[TriLUG] PIX 501 vs the MAC change, round 2
Brian Henning
brian at strutmasters.com
Wed Apr 13 15:03:18 EDT 2005
Hi Guys,
I got some informative information when I first posted, as well as
some help in the IRC channel. Here's the latest development, as it
appears to be far from corrected.
Background: After swapping out some NICs (and setting to the same
static IP, internally) NO WAN traffic whatsoever would seem to pass the
firewall; I couldn't connect outward, and couldn't connect inward. From
outside. Internally, on the LAN, everything appeared to work fine.
Update: While diddling the DNS server addresses, I
/etc/rc.d/init.d/network restart-ed. Suddenly, I had WAN connectivity.
But now, come to find out, it is hideously, and painfully, and many
other superlatively bad adverbs, slow. Again, internal LAN
communications work without any apparent hitch, but try to get traffic
onto the Internet and it's crap.
As a bit of perspective, from any other computer on the LAN, DSL
Reports' bandwidth test reveals 1321k down / 339k up. Comparatively,
from this one server, dslreports.com takes AGES just for the front page
to load. I gave up trying to run the test, and instead wget'ed a file
from my home http server. The 200-OK response alone took minutes, and
the transfer itself crept along at LESS THAN TEN *BYTES* PER SECOND.
Seriously. No missing Ks or Ms here. 9.90B/s. Sometimes as low as 6.
Bytes. Per. Second.
What on EARTH is going on here? I have never seen anything like this
before.
The only thing I can imagine is if perhaps my eth configuration is
screwed up. All I did was take out two old cards and put in two new
ones. Kudzu deleted the config for the old ones and added the config
for the new ones, but there was some latent stuff hanging around (some
ethN.off scripts in the etc/rc.something that were causing weirdness,
but I deleted those).
I really don't want to reload the machine if I can avoid it. There's a
lot of data and configuration on there that I don't want to have to lose
(yes, it's all backed up, but my experience says restoring from backup
is not as easy as it should be, and what's more, it could be that the
screwed config is backed up....). I'm at a total loss here... After we
close shop tonight, I'm going to reboot the thing, and see if that makes
any difference, but otherwise I am totally stymied and have no idea
where to look next.
Thanks guys. I appreciate all the help I always get on here.
Cheers,
~Brian
More information about the TriLUG
mailing list