(Illustration by Gaich Muramatsu)
I think I'm having a routing issue and would greatly appreciate any feedback anyone might have. I have two linux boxes, both running an up-to-date cvs checkout of coda. The server has three interfaces, the external (eth0), the dmz (eth2, 192.168.2.1), and the internal (eth1, 192.168.1.1). When I configured the coda server it picked up the IP of the internal interface, 192.168.1.1. I have three clients that need to access the same server, one through each interface. To make matters even more fun, the DMZ and external clients will get access through a FreeS/WAN VPN. The client I am testing from is 192.168.2.11, accessing through the DMZ interface, through IPSec. I get about 10 copies of this error in SrvLog 23:13:36 client_GetVenusId: got new host 192.168.2.11:32945 23:13:36 Building callback conn. 23:13:36 Callback message to 192.168.2.11 port 32945 failed RPC2_NOTCLIENT (F) 23:13:36 Worker1: Unbinding RPC connection 452227915 From what I can gather, these indicate the packets are not getting back to the client, usually because of routing problems. I have attached a tcpdump of udp traffic when these errors were happening. This definitely shows a schizophrenic mix of traffic to/from 192.168.1.1 and 192.168.2.1. This is the routing table on the server: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.2.11 192.168.2.11 255.255.255.255 UGH 0 0 0 ipsec2 192.168.2.10 192.168.2.10 255.255.255.255 UGH 0 0 0 ipsec2 external-ip 0.0.0.0 255.255.255.252 U 0 0 0 eth0 external-ip 0.0.0.0 255.255.255.252 U 0 0 0 ipsec0 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 ipsec2 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 0.0.0.0 external-ip 0.0.0.0 UG 0 0 0 eth0 I have masquerade set in the client's venus.conf, and I tried setting ipaddress="192.168.2.1" in server.conf, but neither helped. So, to try to debug I convinced the coda server it was really on the DMZ IP (changed a couple entries in /vice to the hostname of the DMZ interface). I restarted coda on the server and bingo, everything works. This eliminates the VPN and the firewall as potential problems. So, it is most definitely a routing issue, which I can fix for this one client. However, now all of my other clients are going to have the same routing issue my test server was having. Does anyone know how I can solve this so all three clients, accessing through all three interfaces of the server will work properly. Thanks, Omen -- Whom computers would destroy, they must first drive mad.