Harder than I thought
2005-07-10 12:51 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
mdlbearThis morning I swapped in the new firewall/router/gateway machine, because my tinkering and testing had finally broken enough things elsewhere in the network that I didn't think I could get things back to normal. It took about three hours to get things back together.
I still don't know what the main problem was -- at one point the gateway could see out, but not in. Later, machines inside could see the gateway, but couldn't route through it.I'm guessing it had something to do with ARP caches, either in the ethernet switch or possibly machines on the local net. (update: actually shorewall in a weird state; still don't know what causes that but it'll be easier to diagnose now.) Weird. Anyway, it appears to work now.
I still don't know what the main problem was -- at one point the gateway could see out, but not in. Later, machines inside could see the gateway, but couldn't route through it.
no subject
Date: 2005-07-10 02:57 pm (UTC)shorewallcoming up in a bad state -- clear followed by restart fixes it. This is not good, but now that I know the fix I can deal with it later.