[TriLUG] PIX 501 vs the MAC change, round 2

Brian Henning brian at strutmasters.com
Wed Apr 13 15:03:18 EDT 2005


Hi Guys,
   I got some informative information when I first posted, as well as 
some help in the IRC channel.  Here's the latest development, as it 
appears to be far from corrected.

Background:  After swapping out some NICs (and setting to the same 
static IP, internally) NO WAN traffic whatsoever would seem to pass the 
firewall; I couldn't connect outward, and couldn't connect inward.  From 
outside.  Internally, on the LAN, everything appeared to work fine.

Update: While diddling the DNS server addresses, I 
/etc/rc.d/init.d/network restart-ed.  Suddenly, I had WAN connectivity. 
  But now, come to find out, it is hideously, and painfully, and many 
other superlatively bad adverbs, slow.  Again, internal LAN 
communications work without any apparent hitch, but try to get traffic 
onto the Internet and it's crap.

As a bit of perspective, from any other computer on the LAN, DSL 
Reports' bandwidth test reveals 1321k down / 339k up.  Comparatively, 
from this one server, dslreports.com takes AGES just for the front page 
to load.  I gave up trying to run the test, and instead wget'ed a file 
from my home http server.  The 200-OK response alone took minutes, and 
the transfer itself crept along at LESS THAN TEN *BYTES* PER SECOND. 
Seriously.  No missing Ks or Ms here.  9.90B/s.  Sometimes as low as 6. 
  Bytes.  Per.  Second.

What on EARTH is going on here?  I have never seen anything like this 
before.

The only thing I can imagine is if perhaps my eth configuration is 
screwed up.  All I did was take out two old cards and put in two new 
ones.  Kudzu deleted the config for the old ones and added the config 
for the new ones, but there was some latent stuff hanging around (some 
ethN.off scripts in the etc/rc.something that were causing weirdness, 
but I deleted those).

I really don't want to reload the machine if I can avoid it.  There's a 
lot of data and configuration on there that I don't want to have to lose 
(yes, it's all backed up, but my experience says restoring from backup 
is not as easy as it should be, and what's more, it could be that the 
screwed config is backed up....).  I'm at a total loss here...  After we 
close shop tonight, I'm going to reboot the thing, and see if that makes 
any difference, but otherwise I am totally stymied and have no idea 
where to look next.

Thanks guys.  I appreciate all the help I always get on here.

Cheers,
~Brian



More information about the TriLUG mailing list