February 8, 2011 at 5:52 pm #42853
We recently upgraded to Beta 14 on a very distance remote router that our network personnel, in the absence of any failures, visit only four times per year.
To improve up-time reliablity, we have chosen to have this location served by two ISPs, one a wireline company, the other a cable company. The latter has ping times about 30 per cent better than the former.
All of the workstations on the 5.0 internal network execute only a single application that accesses just a single IP address, aa.bb.cc.dd. To improve application response times and also segregate the app’s IP traffic from all other traffic at the site, I recently introduced a static route to the router table to route the aa.bb.cc.dd address through a separate gateway. [See router table below.]
After making this entry, using the Zeroshell ping utility, I could ping any internal addresses, both of the router’s externally facing addresses as well as both gateway addresses. Pinging the aa.bb.cc.dd address resulted in appreciably lower ping times compared to pinging other aa.bb.cc.nn server addresses at our central data center, suggesting that pings to the aa.bb.cc.dd address were going through the faster of the gateway addresses.
From our central data center, I could ping the remote router’s external addresses as well as both of that router’s gateway addresses.
However, we cannot not ping either the aa.bb.cc.dd address, the 24.xxx.yyy.84 router external interface address or the 24.xxx.yyy..65 gateway address from any workstation on either the 1.0 or 5.0 internal networks. All other reachable IP addresses are pingable, including the 67.xxx.yyy.42 router external interface address and 67.xxx.yyy.1 gateway address.
All workstations on the internal networks obtain their IP settings from Zeroshell’s DHCP daemon on the 1.0.and 5.0 networks. The workstations’ gateway, DNS and DHCP addresses are being set correctly to the Zeroshell router’s internal address on its appropriate internal network interface.
I would very much appreciate any insights anyone might have as to why we cannot ping the aa.bb.cc.dd address from any internal network workstations.
Thank you in advance.
Destination Netmask Type Metric Gateway Interface Flags State Source
aa.bb.cc.dd 255.2555.255.255 Host 0 24.xxx.yyy.65 ETH04 U Up Static
24.xxx.yyy.84 255.255.255.224 Net 0 none ETH04 U Up Auto
192.168.5.0 255.255.255.0 Net 0 none ETH03 U Up Auto
67.xxx.yyy.0 255.255.255.0 Net 0 none ETH02 U Up Auto
192.168.1.0 255.255.255.0 Net 0 none ETH00 U Up Auto
192.168.250.0 255.255.255.0 Net 0 none VPN99 U Up Auto
DEFAULT GATEWAY 0.0.0.0 Net 0 67.xxx.yyy.1 ETH02 UG Up StaticMarch 19, 2011 at 1:19 pm #51573
So what are you doing NAT wise?
Do your external routers have a route to the .1 and .5 network addresses through the zeroshell box? i.e the ping may be being sent to the routers but do they know how to send them back?
This really depends on WHERE you are natting … On Zeroshell?
You must be logged in to reply to this topic.