# ifconfig for external ip [can't ping router (gateway)]

## pubecon

I have a router connected to a switch and two servers also connected to that switch (along with a whole bunch of workstations).

the current server (running windows) is a dhcp server for 192.168.16.* via it's 'internal' nic. it also has an 'external' nic that has an external ip address assigned to it.

I am looking to install gentoo on the other server but when I boot (even with the nodhcp kernel boot parameter) it gets it's ip address from the dhcp server.

the routers ip address is not pingable (169.254.138.138) but everything within the 192.168.16 subnet is.

# ifconfig $IFACE $IPNUM broadcast $BCAST netmask $NMASK

# route add -net default gw $GTWAY netmask 0.0.0.0 metric 1 $IFACE

iface being eth1,

ipnum being x.x.x.x (don't want to go posting my ip address!) and I was setting the 

broadcast address to 255.255.255.255 (is this where I'm going wrong?) with the netmask as provided by the isp.

ANYWAY, with the router unpingable I inevitably get the 'connection not available' or whatever the error is.

thanks in advance

----------

## Smoke2firE

well netmask should be 255.255.255.0 

why dont you want to use dhcp if its a server and it always on then whats it matter just dont alot 100 dhcp clients. and if its getting a ip from dhcp why is it a 169 if youre dhcp server and workstations are on 192 maybe im just crazy and need a better explanation of what the setup is.

you can do the nodetect boot option and manually load youre NIC drivers to stop dhcp im suprised that the nodhcp option isnt working are you sure youre doin it right  :Wink: 

----------

## pubecon

I realised that it was doing the nodhcp for eth0 but still doing it for eth1.  My tired brain just can't make sense of it, since only one of the nics was connected anyway.

demon is the isp and the netmask they specify is 255.255.255.248.  

but it would appear that the broadcast address for internet facing nics is 255.255.255.0.  I can't seem to find any information on net setup for non nat configurations!

I had just envisaged that I would type the relevant options into the ifconfig/route commands and it would work.

annoyingly I duped this post (https://forums.gentoo.org/viewtopic.php?t=105859)

----------

## UberLord

Correct me if I'm wrong, but it sound's like none of you're NIC's are "internet facing".

The only thing facting the 'net is the router which probably routers to internal networks only.

What do the servers do and why do they need two nics? Only reason any box needs to NIC's is join networks together afaik.

----------

## pubecon

no, you are quite right - only the router is connected to the internet.  that's just the way I was thinking about it.

one server is a web proxy/dns/dhcp/file server it has one nic with the local 192.168.16.2 address and the other nic has an external ip address with the router as a gateway.

the other server (the old server) which currently does nothing but which I would like to set up to do....anything has three nics in it (4 if you count the onboard) but only one is connected which is why this eth0/eth1 business is confusing me.

I just want it viewable to the outside world so I can ssh in and meddle from home.

----------

## UberLord

 *pubecon wrote:*   

> I just want it viewable to the outside world so I can ssh in and meddle from home.

 

Why don't you just have one nic and port forward from the router?

Thats what I do with my home server - and apply firewall rules to seperate local traffic (192.168.0.x) from internet traffic (anything else)

----------

## pubecon

I was always under the illusion that port forwarding was only available in nat setups.

[edit]I should also mention the router is pingable from windows.  I wish I could start this again so I'll just summarize

the facts..

non-nat router, windows server and linux server attached to the same switch.

Local Router Address : 169.254.138.138

LAN Subnet : 192.168.16.X

external IP addresses available from ISP: 80.X.X.Y -> 80.X.X.Z

Current windows server can ping the router (and everything else)fine.

Linux server cannot ping the router but can ping computers in the local subnet.

since the router cannot be pinged (pung?!!!) it can't be used as the  gateway to the outside universe.

what I am aiming for

to have the linux server to be accessible and be able to access the outside world like the windows box is currently.

what I would like to know...

why, when there is only one nic connected to the switch is this called eth1 with /etc/init.d/net.eth0 existing, unstarted and being completely unconfigured in /etc/conf.d/net?

why is the router unpingable in linux while it can be accessed by windows?

```
ifconfig eth1 80.X.X.Y broadcast 255.255.255.0 netmask 255.255.255.248
```

 succeeds to allow me to ping myself (80.X.X.Y) but no longer the lan subnet 192.168.16.X or the router.

```
route add -net default gw 169.254.138.138 netmask 0.0.0.0 metric 1 eth1 
```

 results in 

```
"connect: Network is unreachable"
```

 (what with the router being unpingable I ament' surprised).

i've scoured the forums and comp.os.linux.networking finding nothing in the forums and only ancient unanswered posts in the newsgroups.

it's not like a loose connection or anything so surely there is a simple mistake with my ifconfig command! [/edit]

help?

----------

## pubecon

anyone?

----------

## fleed

First let me see if I understood this correctly:

Router: 169.254.138.138

LAN: 192.168.16.0/24

External IP: 80.1.2.3 -> 80.1.2.10 (eg)

Win machine: 192.168.16.10

It is impossible for this machine to ping 169.254.138.138. You probably have a network alias in the 169.254.138.138 range. Is 169.* the autoconfig that windows uses when it cannot find a dhcp server? If so, your windows machines might be using that.

What happens is your PC connects directly to those machines that are on the same network as it is. So if your machine is on 192.168.16.10 and your mask is 255.255.255.0, then if you apply the mask, your machine will talk directly to every machine which starts with 192.168.16. The router MUST be directly accessible by your client otherwise there's no gateway to pass data through. 

What you can do is add an alias interface on your linux machine:

ifconfig eth0:0 169.254.138.150

If you do that and don't change the routing, your linux machines should now be able to ping the router and connect through it to other networks (including the internet...)

----------

## pubecon

your understanding is quite correct.

fantastic! I'll give that a go when next I'm there.

you've given me hope and explained the weirdness.

I had completely forgotten that windows gave itself 169.* addresses in the absence of a dhcp server.

cheers

----------

## pubecon

 *Quote:*   

> What you can do is add an alias interface on your linux machine: 
> 
> ifconfig eth0:0 169.254.138.150 

 

did you intend 169.254.138.138 (the routers address)?

----------

## fleed

No, I really meant 150. If you set your linux box to 169.254.138.138 then it'll have the same ip address as the router, i.e., it won't work. You need something that's in the same subnet but different ip. 169.254.138.139 would also work.

----------

## pubecon

I realised the stupidity of that reply while on the bus home.

oh how I cringed!

unfortunately I was unable to try the command out today but I was able to phone in and get someone else to do it.

they claimed that

ping 169.254.138.138 resolved to 169.254.138.150 and then was unreachable which just doesn't make sense to me at all.  I will double check when he comes online later.

the aliasing seems like a great idea but this interface business is worrying me (how eth1 exists and is configured via dhcp and eth0 remains unstarted).  any theories as to what would cause this?

----------

## UberLord

 *pubecon wrote:*   

> I was always under the illusion that port forwarding was only available in nat setups.

 

Erm - don't you have a NAT setup?

If you have only 1 internet connection and only 1 public IP - which it sounds like you have - then you have to use NAT to get that server visible.

Personally I think what you're trying to do is waaay to complicated. But each to their own I suppose   :Laughing: 

----------

## pubecon

there's one internet connection (via adsl router/modem) but a range of public ips.

is it really so much harder? (obviously it is for me!)

but to get multiple servers/whatever(printers?) viewable by the outside world I don't see another way.

----------

## UberLord

Well, if you want to go down that route you'll have to set-up two networks

Network 1) adsl router configured for public IP's and netmask. All servers connected to it are configured with their public IP's and netmask

Network 2) Internal LAN - one of the servers acts as a bridge/router to this network. This server will need 2 nics (which you have)

So the traffic from a client inside the lan will go client -> server -> adsl

Public IP for servers are always much better (as in easier to configure) but always much worse (must have solid firewalls).

NAT keeps things simple as you don't really need a firewall as such to protect the servers as you have to forward specific ports anyway.

Kinda wierd really - most ADSL deals in the UK only give you 1 public IP. Thats all I got - and thats all I need.

----------

## fleed

Some ISPs also give you the option of having 8 ips (of which 5 are usable). That's what I got. 

You could also have just one network but do DNAT to the internal hosts based on the incoming ip address. Almost the same thing you described but possibly needs less hardware.

----------

