has been my standby forever. I have googled and searched this forum for several hours and tried all the suggestions I came across. My problem seems to be the same as many others have had. I had originally thought it was a route problem, but the output or netstat -nr is exactly the same as the output on my SuSE computer. I am not good with words, but let me try a description.
  I cannot connect to my home lan at all. I have assigned a static ip and the output of iwconfig verifies that it is correct as I have assigned. When I try to ping my router the system returns the famous "Destination Host Unreachable" As mentioned I have tried to setup my default gateway and it is identical to the the output from my SuSE computer. When I try a dhcp setup and do a network restart the restart always fails. I have gone over and over my conf files looking for a fatfinger mistake but all looks exactly the way the examples I have searched up and I cannot see any typos. I would like to get this figured out for myself but I am out of clues on where to look and would appreciate new ideas.
  It is as if there is a firewall in place, but this is a straight from the CD basic install to which I have installe the network section.
  I really need to be pointed in a new direction.
  David

  ralvez wrote:Here ... my IP is 192.168.1.21 try to reach me 
  Gotcha!
  PING 192.168.1.21 (192.168.1.21) 56(84) bytes of data.
  64 bytes from 192.168.1.21: icmp_seq=1 ttl=64 time=5.21 ms
  64 bytes from 192.168.1.21: icmp_seq=2 ttl=64 time=3.62 ms
  64 bytes from 192.168.1.21: icmp_seq=3 ttl=64 time=7.20 ms
  64 bytes from 192.168.1.21: icmp_seq=4 ttl=64 time=4.03 ms
  64 bytes from 192.168.1.21: icmp_seq=5 ttl=64 time=5.38 ms
  64 bytes from 192.168.1.21: icmp_seq=6 ttl=64 time=5.31 ms
  64 bytes from 192.168.1.21: icmp_seq=7 ttl=64 time=5.33 ms
  64 bytes from 192.168.1.21: icmp_seq=8 ttl=64 time=5.31 ms
  64 bytes from 192.168.1.21: icmp_seq=9 ttl=64 time=4.83 ms
  64 bytes from 192.168.1.21: icmp_seq=10 ttl=64 time=4.84 ms
  64 bytes from 192.168.1.21: icmp_seq=11 ttl=64 time=4.12 ms
  64 bytes from 192.168.1.21: icmp_seq=12 ttl=64 time=8.28 ms
  64 bytes from 192.168.1.21: icmp_seq=13 ttl=64 time=5.25 ms
  64 bytes from 192.168.1.21: icmp_seq=14 ttl=64 time=5.24 ms
  64 bytes from 192.168.1.21: icmp_seq=15 ttl=64 time=4.21 ms
  64 bytes from 192.168.1.21: icmp_seq=16 ttl=64 time=5.20 ms
  64 bytes from 192.168.1.21: icmp_seq=17 ttl=64 time=4.19 ms
  64 bytes from 192.168.1.21: icmp_seq=18 ttl=64 time=6.17 ms
  --- 192.168.1.21 ping statistics ---
  18 packets transmitted, 18 received, 0% packet loss, time 17096ms
  rtt min/avg/max/mdev = 3.624/5.212/8.288/1.101 ms
  OK - fun's over. Spotslayer, can you post the output of ifconfig and iwconfig? (and don't mind ralvez - hide anything you want )

• Solaris 10 routing problems

  Anyone have routing working on Solaris 10?
  Running S10_72 on a Dell Gx110 w/ 2 NICs. Trying to set it up to replace my Netgear router (and eventually configure IPv6 tunnel). having problems getting it to route packets. I turned off all of my ipfilters for debugging.
  2 networks 10.10.1.x and 10.1.1.x no routing daemon, just static routes
  Here are the parts of the ifconfig that matter, the output from routeadm and the routing table, along with a ping to hosts on each side and a tcpdump from the input interface elxl0 (the packets to be routed arrive here) the tcpdump on the side the packets should come out is empty (there are DNS packets and the like from the host, but no routed packets). What am I missing here?
  elxl0: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4>
  inet 10.1.1.1 netmask ffffff00 broadcast 10.1.1.255
  ether 0:b0:d0:85:e0:b4
  iprb0: flags=1104843<UP,BROADCAST,RUNNING,MULTICAST,DHCP,ROUTER,IPv4 >
  inet 10.10.1.67 netmask ffffff00 broadcast 10.10.1.255
  ether 0:a0:c9:98:1d:6b
  # routeadm
  Configuration Current Current
  Option Configuration System State
  IPv4 forwarding enabled enabled
  IPv4 routing default (disabled) disabled
  IPv6 forwarding disabled disabled
  IPv6 routing disabled disabled
  IPv4 routing daemon "/usr/sbin/in.routed"
  IPv4 routing daemon args ""
  IPv4 routing daemon stop "kill -TERM `cat /var/tmp/in.routed.pid`"
  IPv6 routing daemon "/usr/lib/inet/in.ripngd"
  IPv6 routing daemon args "-s"
  IPv6 routing daemon stop "kill -TERM `cat /var/tmp/in.ripngd.pid`"
  Routing Table: IPv4
  Destination Gateway Flags Ref Use Interface
  10.10.1.0 10.10.1.67 U 1 26 iprb0
  10.1.1.0 10.1.1.1 U 1 2 elxl0
  224.0.0.0 10.10.1.67 U 1 0 iprb0
  default 10.10.1.1 UG 1 1 iprb0
  127.0.0.1 127.0.0.1 UH 7 7281 lo0
  PING 10.10.1.1: 56 data bytes
  64 bytes from 10.10.1.1: icmp_seq=0. time=1.67 ms
  ----10.10.1.1 PING Statistics----
  1 packets transmitted, 1 packets received, 0% packet loss
  round-trip (ms) min/avg/max/stddev = 1.54/1.61/1.67/-NaN
  PING 10.1.1.2: 56 data bytes
  64 bytes from 10.1.1.2: icmp_seq=0. time=0.659 ms
  ----10.1.1.2 PING Statistics----
  1 packets transmitted, 1 packets received, 0% packet loss
  round-trip (ms) min/avg/max/stddev = 0.592/0.625/0.659/-NaN
  tcpdump -vv -e -i elxl0
  15:24:17.414252 00:c0:9f:20:16:a8 > 00:b0:d0:85:e0:b4, ethertype IPv4 (0x0800), length 98: IP (tos 0x0, ttl 64, id 0, offset 0, flags &#91;DF&#93;, length: 84) 10.1.1.2 > 10.10.1.1: icmp 64: echo request seq 30213

  Hi,
  I have a Sunfire V100 - and have the exact same problem. The settings are correct; I have configure dual-NIC cards many times in the past - but this issue is simply eluding me. I can swap in a Linux machine in router / ip forwarding mode and there are no problems, but when I put back in the Sunfire I encounter the same issues you have.
  In effect, packets from the LAN arrive at the NIC on the Solaris machine, but then don't get forwarded to the other NIC's gateway. I'm at a loss, but I have seen this problem pop-up (without answer) a half-dozen times in this forum alone, and multiple times on different support sites. Did you (or anyone) ever come across a solution for this? Is this not some easily overlooked yet possibly cryptic flag or variable that I've missed? Anyone?

• Configuring Solaris 8 Sparc w/router and cable modem

  I recently purchased a Sun Ultra 10 with Solaris 7
  pre-installed. I decided to immediately upgrade to
  Solaris 8. The operating system has installed properly
  so far.
  However, I'm at the point now where I am entering
  information to allow Solaris to connect to my network
  and thus the Internet, and the combinations I have tried
  don't work.
  I use a cable modem service with a Netgear RT314
  four-port router. It functions in a standard way - the
  cable modem is 192.168.0.1 and shows up on my
  WinXP PC (in ipconfig /all) as the DNS server and
  gateway server. On the PC, for "Connection-specific
  DNS suffix", I see nc.rr.com (my ISP).
  Solaris 8 wants to know my domain name, as well as
  my DNS server. I don't know what domain name to give
  it. I have tried nc.rr.com, but when I enter that plus
  192.168.0.1 as the DNS server, I end up receiving this
  message: ""Unable to find an entry for dchppc3 with the
  specified DNS configuration."
  I have been afraid to move beyond this point, although
  it's possible that it will work properly and just isn't
  receiving the confirmation it expects.
  Any suggestions would be welcome, either in this forum
  or emailed to me. My address is [email protected]
  Thanks.

  I decided to plow ahead with the installation. It works
  properly within my local network - I can ping dchp
  addresses and view Web files from my local server
  using 192.168.0.3 (that machine's dchp address).
  However, it can't get to the Internet. So my problem
  now is that I can see the router, but can't see the
  Internet services that the router provides to the other
  computers on my network. Presumably, I need to
  alter my DNS settings ... however, on my PCs, I seem
  to simply use the router (192.168.0.1) as the DNS, and
  it properly passes the request along to my cable modem
  provider. Why would this work for the PCs but not for
  Solaris 8? Thanks -

• Solaris 10 x86 ipfilter aggr problem

  Hi, all.
  I have Solaris 10 x86 machine
  Kernel Patch: 142910-17
  IP patch: 143593-05
  The problem shortly:
  I am using two network LACP interfaces
  aggr125030 contains e1000g1 interface
  aggr150031 contains e1000g2 interface
  Aggregation 31 was created by:
  dladm create-aggr -P L3 -l active -T short -d e1000g2 31
  and works fine.
  If I add policy based routing rule:
  pass out quick on aggr125030 to aggr150031:y.y.y.y proto tcp from x.x.x.x/32 to any port = 25 keep state
  traffic matches the rule (it is observed through ipfstat -inohv command) but the rule doesn't work.
  How did I decide? I have also ipnat rule
  map aggr150031 <skipped>
  so if PBR works, the ipnat rule is working too.
  If I remove the second aggregation interface aggr150031 and pass the physical interface explicitly, the rule works:
  pass out quick on aggr125030 to e1000g2:y.y.y.y proto tcp from x.x.x.x/32 to any port = 25 keep state
  as well as the ipnat's one.
  x.x.x.x is IP address of e1000g2 interface (or aggr150031)
  y.y.y.y is IP address of router for x.x.x.x IP address
  It seems that PBR for Ipfilter doesn't support aggregation interfaces for outbound.
  Also if you combine vlans 125 and 150 withing one LACP (aggr150031 is replaced by aggr150030 and one physical interface is used for both vlans trunking), the PBR rule doesn't work too.
  What shall I do?

  The problem was caused by the ipfilter behavior - ignorance of interface alias. My ipnat rule was:
  map aggr150031:1 ...
  I have changed into:
  map aggr150031 ...
  and the things began to work.
  Sorry for the noise.

• Solaris 10: Unable to route to Internet

  Folks,
  I installed Solaris 10 on Sun Ultra 30. Server is up & everything looks good, except I am not able to connect to Internet from Ultra30.
  Problem is not in Name Resolution, but in routing to external network. At least it so seems.
  At my home, it's a typical cable modem & Netgear router setup. I reserved the IP (192.168.1.3) for the MAC address of Ultra30 @ my router and used that IP address on Ultra30 setup.
  I am able to reach to this node from the other nodes, connected to same router, by telnet/ftp etc. Those nodes are able to go to Internet without any problem. I am able to ping from Ultra30 to the Dynamic IP address of other nodes on the same network.
  Here is the output of various commands.
  # ifconfig -a
  lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
       inet 127.0.0.1 netmask ff000000
  hme0: flags=1104843<UP,BROADCAST,RUNNING,MULTICAST,DHCP,ROUTER,IPv4> mtu 1500 index 2
       inet 192.168.1.3 netmask ffffff00 broadcast 192.168.1.255
       ether 8:0:20:9a:e5:ba
  # netstat -rn
  Routing Table: IPv4
  Destination Gateway Flags Ref Use Interface
  192.168.1.0 192.168.1.3 U 1 2 hme0
  224.0.0.0 192.168.1.3 U 1 0 hme0
  default 192.168.1.1 UG 1 0 hme0
  127.0.0.1 127.0.0.1 UH 2 30 lo0
  # cat /etc/defaultrouter
  192.168.1.1
  # cat /etc/resolv.conf
  nameserver 192.168.1.1
  # ping 192.168.1.1 ---> Router's IP address
  192.168.1.1 is alive
  # ping 192.168.1.2 ---> PC on same network
  192.168.1.2 is alive
  # ping -v -s -R 75.75.xx.yyy ----> Dynamic address of the above PC
  PING 75.75.xx.yyy: 56 data bytes
  64 bytes from c-75-75-xx-yyy.hsd1.va.comcast.net (75.75.xx.yyy): icmp_seq=0. time=1.50 ms
  IP options: <record route> c-75-75-xx-yyy.hsd1.va.comcast.net (75.75.xx.yyy), Ultra30 (192.168.1.3), (End of record)
  ----75.75.xx.yyy PING Statistics----
  8 packets transmitted, 8 packets received, 0% packet loss
  round-trip (ms) min/avg/max/stddev = 0.872/1.09/2.39/0.53
  # traceroute www.sun.com
  traceroute to www.sun.com (72.5.124.61), 30 hops max, 40 byte packets
  1 192.168.1.1 (192.168.1.1) 1.181 ms 0.823 ms 0.711 ms
  2 * * *
  3 * * *
  4 * * *
  5 *^C#
  # nslookup www.sun.com
  Server: 192.168.1.1
  Address: 192.168.1.1#53
  Non-authoritative answer:
  Name: www.sun.com
  Address: 72.5.124.61
  # ping -v -s -R 72.5.124.61 ---> Ip address of www.sun.com
  PING 72.5.124.61: 56 data bytes
  ^C
  ----72.5.124.61 PING Statistics----
  19 packets transmitted, 0 packets received, 100% packet loss
  # routeadm
  Configuration Current Current
  Option Configuration System State
  IPv4 forwarding disabled disabled
  IPv4 routing default (disabled) disabled
  IPv4 routing daemon "/usr/sbin/in.routed"
  IPv4 routing daemon args ""
  IPv4 routing daemon stop "kill -TERM `cat /var/tmp/in.routed.pid`"
  I tried with forwarding & routing enabled also. But no change.
  Any help is appreciated.
  -- skvvsk

  I have a similar problem. In my case, the issue is in the resolv.conf file which is setup with the ISP router address (192.168.1.3) by the Solaris installation procudure.
  # cat /etc/resolv.conf
  192.168.1.3
  However, the routing by DNS does not work with this. So I edit the resolv.conf file to have this:
  # cat /etc/resolv.conf
  nameserver 192.168.1.3
  The entry name the address of the primary DNS.
  Of course, this assuming that you have already edit the nsswitch.conf
  Do a check:
  # more /etc/nsswitch.conf | grep hosts
  # “hosts:” and “services:” in this file are used only if the
  hosts: files dns
  If you only see "hosts: files" in the last line, edit the file and add " dns" to that line.

• Solaris 8 Installation on Intel - PROBLEM

  Hi,
  I am trying to load Solaris 8 on Intel machine , 810 motherboard , 128MB SDRAM , 20GB HDD
  but whenever I try to load with CD-1 I have a problem like Webstart Installation 3.00 start and when he ask me language , after that message comes no hardisk foung and it stop immediately at # prompt.
  Whenevr I start with CD-2 , he ask me for Interactive / Jump Start , I choose Interactive , it start laoding KERNAL and machine automatically reboot , again reinstall , at that same point machine reboot.
  Tell me what to do , I cant go ahead , I want to load Solaris 8 , and see ..
  HELP MEEEEEEEEEEEEE.
  Regards,
  Mahen.

  I think the problem source is the BIOS ACPI Power Manager, many of motherboards ACPI always let the system auto-reboot during loaded the OS kernel.
  I had tried to install Windows2000 and Solaris8 10/01 on Intel 810 MB, the system always rebooted again and again, I suppose that may be some bugs on 810 chipset !!
  Try to reconfigure the BIOS ACPI function, such disable it.
  But, I'm not sure that is work for your case.....

• ASA Routing problems?

  Hi there,
  i have a problem with Routing on ASA 5505.
  Here is a brief explanation of the topology:
  DC Upstream IP: 77.246.165.141/30
  ASA 5505 Upstream to DC IP: 77.246.165.142/30
  Interface outside.
  There is a Cisco Switch connected to one of ASA Ethernet ports, forming Public/DMZ VLAN.
  ASA 5505 Public VLAN interface ip: 31.24.36.1/26
  Cisco 3750 Public VLAN interface ip: 31.24.36.62, default gateway: 31.24.36.1, IP Routing enabled on Switch.
  From the Cisco Switch I can access the Internet with source ip: 31.24.36.62.
  Now I have asked from DC additional subnet: 31.24.36.192/26 and they have it routed correctly towards the ASA Outside interface ip: 77.246.165.142.
  I have created additional Public2 VLAN on the Switch with IP address of: 31.24.36.193/26.
  On the ASA 5505 i added the route to this Public2 VLAN:
  #route public 31.24.36.192 255.255.255.192 31.24.36.62 1
  Now the problem is that from the Switch with Source IP: 31.24.36.193 i can ping ASA 5505 Public VLAN IP: 31.24.36.1 so the routing between subnets 31.24.36.0/26 and 31.24.36.192/26 is working OK on both the ASA 5505 and the Switch.
  But I can't access the Internet from the Switch with Source IP: 31.24.36.193.

  Thanks for the replies.
  I am running:
  Cisco Adaptive Security Appliance Software Version 8.2(2)
  As for NAT configuration, there is NAT configured between the Outside Interface IP and the Internal Subnet:
  global (outside) 1 interface
  nat (inside) 1 192.168.X.0 255.255.255.0
  nat (inside) 1 0.0.0.0 0.0.0.0
  also there is NAT exemption configured because of the Site-to-Site IPSec VPN that we have:
  nat (inside) 0 access-list inside_nat0_outbound1
  access-list inside_nat0_outbound1 extended permit ip any 192.168.X.0 255.255.255.0
  access-list inside_nat0_outbound1 extended permit ip 192.168.X.0 255.255.255.0 OtherSiteLAN 255.255.255.0
  access-list inside_nat0_outbound1 extended permit ip any 192.168.X.240 255.255.255.248
  access-list inside_nat0_outbound1 extended permit ip 192.168.X.0 255.255.255.128 OtherSiteLAN 255.255.255.0
  I don't have any ACL configured on the Public interface in any direction.
  Here is the configuration on the Switch regarding this scenario:
  interface FastEthernet2/0/X
  description Access Port for Public Subnet(31.24.32.0/26) to ASA
  switchport access vlan 500
  switchport mode access
  interface Vlan500
  description Public VLAN 1
  ip address 31.24.36.62 255.255.255.192
  interface Vlan510
  description Public VLAN 2
  ip address 31.24.36.193 255.255.255.192
  ip route 0.0.0.0 0.0.0.0 31.24.36.1
  Here is the output when pinging the ASA Public Interface IP with source IP address of: 31.24.36.193(VLAN 510)
  SWITCH#ping 31.24.36.1 source vlan 510
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 31.24.36.1, timeout is 2 seconds:
  Packet sent with a source address of 31.24.36.193
  Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms
  And here is when I try to ping some Internet host:
  SWITCH#ping 8.8.8.8 source vlan 510
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
  Packet sent with a source address of 31.24.36.193
  Success rate is 0 percent (0/5)