[Rack] mchawking ip address broken

Jonathan Lassoff jof at thejof.com
Tue Dec 20 23:31:54 UTC 2011 

On Tue, Dec 20, 2011 at 3:11 PM, Ben Kochie <ben at nerp.net> wrote:

> On Tue, 20 Dec 2011, Jonathan Lassoff wrote:
>
>  On Tue, Dec 20, 2011 at 2:09 PM, Jake <jake at spaz.org> wrote:
>>      I really want to get the public IP back up for mchawking, i was
>> trying to
>>      use it to catch money thieves at noisebridge (its camera is pointed
>>      straight at the moneybox) but I have been unable to do so.  The only
>> time
>>      i have to work on it is when i'm not at the space.  We can only
>> wonder
>>      whether the money box was emptied by a member putting it into the
>> bank, or
>>      a couchsurfing occupy oogle looking for a fix.
>>
>>      What is so broken about the routing?  Can we switch back to the old
>> router
>>      until the new one gets figured out?  Is there something I can do in
>> the
>>      server room to physically route it back to its old IP address?
>>
>>      somebody help!
>>
>>
>> Ben, when you have a chance, would you please confirm your Vyatta
>> configuration? My hunch is
>> that the default route is still via Monkeybrains, so when traffic comes
>> in via Sonic.net, the
>> NATed traffic is still being routed out (and uRPF-dropped) via
>> Monkeybrains.
>>
>
> The problem is that even if I set the default gateway to MB, it's DHCP.
> Supposedly Vyatta sets a default gateway weight to avoid this, but I
> haven't been able to have time to debug it.  I'll come over to NB tonight
> to debug.
>

So everything is going out of Sonic right now, right? That's what the
configuration and traffic graphs seem to indicate.

Looking at some traffic captures now, for mchawking's case, it seems that
it's not trying to route back through bikeshed. I bet its configuration was
setup to route back through the HA/floating IP (172.30.0.3), and bikeshed
did not get that configured.

I just added a static 172.30.0.3/22 configuration to eth1 on bikesked, but
it's still not working.

Jake -- could you unicast me a login to mchawking to debug what's broken on
there?


>  This worked fine on r00ter -- you might consider reading through the
>> then-perfectly-functional
>> pf.conf file and re-producing all of the past configuration that was in
>> there.
>>
>
> I already have a backup of this and implemented most of it in the vyatta
> config.


I mentioned that, as there was some other NAT mappings that were not moved
over for the mode S receiver, and data processing box for it.

--j
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.noisebridge.net/pipermail/rack/attachments/20111220/83f99257/attachment.html>

More information about the Rack mailing list