Coda File System

Coda routing problems

From: Omen Wild <Omen.Wild_at_Dartmouth.EDU>
Date: Fri, 19 Sep 2003 00:00:00 -0400
I think I'm having a routing issue and would greatly appreciate any
feedback anyone might have.

I have two linux boxes, both running an up-to-date cvs checkout of
coda.  The server has three interfaces, the external (eth0), the dmz
(eth2, 192.168.2.1), and the internal (eth1, 192.168.1.1).  When I
configured the coda server it picked up the IP of the internal
interface, 192.168.1.1.  I have three clients that need to access the
same server, one through each interface.  To make matters even more
fun, the DMZ and external clients will get access through a FreeS/WAN
VPN.

The client I am testing from is 192.168.2.11, accessing through the DMZ
interface, through IPSec.

I get about 10 copies of this error in SrvLog
23:13:36 client_GetVenusId: got new host 192.168.2.11:32945
23:13:36 Building callback conn.
23:13:36 Callback message to 192.168.2.11 port 32945 failed RPC2_NOTCLIENT (F)
23:13:36 Worker1: Unbinding RPC connection 452227915

From what I can gather, these indicate the packets are not getting back
to the client, usually because of routing problems.

I have attached a tcpdump of udp traffic when these errors were
happening.  This definitely shows a schizophrenic mix of traffic
to/from 192.168.1.1 and 192.168.2.1.

This is the routing table on the server:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.2.11    192.168.2.11    255.255.255.255 UGH   0      0        0 ipsec2
192.168.2.10    192.168.2.10    255.255.255.255 UGH   0      0        0 ipsec2
external-ip     0.0.0.0         255.255.255.252 U     0      0        0 eth0
external-ip     0.0.0.0         255.255.255.252 U     0      0        0 ipsec0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 ipsec2
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
0.0.0.0         external-ip     0.0.0.0         UG    0      0        0 eth0

I have masquerade set in the client's venus.conf, and I tried setting
ipaddress="192.168.2.1" in server.conf, but neither helped.

So, to try to debug I convinced the coda server it was really on the
DMZ IP (changed a couple entries in /vice to the hostname of the DMZ
interface).  I restarted coda on the server and bingo, everything
works.  This eliminates the VPN and the firewall as potential problems.

So, it is most definitely a routing issue, which I can fix for this one
client.  However, now all of my other clients are going to have the
same routing issue my test server was having.

Does anyone know how I can solve this so all three clients, accessing
through all three interfaces of the server will work properly.

Thanks,
   Omen

-- 
Whom computers would destroy, they must first drive mad.
  • text/plain attachment: txt
Received on 2003-09-19 00:02:17