DNS Not forwarding and pings not working so well either
jp
great once I got 12.2.6 on their. Thanks very much.
Now here is the new problem. It does not seem to be able to ping via DNS
name (i.e. ping www.cisco.com) I tried adding the name-servers in but to no
avail. And to for that matter I am unable to ping via ip address to
anything except the default gateway.
The nat that I have setup is working fine. When I put the router in the
network I can ping the gateway on the other side. But again DNS is not
working. I have tried putting variables in different places and different
ways.
The DNS servers always come up with the same IP address as far as I know.
Here is the config on the router
Current configuration : 863 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
enable password biteme
!
ip subnet-zero
ip name-server 24.71.223.144
ip name-server 24.71.223.145
!
ip dhcp pool inside
network 172.16.1.0 255.255.255.0
default-router 172.16.1.1
dns-server 24.71.223.144 24.71.223.145
domain-name cg.shawcable.net
!
!
!
!
interface Ethernet0
ip address dhcp
ip nat outside
!
interface Ethernet1
ip address 172.16.1.1 255.255.255.0
ip nat inside
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
ip nat inside source list 17 interface Ethernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0
no ip http server
no ip pim bidir-enable
!
access-list 17 permit 172.16.0.0 0.0.255.255
!
line con 0
line aux 0
line vty 0 4
login
!
Here is the vital stats on the network
Connection-specific DNS Suffix . : cg.shawcable.net
Description . . . . . . . . . . . : Network Associates, Inc. Cardbus
Ether
et II 10/100
Physical Address. . . . . . . . . : 00-10-A4-99-02-20
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 24.81.138.44
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 24.81.138.1
DHCP Server . . . . . . . . . . . : 24.64.63.195
DNS Servers . . . . . . . . . . . : 24.71.223.144
24.71.223.145
Lease Obtained. . . . . . . . . . : Wednesday, December 26, 2001
9:54:55 P
Lease Expires . . . . . . . . . . : Friday, December 28, 2001
9:54:55 PM
Thanks again in advance.
jp
Brian Hill
default, but it sounds like this is your problem). Enter the "ip
domain-lookup" command and see if that helps. If not, ensure you can
actually ping the DNS servers.
--
Brian Hill
CCNP, CCNA, MCSE 2000 (Charter Member),
MCSE+I (NT4.0), MCT, MCP(20), Inet+, Net+, A+
Lead Technology Architect, TechTrain
Author: Cisco, The Complete Reference
Publisher: Osborne
Expected Publication Date: 1/8/02
Check out two free chapters at: www.betabooks.com
Available for pre-order NOW at:
http://www.amazon.com/exec/obidos/ASIN/0072192801/alfageekcom-20
email: bh...@techtrain.com
zzzxxx
to ethernet 0? try debug IP nat translations and statistics and post output,
here...
Can you ping the E interface of the modem? Yr default route points to the
interface what about next hop - cable ethernet?
The access list looks like it's missing IP:
access-list 17 permit IP 172.16.0.0 0.0.255.255....
If you go on the router - can you ping anything on the internet - if you
can - it's prob access list......
Let me know..
Brian Hill <bsh...@bellsouth.net> wrote in message
news:OoyW7.291571$er5.5...@e3500-atl2.usenetserver.com...
zzzxxx
access-list 17 permit ip any any
try that first, then close it down....
zzzxxx <zzz...@zzxxx.com> wrote in message
news:lLyW7.15803$HW3....@newsfeeds.bigpond.com...
Brian Hill
to ping via ip address to anything except the default gateway", but I
mistakenly read "And to for that matter I am ABLE to ping via ip address to
anything except the default gateway". Sorry about that.
--
Brian Hill
CCNP, CCNA, MCSE 2000 (Charter Member),
MCSE+I (NT4.0), MCT, MCP(20), Inet+, Net+, A+
Lead Technology Architect, TechTrain
Author: Cisco, The Complete Reference
Publisher: Osborne
Expected Publication Date: 1/8/02
Check out two free chapters at: www.betabooks.com
Available for pre-order NOW at:
http://www.amazon.com/exec/obidos/ASIN/0072192801/alfageekcom-20
email: bh...@techtrain.com
"zzzxxx" <zzz...@zzxxx.com> wrote in message
news:lLyW7.15803$HW3....@newsfeeds.bigpond.com...
zzzxxx
Brian Hill <bsh...@bellsouth.net> wrote in message
news:%aAW7.73217$BX4.4...@e3500-atl1.usenetserver.com...
Adam
Not only are people falling over each other to help people, but they are
also quick to apologise so as not to offend each other!
I'm gonna stay around and LEARN!
Thanks guys.
"zzzxxx" <zzz...@zzxxx.com> wrote in message
news:FPFW7.16019$HW3....@newsfeeds.bigpond.com...
jp
I have had two posts on this newsgroup and I must say it has totally
restored my faith in them. It is truley a feeling of colaboration.
And to boot there it is not like some groups where every second message is a
porn ad.
Thanks again guys and I am looking forward to participating in the group.
"Adam" <ja_d...@yahoo.com> wrote in message
news:3c2b...@audacity.velocet.net...
jp
You did read it right, I wrote it wrong. The only thing I am able to ping
is the defualt gateway (and any others on my subnet) but I don't get passed
the gateway. This really leads me to think that perhaps the ISP has
something filtering requests from a Cisco MAC or something like that.
And it is not resolving DNS names. Even when I put the DNS server names in
there. And I am not able to ping the DNS servers.
The access list that is in my config is only there to allow addresses
through the nat. The access list range of 17 means that it is an IP access
list. I tried allowing everything (access-list 17 permit any) but this did
not help.
I am starting to wonder if I have my nat statements setup improperly however
everything that I have read says it should work.
I am going to try clearing the config and then start again.
Thanks again for all the help!
"Brian Hill" <bsh...@bellsouth.net> wrote in message
news:%aAW7.73217$BX4.4...@e3500-atl1.usenetserver.com...
Brian Hill
Try changing your "IP route 0.0.0.0 0.0.0.0 Ethernet0" statement to "ip
route 0.0.0.0 0.0.0.0 [ip address of next hop router]". Currently, you have
it set to the interface, which won't work unless the next hop router has
proxy ARP enabled.
--
Brian Hill
CCNP, CCNA, MCSE 2000 (Charter Member),
MCSE+I (NT4.0), MCT, MCP(20), Inet+, Net+, A+
Lead Technology Architect, TechTrain
Author: Cisco, The Complete Reference
Publisher: Osborne
Expected Publication Date: 1/8/02
Check out two free chapters at: www.betabooks.com
Available for pre-order NOW at:
http://www.amazon.com/exec/obidos/ASIN/0072192801/alfageekcom-20
email: bh...@techtrain.com
"jp" <jnp...@myrealbox.com> wrote in message
news:r2IW7.55461$ip4.1...@news2.calgary.shaw.ca...
Brian Hill
--
Brian Hill
CCNP, CCNA, MCSE 2000 (Charter Member),
MCSE+I (NT4.0), MCT, MCP(20), Inet+, Net+, A+
Lead Technology Architect, TechTrain
Author: Cisco, The Complete Reference
Publisher: Osborne
Expected Publication Date: 1/8/02
Check out two free chapters at: www.betabooks.com
Available for pre-order NOW at:
http://www.amazon.com/exec/obidos/ASIN/0072192801/alfageekcom-20
email: bh...@techtrain.com
"zzzxxx" <zzz...@zzxxx.com> wrote in message
news:FPFW7.16019$HW3....@newsfeeds.bigpond.com...
Steven A. Ridder
let it out. They do filter by mac addresses, so just register it by calling
them.
Steve
"jp" <jnp...@myrealbox.com> wrote in message
news:H1yW7.53255$ip4.1...@news2.calgary.shaw.ca...
zzzxxx
so - any routers on that ethernet segment will look at the destination
address, match it and reply with it's MAC on the data link for routing
through it - but only if Proxy Arp is enabled...
I suppose you would only want to set a route out an interface if there were
multiple routers on that segment / in conjunction with Proxy Arp?
Am I thinking correctly? Do you dig what I'm saying?!
Brian Hill <bsh...@bellsouth.net> wrote in message
news:bpJW7.77016$BX4.4...@e3500-atl1.usenetserver.com...
Brian Hill
> Is this the same as setting a host's IP address to it's default gateway?
If
You lost me here. Are you asking if the "ip route 0.0.0.0 0.0.0.0 Ethernet0"
statement is the same as setting a host's IP address to be the exact same
thing as it's default gateway? If so, then no, I wouldn't think. Honestly,
I've never tried to set a host's IP address to be the same as a router, but
my guess is that in most OS's, this would lead to an IP conflict.
> so - any routers on that ethernet segment will look at the destination
> address, match it and reply with it's MAC on the data link for routing
> through it - but only if Proxy Arp is enabled...
Again, not sure I'm following, so let me try just explaining proxy ARP.
Enabling proxy arp on a router allows the router to listen to ARP requests,
determine if it has a route to the subnet the ARP request is for, and if so,
issue an ARP reply on behalf of the destination, using the destination's IP
but the router's MAC. Basically, the client has no default gateway set,
simply a routing table entry that states "all traffic not matching any other
route should be sent to interface X", or "ip route 0.0.0.0 0.0.0.0
[Interface]", in Cisco-ese. So with his current default route entry (ip
route 0.0.0.0 0.0.0.0 Ethernet0), the router will simply send all traffic
that doesn't match a better route out of the E0 interface, ARPing for an IP
to MAC translation (rather than auto-magically ARPing for the default
gateway IP and sending the packet directly to the default gateway). For this
to work, his ISP must have proxy ARP enabled.
>
> I suppose you would only want to set a route out an interface if there
were
> multiple routers on that segment / in conjunction with Proxy Arp?
>
Actually, the only decent reason I can imagine for using proxy ARP is a
situation where you want the Router's internal interface to get a DHCP IP
address, you don't want to set a reservation, and you still want clients to
be able to route through that router without a bunch of reconfigurations.
And even then, I'm not positive I would consider this a good reason.
> Am I thinking correctly? Do you dig what I'm saying?!
Not sure, but let me know if this explanation is not what you were looking
for and I will try again :)
zzzxxx
I was trying to work out the difference between a logical next hop and an
interface for a route statement, but actually confused IP redirects and
Proxy arp. Setting the IP same as DG is a debatable trick to reduce ICMP
redirects on a LAN. If I set the IP address on my PC and DG equal - I get a
proxy reply - I know that because I can see the E0/0 MAC entry of my 3640 in
my Windows 98 arp cache by running arp -a. However - it doesn't work when I
leave the DG empty - but I think that must be a Windows problem. I get ICMP
Destination unreachable. That's another question.
OK - a packet turns up at the E0/0 interface of my 3640 with a destination
L3 address / network that is known to it - ie it runs through the host,
subnet, major net routes, finds no match and then tries a match against the
default entry. It matches the 0.0.0.0 mask in the default entry, does a
logical AND and comes up with the network 0.0.0.0 - it matches the network.
It responds with MAC and bingo - the packet is routed.
Now - you were saying - try a next logical hop in route entry *because* if
you use an interface - then you have to enable proxy arp on the logical
segements' router. OK - I guessed this also but don't understand the diff
between the two (see my earlier post). I was really trying to clarify *when*
and *why* you would use the outgoing interface over a next logical hop. If
this is the case for a broadcast network - what utility is it on a NBMA like
FR etc..?
If anyone can tell me why w98 doesn't ARP when no DG set - I'd be interested
to know.
Cheers..
Brian Hill <bsh...@bellsouth.net> wrote in message
news:JBUW7.85481$BX4.5...@e3500-atl1.usenetserver.com...
Brian Hill
*when*
> and *why* you would use the outgoing interface over a next logical hop.
If
Like I said, I can't think of a good reason to set a route to a specific
interface. :)
> this is the case for a broadcast network - what utility is it on a NBMA
like
> FR etc..?
>
I would hazard to guess that it depends on if broadcast emulation is enabled
on the NBMA interface. If so, then the ARP broadcast should be sent to the
other side (using the DLCI associated with the interface/subinterface), at
least to my thinking.
> If anyone can tell me why w98 doesn't ARP when no DG set - I'd be
interested
> to know.
If you're talking about 98 ARPing for an IP on a remote network, it's most
likely just a function of the ANDing. 98 looks at the address, determines
it's not local, looks for a route, can't find one, and drops the packet (no
ARP). If you could enter a default route for the interface of the box, that
should solve the problem. The problem is, there is no field in the "route
add" statement for the interface, just a gateway. Perhaps setting the
gateway to the interface's IP would work, but I've never tried it.
Sorry I couldn't be of more help.
jp
I finally got the thing working and Brian was right about the defualt route.
I think it is going to pose some problems however since this is on a DHCP
network and I have seen two completely different subnets, so, in theory they
would have 2 completely different gateways or next hops as it were.
If anyone can think of how to overcome that little problem I would
appreciate it!?
Thanks a bunch to everyone for helping me out.
I ran into another problem of interest that occurred when I connected a
cheap 10/100 switch to the interface. It did not seem to negotiate properly
and was causing all kinds of weird o errors (would go to some sites and not
others, a lot of latency, could not connect to Newsgroups but MSN Messenger
was and downloads were blazing) I fixed this by putting a good 3com switch
in and setting all the ports to 10/half which is all the 2514 I have is
capeable of.
Thanks again and I will post my config for anyone who needs it.
jp
"Brian Hill" <bsh...@bellsouth.net> wrote in message
news:bpJW7.77016$BX4.4...@e3500-atl1.usenetserver.com...
zzzxxx
Cheers
Brian Hill <bsh...@bellsouth.net> wrote in message
news:su1X7.87486$BX4.5...@e3500-atl1.usenetserver.com...
Jonathan Post
I sent a message yesterday but obviously did not get posted to the group.
Your got the right answer, it was the default route.
My only problem with this is that the router is on a DHCP network. I think
that I have been served ip addresses in completely different subnets so then
theoretically the default gateway or next hop would change. Over the last
3 days the assigned IP address on the router has not changed so I am going
to assume for now that I should be ok.
I do have one other problem that certain web sites and services are not
working properly. For example I can get to cisco.com no problem but if I
try an go to globeandmail.com it times out. I am also not able to connect
to newsgroups but I can FTP and use MSN Messenger. When I debug IP/UDP it
seems to connect and I can see NAT translations.
I am not too sure where it is timing out but I guess I will have to sniff to
find out.
Thanks kindly
jp
----------
In article <upJW7.77018$BX4.4...@e3500-atl1.usenetserver.com>, "Brian
jp
jp
"Steven A. Ridder" <sari...@hotm3.154ail.com (minus pi)> wrote in message
news:d1MW7.659$Ti2....@news.shore.net...
jp
Thanks, that fixed it. If I can't point the route out the interface how do
I deal with it if my ISP puts me in a dhcp pool with a different gateway? I
have seen this happen I think. However, every time I reset the interface
on the router it seems to come up with the same IP address.
How much latency should the NAT / router combo add. It seems to have really
killed the web browsing. Instant messanger is working like a charm. Ping
responces are good until the packet size is over 1428 bytes. It does not
seem to be allowing the fragment.
Any ideas?
Thanks again!
jp
"Brian Hill" <bsh...@bellsouth.net> wrote in message
news:bpJW7.77016$BX4.4...@e3500-atl1.usenetserver.com...