General Linux Chat and Small Questions v. Year of the Linux Desktop!
4,886 replies, posted
[QUOTE=Giraffen93;50702091][t]https://rp.braxnet.org/scr/1468412922337.png[/t]
no change
windows does, why shouldn't linux - the one that's recommended for networking? having multiple nic's on multiple subnets shouldn't be a problem honestly[/QUOTE]
Postfix and most other "Windows" networking tools literally just use Cywgin (Linux environment) on the backend; I'm pretty sure the problem is on your end. My guess would be that through Cywgin only your default gateway is exposed, avoiding the problem of your current improper setup.
[QUOTE=Dr. Evilcop;50703195]Postfix and most other "Windows" networking tools literally just use Cywgin (Linux environment) on the backend; I'm pretty sure the problem is on your end. My guess would be that through Cywgin only your default gateway is exposed, avoiding the problem of your current improper setup.[/QUOTE]
i'm not using windows, but i might as well put cygwin and postfix on the windows server instead
Via Ubuntu Bash for Windows
[img]http://i.imgur.com/jOF96n4.png[/img]]
[B][I]WHEN WORLDS COLLIDE[/I][/B]
it seems like windows users are intrigued about linux but they keep using the wrong tools to enjoy them.
[img]https://rp.braxnet.org/scr/1468593491645.png[/img]
~the magic command~
took over 15 hours to find
[editline]e[/editline]
nope fuck you linux, now the external nic doesn't work
this is such a terrible system
[code]root:~# ip route flush table all
root:~# man route
# example
root:~# route add -net default gw xx.xx.xx.xx metric 0 dev eth0
root:~# route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1 metric 0 dev eth0[/code]
This will completely wipe out your routing table and replace it with a simple one that should work (and if it doesn't this never will). Source: I had to do the same shit once. Remember to bring your interfaces down while you do this.
[editline]15th July 2016[/editline]
Also, you're going to want to configure your DHCP client to ignore the routes your networks send you.
[QUOTE=lavacano;50715683][code]root:~# ip route flush table all
root:~# man route
# example
root:~# route add -net default gw xx.xx.xx.xx metric 0 dev eth0
root:~# route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1 metric 0 dev eth0[/code]
This will completely wipe out your routing table and replace it with a simple one that should work (and if it doesn't this never will). Source: I had to do the same shit once. Remember to bring your interfaces down while you do this.
[editline]15th July 2016[/editline]
Also, you're going to want to configure your DHCP client to ignore the routes your networks send you.[/QUOTE]
thanks, kind of a problem though due to how the server is locked in a not-so-convenient place at work, and i'm home for the weekend too :v:
dhcp client as on the server? it's a static ip setup
need some help. I want to install AMD drivers on Ubuntu, but when i run the program the window freezes and does nothing.
[QUOTE=EddieLTU;50715783]need some help. I want to install AMD drivers on Ubuntu, but when i run the program the window freezes and does nothing.[/QUOTE]
What program? How exactly did you try to install it?
[QUOTE=Dr. Evilcop;50715941]What program? How exactly did you try to install it?[/QUOTE]
i clicked the .run file that came with the archive
[QUOTE=EddieLTU;50716251]i clicked the .run file that came with the archive[/QUOTE]
Yeah, don't try that way first.
[url]https://help.ubuntu.com/community/BinaryDriverHowto/AMD[/url]
Try getting it from the "Additional Drivers" program built into Ubuntu (this is the first place to check), and if that doesn't work, then try the command line way.
Linux isn't like Windows where you go directly to the manufacturer's website to get a driver that isn't already included; usually you'll want to check for a wiki article (from your distribution's wiki, or in ubuntu's case, the help pages) for the hardware, and usually it'll tell you to install it from the distro's repositories. Ubuntu in particular also has the additional drivers utility for proprietary drivers e.g. AMD video card drivers.
[QUOTE=Giraffen93;50714989][img]https://rp.braxnet.org/scr/1468593491645.png[/img]
~the magic command~
took over 15 hours to find
[editline]e[/editline]
nope fuck you linux, now the external nic doesn't work
this is such a terrible system[/QUOTE]
Why do you subject yourself to Linux if this is such a terrible system? Windows and/or other solutions are very much able to work as a host for a spam filter as well.
Don't take this wrong, but if you do not have experience needed and the willpower to learn it then it's better to use a platform that may serve your needs with less of a learning curve.
However if you want to learn, and our help with fixing your issues then please leave your ranting at the door, it's of no use.
It would be helpful if you could post the output of the following commands on pastebin.com or something similar:
sudo route
ip addr
ip link
iptables -L -n
cat /etc/network/interfaces
Also, how is your network set up and what are you attempting to achieve?
Also, earlier you mentioned that postfix was the cause to your issues, have you tried a different MTA (ex. Exim)?
[QUOTE=Anderen2;50716486]Why do you subject yourself to Linux if this is such a terrible system?[/QUOTE]
because the software i want doesn't exist on Windows or isn't free.
postfix wasn't the cause of it, this was
[code]sudo route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default XX.XX.XX.129 0.0.0.0 UG 0 0 0 eth0
XX.XX.XX.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.252.0 U 0 0 0 eth2
192.168.0.0 0.0.0.0 255.255.252.0 U 0 0 0 eth1[/code]
[code]sudo ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether f8:d1:11:b5:20:47 brd ff:ff:ff:ff:ff:ff
inet XX.XX.XX.185/24 brd XX.XX.XX.255 scope global eth0
inet6 fe80::fad1:11ff:feb5:2047/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:23:cd:b1:a8:9e brd ff:ff:ff:ff:ff:ff
inet 192.168.1.45/22 scope global eth1
inet6 fe80::223:cdff:feb1:a89e/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 90:2b:34:33:ea:0e brd ff:ff:ff:ff:ff:ff
inet 192.168.1.116/22 scope global eth2
[/code]
[code]sudo ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether f8:d1:11:b5:20:47 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 00:23:cd:b1:a8:9e brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 90:2b:34:33:ea:0e brd ff:ff:ff:ff:ff:ff[/code]
[code] sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination[/code]
[code]cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# outside
auto eth0
iface eth0 inet static
address XX.XX.XX.185
netmask 255.255.255.0
gateway XX.XX.XX.129
# inside 1
auto eth1
iface eth1 inet static
address 192.168.1.45
netmask 255.255.252.0
# inside 2
auto eth2
iface eth2 inet static
address 192.168.1.116
netmask 255.255.252.0
[/code]
this server has two nics, with one cable connected to the inside lan and one to the internet directly.
i want port 25 of our firewall forwarded to the internal ip address which then sends it to our real mail server. i've accomplished this but then the external nic doesn't work
[QUOTE=Giraffen93;50716558]because the software i want doesn't exist on Windows or[B] isn't free.[/B]
postfix wasn't the cause of it, this was
[code]sudo route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default XX.XX.XX.129 0.0.0.0 UG 0 0 0 eth0
XX.XX.XX.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.252.0 U 0 0 0 eth2
192.168.0.0 0.0.0.0 255.255.252.0 U 0 0 0 eth1[/code]
[code]sudo ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether f8:d1:11:b5:20:47 brd ff:ff:ff:ff:ff:ff
inet XX.XX.XX.185/24 brd XX.XX.XX.255 scope global eth0
inet6 fe80::fad1:11ff:feb5:2047/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:23:cd:b1:a8:9e brd ff:ff:ff:ff:ff:ff
inet 192.168.1.45/22 scope global eth1
inet6 fe80::223:cdff:feb1:a89e/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 90:2b:34:33:ea:0e brd ff:ff:ff:ff:ff:ff
inet 192.168.1.116/22 scope global eth2
[/code]
[code]sudo ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether f8:d1:11:b5:20:47 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 00:23:cd:b1:a8:9e brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 90:2b:34:33:ea:0e brd ff:ff:ff:ff:ff:ff[/code]
[code] sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination[/code]
[code]cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# outside
auto eth0
iface eth0 inet static
address XX.XX.XX.185
netmask 255.255.255.0
gateway XX.XX.XX.129
# inside 1
auto eth1
iface eth1 inet static
address 192.168.1.45
netmask 255.255.252.0
# inside 2
auto eth2
iface eth2 inet static
address 192.168.1.116
netmask 255.255.252.0
[/code]
this server has two nics, with one cable connected to the inside lan and one to the internet directly.
i want port 25 of our firewall forwarded to the internal ip address which then sends it to our real mail server. i've accomplished this but then the external nic doesn't work[/QUOTE]
isn't this an enterprise environment?
you make a purchase request and then someone with a company card buys it for you
[QUOTE=LordCrypto;50716584]isn't this an enterprise environment?
you make a purchase request and then someone with a company card buys it for you[/QUOTE]
we don't have unlimited money, we're already struggling due to us having to build a new server and start using vm shit, since microsoft makes so you can't upgrade windows server if you put exchange on it, it's so primitive
Didn't you say you were going to use postfix with cywgin on your windows server or something? What happened to that?
You keep blaming Linux for [I]your[/I] shitty setup. It's pretty annoying, especially when you apparently couldn't be assed to read an article about gateways earlier.
[QUOTE=Giraffen93;50716617]we don't have unlimited money, we're already struggling due to us having to build a new server and start using vm shit, since microsoft makes so you can't upgrade windows server if you put exchange on it, it's so primitive[/QUOTE]
why are you not using an actual gateway system rather than a cobbled together iptables thing
[QUOTE=Dr. Evilcop;50716649]Didn't you say you were going to use postfix with cywgin on your windows server or something? What happened to that?
You keep blaming Linux for [I]your[/I] shitty setup. It's pretty annoying, especially when you apparently couldn't be assed to read an article about gateways earlier.[/QUOTE]
i felt it would be very cumbersome to have the server send the mail back to itself on another port, it would just be really weird
the whole thing would work if both network adapters worked
what article?
[QUOTE=LordCrypto;50716708]why are you not using an actual gateway system rather than a cobbled together iptables thing[/QUOTE]
i'm not using iptables, i don't even know how they work
how would a gateway system work then?
i'm like 90% positive with my limited linux networking experience this is not gonna work and you should burn it all to the ground and buy an actual enterprise gateway
[QUOTE=Giraffen93;50716558]because the software i want doesn't exist on Windows or isn't free.
postfix wasn't the cause of it, this was
[code]sudo route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default XX.XX.XX.129 0.0.0.0 UG 0 0 0 eth0
XX.XX.XX.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.252.0 U 0 0 0 eth2
192.168.0.0 0.0.0.0 255.255.252.0 U 0 0 0 eth1[/code]
[code]sudo ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether f8:d1:11:b5:20:47 brd ff:ff:ff:ff:ff:ff
inet XX.XX.XX.185/24 brd XX.XX.XX.255 scope global eth0
inet6 fe80::fad1:11ff:feb5:2047/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:23:cd:b1:a8:9e brd ff:ff:ff:ff:ff:ff
inet 192.168.1.45/22 scope global eth1
inet6 fe80::223:cdff:feb1:a89e/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 90:2b:34:33:ea:0e brd ff:ff:ff:ff:ff:ff
inet 192.168.1.116/22 scope global eth2
[/code]
[code]sudo ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether f8:d1:11:b5:20:47 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 00:23:cd:b1:a8:9e brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 90:2b:34:33:ea:0e brd ff:ff:ff:ff:ff:ff[/code]
[code] sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination[/code]
[code]cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# outside
auto eth0
iface eth0 inet static
address XX.XX.XX.185
netmask 255.255.255.0
gateway XX.XX.XX.129
# inside 1
auto eth1
iface eth1 inet static
address 192.168.1.45
netmask 255.255.252.0
# inside 2
auto eth2
iface eth2 inet static
address 192.168.1.116
netmask 255.255.252.0
[/code]
this server has two nics, with one cable connected to the inside lan and one to the internet directly.
i want port 25 of our firewall forwarded to the internal ip address which then sends it to our real mail server. i've accomplished this but then the external nic doesn't work[/QUOTE]
Hmm, forwarded?
Forwarded in an network context would suggest that you want to set up a gateway (Which forwards traffic through it).
If I'm not mistaken, you only want to set up a MTA "chain" in front of the existing mail infrastructure that filters away spam? No gateway stuffs right?
Also, as far as I see in that setup the link is online on eth0 (Which you have marked outside / external(?) ) and it's currently attached to the IP with the gateway and subnet you've requested in the /etc/network/interfaces configuration.
Neither is there any "firewall" blocks set up in iptables.
Are you sure that you got the settings right?
You mention that it's connected to the internet "directly", how "directly" is this? Is there a company firewall, router, or modem in front? Or is this server connected straight to the ISP line?
[editline]15th July 2016[/editline]
[QUOTE=LordCrypto;50716781]i'm like 90% positive with my limited linux networking experience this is not gonna work and you should burn it all to the ground and buy an actual enterprise gateway[/QUOTE]
Using a Linux host as a gateway is perfectly doable and stable (however most sane people use BSD or a dedicated gateway appliance).
However I think what he means is a MTA chain or something like that.
[editline]15th July 2016[/editline]
Also, as a final note, there are no need to mask (XX.XX.XX.185) IP addresses if they are in a local network. None of us would ever be able to misuse that in any way, even if we knew what company this was for.
[QUOTE=LordCrypto;50716781]i'm like 90% positive with my limited linux networking experience this is not gonna work and you should burn it all to the ground and buy an actual enterprise gateway[/QUOTE]
yeah especially when those cost more than our yearly budget combined
[QUOTE=Anderen2;50716791]Hmm, forwarded?
Forwarded in an network context would suggest that you want to set up a gateway (Which forwards traffic through it).
If I'm not mistaken, you only want to set up a MTA "chain" in front of the existing mail infrastructure that filters away spam? No gateway stuffs right?
Also, as far as I see in that setup the link is online on eth0 (Which you have marked outside / external(?) ) and it's currently attached to the IP with the gateway and subnet you've requested in the /etc/network/interfaces configuration.
Neither is there any "firewall" blocks set up in iptables.
Are you sure that you got the settings right?
You mention that it's connected to the internet "directly", how "directly" is this? Is there a company firewall, router, or modem in front? Or is this server connected straight to the ISP line?
[editline]15th July 2016[/editline]
Using a Linux host as a gateway is perfectly doable and stable (however most sane people use BSD or a dedicated gateway appliance).
However I think what he means is a MTA chain or something like that.
[editline]15th July 2016[/editline]
Also, as a final note, there are no need to mask (XX.XX.XX.185) IP addresses if they are in a local network. None of us would ever be able to misuse that in any way, even if we knew what company this was for.[/QUOTE]
port forward - nat stuff.
yeah pretty much, with spamassassin.
the config posted is the current one where the external ip works and the internal one doesn't. i can't have the external one down due to it being our website
the interfaces config is [I]probably[/I] right, it's just this whole thing with gateways that doesn't want to work, i can ping internal devices from eth1 fine but not outside ones
there's just a dumb switch on the outside but other than that, yes directly to the isp
[quote] Also, as a final note, there are no need to mask (XX.XX.XX.185) IP addresses if they are in a local network. None of us would ever be able to misuse that in any way, even if we knew what company this was for. [/quote]
it's the external one
[QUOTE=Anderen2;50716839]Final, final note.
How are you asserting that the NIC is down?
Is the port on the switch listing it as down, are you not able to connect/ping to stuff from the server and towards the outside, or are you not able to connect/ping the server from the outside? (Also, are you testing to/from at the local network, or the internet?)[/QUOTE]
it doesn't have a working gateway, so nothing can connect to it
Final, final note.
How are you asserting that the NIC is down?
Is the port on the switch listing it as down, are you not able to connect/ping to stuff from the server and towards the outside, or are you not able to connect/ping the server from the outside? (Also, are you testing to/from at the local network, or the internet?)
[editline]15th July 2016[/editline]
[QUOTE=Giraffen93;50716838]yeah especially when those cost more than our yearly budget combined
port forward - nat stuff.
yeah pretty much, with spamassassin.
the config posted is the current one where the external ip works and the internal one doesn't. i can't have the external one down due to it being our website
the interfaces config is [I]probably[/I] right, it's just this whole thing with gateways that doesn't want to work, i can ping internal devices from eth1 fine but not outside ones
there's just a dumb switch on the outside but other than that, yes directly to the isp
it's the external one
it doesn't have a working gateway, so nothing can connect to it[/QUOTE]
"port forward - nat stuff"? So you would like the Linux box to be able to forward traffic?
Eg. that you may set the IP towards the Linux box as a gateway, and then use it to connect to the internet / a different net?
Also, in your previous post you said that the "external nic doesn't work", however with this config "external ip works and the internal one doesn't"?
And "i can't have the external one down due to it being our website"?
I'm sorry, but I'm quite confused about the whole setup here. Could you draw a gliffy diagram or something over how you would like the servers to be connected to each other?
[img]https://rp.braxnet.org/scr/1468411946262.png[/img]
Your only issue with this setup is that you were defining 2 gateways for the same network. Go back to that, but remove the gateway on eth2 (or whichever NIC you don't want traffic to be primarily flowing out of).
[QUOTE=Giraffen93;50716838][B]yeah especially when those cost more than our yearly budget combined[/B]
port forward - nat stuff.
yeah pretty much, with spamassassin.
the config posted is the current one where the external ip works and the internal one doesn't. i can't have the external one down due to it being our website
the interfaces config is [I]probably[/I] right, it's just this whole thing with gateways that doesn't want to work, i can ping internal devices from eth1 fine but not outside ones
there's just a dumb switch on the outside but other than that, yes directly to the isp
it's the external one
it doesn't have a working gateway, so nothing can connect to it[/QUOTE]
so you're telling me your yearly budget is less than what i have in cash in my wallet right now
[img]http://i.imgur.com/f5fiJlT.png[/img]
[QUOTE=Anderen2;50716839]Final, final note.
How are you asserting that the NIC is down?
Is the port on the switch listing it as down, are you not able to connect/ping to stuff from the server and towards the outside, or are you not able to connect/ping the server from the outside? (Also, are you testing to/from at the local network, or the internet?)
[editline]15th July 2016[/editline]
"port forward - nat stuff"? So you would like the Linux box to be able to forward traffic?
Eg. that you may set the IP towards the Linux box as a gateway, and then use it to connect to the internet / a different net?
Also, in your previous post you said that the "external nic doesn't work", however with this config "external ip works and the internal one doesn't"?
And "i can't have the external one down due to it being our website"?
I'm sorry, but I'm quite confused about the whole setup here. Could you draw a gliffy diagram or something over how you would like the servers to be connected to each other?[/QUOTE]
[t]http://rp.braxnet.org/scr/146861801908919.png[/t]
it really is kinda difficult to explain. mail mx record is set to the firewall. port forward 25 from it to the linux box so it receives mail and then relay it to the exchange server
yes, only one works - the one i add the gateway to, not both at the same time
website is hosted on the external ip, that's its only use, not for mail
[QUOTE=deadeye536;50716876][img]https://rp.braxnet.org/scr/1468411946262.png[/img]
Your only issue with this setup is that you were defining 2 gateways for the same network. Go back to that, but remove the gateway on eth2 (or whichever NIC you don't want traffic to be primarily flowing out of).[/QUOTE]
when i do that it just errors out with something file exists
[QUOTE=LordCrypto;50716890]so you're telling me your yearly budget is less than what i have in cash in my wallet right now
[img]http://i.imgur.com/f5fiJlT.png[/img][/QUOTE]
sorry but i have no idea what that thing is
we mostly build our own stuff and use tp-link and cheapo low-end stuff
[QUOTE=deadeye536;50716876][img]https://rp.braxnet.org/scr/1468411946262.png[/img]
Your only issue with this setup is that you were defining 2 gateways for the same network. Go back to that, but remove the gateway on eth2 (or whichever NIC you don't want traffic to be primarily flowing out of).[/QUOTE]
You are correct, and I did not notice it before, but the current configuration for "inside" is wrong too.
[code]
# inside 1
auto eth1
iface eth1 inet static
address 192.168.1.45
netmask 255.255.252.0
# inside 2
auto eth2
iface eth2 inet static
address 192.168.1.116
netmask 255.255.252.0
[/code]
Both of those interfaces are configured with the same subnet. Are the NIC's connected to the same network? If not, why are the IP's and the netmasks pointing to the same network?
[code]
anderen2@e7440:~$ ipcalc 192.168.1.45 255.255.252.0
Address: 192.168.1.45 11000000.10101000.000000 01.00101101
Netmask: 255.255.252.0 = 22 11111111.11111111.111111 00.00000000
Wildcard: 0.0.3.255 00000000.00000000.000000 11.11111111
=>
Network: 192.168.0.0/22 11000000.10101000.000000 00.00000000
HostMin: 192.168.0.1 11000000.10101000.000000 00.00000001
HostMax: 192.168.3.254 11000000.10101000.000000 11.11111110
Broadcast: 192.168.3.255 11000000.10101000.000000 11.11111111
Hosts/Net: 1022 Class C, Private Internet
anderen2@e7440:~$ ipcalc 192.168.1.116 255.255.252.0
Address: 192.168.1.116 11000000.10101000.000000 01.01110100
Netmask: 255.255.252.0 = 22 11111111.11111111.111111 00.00000000
Wildcard: 0.0.3.255 00000000.00000000.000000 11.11111111
=>
Network: 192.168.0.0/22 11000000.10101000.000000 00.00000000
HostMin: 192.168.0.1 11000000.10101000.000000 00.00000001
HostMax: 192.168.3.254 11000000.10101000.000000 11.11111110
Broadcast: 192.168.3.255 11000000.10101000.000000 11.11111111
Hosts/Net: 1022 Class C, Private Internet
[/code]
See that the network (Network) and network boundaries are the same in the calculation there (HostMin and HostMax)?
[QUOTE=Anderen2;50716927]Both of those interfaces are configured with the same subnet. Are the NIC's connected to the same network? If not, why are the IP's and the netmasks pointing to the same network?[/QUOTE]
they are on the same network (internal lan) yes, there's nothing wrong with the subnet/ip settings on them
because in reality it has three network cards, but eth2 is not used or needed, i just don't know how to disable it :v:
[QUOTE=Giraffen93;50716924][t]http://rp.braxnet.org/scr/146861801908919.png[/t]
it really is kinda difficult to explain. mail mx record is set to the firewall. port forward 25 from it to the linux box so it receives mail and then relay it to the exchange server
yes, only one works - the one i add the gateway to, not both at the same time
website is hosted on the external ip, that's its only use, not for mail
when i do that it just errors out with something file exists
sorry but i have no idea what that thing is
we mostly build our own stuff and use tp-link and cheapo low-end stuff[/QUOTE]
So yeah, as far as I see here you are miss-understanding alot of networking concepts, and this would not work no matter what platform you'd use.
First of all, I see no reason for having three NIC's connected with that server.
Just connect the "postfix server" with a single NIC towards the firewall (For the love of god, do not connect it towards the external switch outside of the firewall with no firewalling in iptables configured).
After that is done, just port forward port 25 as you have written in the diagram there to the postfix server's internal IP (and only IP).
No more magic than that is needed.
[editline]15th July 2016[/editline]
[QUOTE=Giraffen93;50716971]they are on the same network (internal lan) yes, there's nothing wrong with the subnet/ip settings on them
because in reality it has three network cards, but eth2 is not used or needed, i just don't know how to disable it :v:[/QUOTE]
Just run "ifdown eth2" and remove the reference to it in /etc/network/interfaces
[QUOTE=Anderen2;50717000]So yeah, as far as I see here you are miss-understanding alot of networking concepts, and this would not work no matter what platform you'd use.
First of all, I see no reason for having three NIC's connected with that server.
Just connect the "postfix server" with a single NIC towards the firewall (For the love of god, do not connect it towards the external switch outside of the firewall with no firewalling in iptables configured).
After that is done, just port forward port 25 as you have written in the diagram there to the postfix server's internal IP (and single).
No more magic than that is needed.
[editline]15th July 2016[/editline]
Just run "ifdown eth2" and remove the reference to it in /etc/network/interfaces[/QUOTE]
but i need the external web server to work
[img]http://rp.braxnet.org/scr/146861910906867.png[/img]
[QUOTE=Giraffen93;50717041]but i need the external web server to work
[img]http://rp.braxnet.org/scr/146861910906867.png[/img][/QUOTE]
Are you running a Webserver on the same server as you now want to configure Postfix on?
If so, that does not change much, you could (and should) still route the traffic through the firewall and port forward/open the necessary ports.
Running a server (no matter what platform) with no firewall directly on a external line is very bad practice.
Also, it's saying its not configured right, or the configuration has changed since you brought the interface up.
Try:
[code]
sudo ip link set eth2 down
[/code]
Sorry, you need to Log In to post a reply to this thread.
