|
Home > Archive > alt.os.linux > December 2002 > Networking Issue
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Yousaf 2002-12-19, 4:25 am |
| All,
I have the following network topology:
MACHINE 1: Redhat 8.0 & 7.3 Dual Boot DHCP enabled (Always
on)
MACHINE 2: Mandrake 9.0 Static IP: 192.168.0.4 (Always on)
MACHINE 3: Win2K Static IP: 192.168.0.3
MACHINE4: Win2K ADSL Connection via USB(Sharing
enabled) and a Static ethernet interface: 192.168.0.1 (Always on)
The problem is only on MACHINE 1 which is dhcp enabled.
MACHINE 4 belongs to my friend who has ADSL connection, he uses win2k
and has a firewall (Zone Alarm). If he relaxes the his firewall rules I
get an IP address assigned with no problems at all. But if the firewall
is blocking every thing then everything goes pear shaped on Red Hat
machine which is dhcp enabled. Here is what happens:
1- If firewall was off on MACHINE4 and I get an IP assigned when
bringing up the eth0, and then the firewall is turned on, all the file
browsers, web browsers and applications open very slowly on MACHINE1
2- If MACHINE4 was completely turned off, and I reboot or try to bring
up eth0 on MACHINE1 it fails (it can't find the dhcp server???)
3- If I completely switch off eth0 on MACHINE1 everything is back to
normal and applications start normally.
Now last night I was having this discussion with my friend, and he said
that it was horrible the way my Red Hat machine is so dependent on the
network connection. If eth0 is ON on my Red Hat machine and suddenly he
turns off his win2k machine, why should the applications slow down? Why
KDE seems so dependent on eth0 working properly?
The way I look at it, is that when I bring up my dhcp eth0 interface and
the win2k machine is ON, somehow that machine is also acting as a DHCP
server! so my Redhat machine gets an IP address assigned, and then my
friend turns on his firewall which blocks all packets and datagrams, so
my Red Hat machine can't find its DHCP server....................BUT why
would that influence KDE????? why all the apps I start slow down, some
times I even have to wait 30 sec for the konsole to start!!! which is
amazing as the machine is an Athlon XP 1.53GHz with 512 DDR PC2100 RAM!
and then if I turn off eth0 everything gets back to normal.
Any comments would be very appreciated.
Cheers
Yousaf
(at work)
| |
| Sybren Stuvel 2002-12-19, 4:25 am |
| In alt.os.linux Yousaf enlightened us with:
> If eth0 is ON on my Red Hat machine and suddenly he turns off his
> win2k machine, why should the applications slow down? Why KDE seems so
> dependent on eth0 working properly?
Because it uses the network a lot, for instance for looking up
hostnames. KDE makes good use of your loopback device too.
> The way I look at it, is that when I bring up my dhcp eth0 interface and
> the win2k machine is ON, somehow that machine is also acting as a DHCP
> server!
Indeed it does. A question to you: why did you choose for DHCP when you
don't have a reliable DHCP server? Why not get a static IP address and
get it over with? Or: why can't your friend set his firewall in such a
way that
1) He's protected by it
2) You can use his DHCP server
> why all the apps I start slow down, some times I even have to wait 30
> sec for the konsole to start!!! which is amazing as the machine is an
> Athlon XP 1.53GHz with 512 DDR PC2100 RAM! and then if I turn off
> eth0 everything gets back to normal.
These delays are timeouts. They have nothing to do with your processor
or memory - they are just programmed timeouts like "try for 30 seconds
and then give up".
Why doesn't your friend turn off his DHCP server, and you install one on
MACHINE2 - it's always on anyway. You could also plug the DSL connection
into that, install a iptables firewall and be more secure and more
reliable than you are now.
Sybren
-- [colo
r=darkred]
>>> RUNNING A MICROSOFT GAME USING WINE <<<[/color]
sybren@sybren:Mechwarrior Mercenaries$ wine MW4Mercs.exe
INSTR_IDT_Emulate Evil attempt to exploit win9x system security flaws detected
INSTR_IDT_Emulate UNIX system security is too strong, can't emulate properly
| |
| Yousaf 2002-12-19, 6:25 am |
| Thanks for your reply Sybren,
Sybren Stuvel wrote:
> In alt.os.linux Yousaf enlightened us with:
> > If eth0 is ON on my Red Hat machine and suddenly he turns off his
> > win2k machine, why should the applications slow down? Why KDE seems so
> > dependent on eth0 working properly?
>
> Because it uses the network a lot, for instance for looking up
> hostnames. KDE makes good use of your loopback device too.
>
> > The way I look at it, is that when I bring up my dhcp eth0 interface and
> > the win2k machine is ON, somehow that machine is also acting as a DHCP
> > server!
>
> Indeed it does. A question to you: why did you choose for DHCP when you
> don't have a reliable DHCP server? Why not get a static IP address and
> get it over with? Or: why can't your friend set his firewall in such a
> way that
IF I USE A STATIC IP, WHICH I DID ONCE, THEN I HAD MY eth0 CONFIGURED LIKE THIS:
IP ADDRESS: 192.168.0.2
NET MASK: 255.255.255.0
DEFAULT GATEWAY: 192.168.0.1
PRIMARY DNS: NN-NN-NN-NN (ISP's domain name server, the ISP which provides ADSL)
SECONDARY DNS: NN-NN-NN-NN (as above)
IT WORKED, BUT THEN REMEMBER HE HAS ZONE ALARM! EVEN THOUGH HE HAS SPECIFIED AN IP
RANGE TO BE A SCURE ZONE IT STILL DOESNT WORK, AND I END UP HAVING THE SAME
PROBLEM.
>
>
> 1) He's protected by it
> 2) You can use his DHCP server
>
> > why all the apps I start slow down, some times I even have to wait 30
> > sec for the konsole to start!!! which is amazing as the machine is an
> > Athlon XP 1.53GHz with 512 DDR PC2100 RAM! and then if I turn off
> > eth0 everything gets back to normal.
>
> These delays are timeouts. They have nothing to do with your processor
> or memory - they are just programmed timeouts like "try for 30 seconds
> and then give up".
>
> Why doesn't your friend turn off his DHCP server, and you install one on
> MACHINE2 - it's always on anyway. You could also plug the DSL connection
> into that, install a iptables firewall and be more secure and more
> reliable than you are now.
YES, ABSOLUTELY THAT IS WHAT I INTEND TO DO. MY FRIEND DOESN'T AGREE ON GETTING
DSL ON A LINUX BOX AND THEN SHARING IT FROM THERE SO I HAVE TO STICK WITH THE
CURRENT TOPOLOGY.
CAN YOU SUGGEST A DHCP SERVER WHICH I CAN DOWNLOAD, AS I CAN'T FIND THE ICON FOR
SERVER CONFIGURATION IN MANDRAKE CONTROL CENTER?
THANKS AGAIN FOR YOUR ADVICE.
YOUSAF
>
>
> Sybren
> --
> >>> RUNNING A MICROSOFT GAME USING WINE <<<
> sybren@sybren:Mechwarrior Mercenaries$ wine MW4Mercs.exe
> INSTR_IDT_Emulate Evil attempt to exploit win9x system security flaws detected
> INSTR_IDT_Emulate UNIX system security is too strong, can't emulate properly
| |
| Sybren Stuvel 2002-12-19, 6:25 am |
| begin Yousaf enlightened us with:
> IT WORKED, BUT THEN REMEMBER HE HAS ZONE ALARM! EVEN THOUGH HE HAS SPECIFIED AN IP
> RANGE TO BE A SCURE ZONE IT STILL DOESNT WORK, AND I END UP HAVING THE SAME
> PROBLEM.
But can't he change his settings so that it does work? I assume you're
both paying for the connection, so he shouldn't be so troublesome.
By the way: don't type in all capital letters, it's Not Nice. Capitals =
shouting.
> YES, ABSOLUTELY THAT IS WHAT I INTEND TO DO. MY FRIEND DOESN'T AGREE ON GETTING
> DSL ON A LINUX BOX AND THEN SHARING IT FROM THERE SO I HAVE TO STICK WITH THE
> CURRENT TOPOLOGY.
??? Why doesn't he agree? It's more secure, more responsive, easier to
set up, etc. If you are really both paying for the connection, you
should both decide what's the best solution.
> CAN YOU SUGGEST A DHCP SERVER WHICH I CAN DOWNLOAD, AS I CAN'T FIND THE ICON FOR
> SERVER CONFIGURATION IN MANDRAKE CONTROL CENTER?
it's called 'dhcpd' and should come on your mandrake CDs. You can edit
its configuration in /etc/dhcpd.conf.
Sybren
-- [colo
r=darkred]
>>> RUNNING A MICROSOFT GAME USING WINE <<<[/color]
sybren@sybren:Mechwarrior Mercenaries$ wine MW4Mercs.exe
INSTR_IDT_Emulate Evil attempt to exploit win9x system security flaws detected
INSTR_IDT_Emulate UNIX system security is too strong, can't emulate properly
| |
| Yousaf 2002-12-19, 7:24 am |
| Thanks Sybren,
Sorry about the capitals, I just needed to make my reply look
distinct, I didn't know about Capitals= Shout rule.
Well, my friend is a bit stubborn in this case. You are right about having a dhcp server
on the other machine.
The other thing I forgot to ask is, how come windoze2k has the capability of running a
dhcp server by default. I mean as far as my friend is concerned he is not running any
dhcp server. But in this case he must be running a dhcp server, because when my machine
sends a DHCPDISCOVER and his machine is on (without firewall) it gets an IP assigned to
it, and if he has his firewall on then DHCPDISCOVER fails, or simply assign the
previously leased address.
Cheers
Yousaf
Sybren Stuvel wrote:
> begin Yousaf enlightened us with:
> > IT WORKED, BUT THEN REMEMBER HE HAS ZONE ALARM! EVEN THOUGH HE HAS SPECIFIED AN IP
> > RANGE TO BE A SCURE ZONE IT STILL DOESNT WORK, AND I END UP HAVING THE SAME
> > PROBLEM.
>
> But can't he change his settings so that it does work? I assume you're
> both paying for the connection, so he shouldn't be so troublesome.
> By the way: don't type in all capital letters, it's Not Nice. Capitals =
> shouting.
>
> > YES, ABSOLUTELY THAT IS WHAT I INTEND TO DO. MY FRIEND DOESN'T AGREE ON GETTING
> > DSL ON A LINUX BOX AND THEN SHARING IT FROM THERE SO I HAVE TO STICK WITH THE
> > CURRENT TOPOLOGY.
>
> ??? Why doesn't he agree? It's more secure, more responsive, easier to
> set up, etc. If you are really both paying for the connection, you
> should both decide what's the best solution.
>
> > CAN YOU SUGGEST A DHCP SERVER WHICH I CAN DOWNLOAD, AS I CAN'T FIND THE ICON FOR
> > SERVER CONFIGURATION IN MANDRAKE CONTROL CENTER?
>
> it's called 'dhcpd' and should come on your mandrake CDs. You can edit
> its configuration in /etc/dhcpd.conf.
>
> Sybren
> --
> >>> RUNNING A MICROSOFT GAME USING WINE <<<
> sybren@sybren:Mechwarrior Mercenaries$ wine MW4Mercs.exe
> INSTR_IDT_Emulate Evil attempt to exploit win9x system security flaws detected
> INSTR_IDT_Emulate UNIX system security is too strong, can't emulate properly
| |
| Sybren Stuvel 2002-12-19, 7:25 am |
| begin Yousaf enlightened us with:
> Sorry about the capitals, I just needed to make my reply look
> distinct, I didn't know about Capitals= Shout rule.
It's ok. But use proper quoting instead of capitals to do that. And if
your newsreader doesn't color-code the quoted text, you might want to
switch ;-)
> The other thing I forgot to ask is, how come windoze2k has the capability of running a
> dhcp server by default. I mean as far as my friend is concerned he is not running any
> dhcp server.
That's Windoze for you. It runs all kinds of things that you're not
aware of. If you don't want to use his DHCP server, just block UDP ports
67 and 68 from/to his machine on your own firewall.
Sybren
-- [colo
r=darkred]
>>> RUNNING A MICROSOFT GAME USING WINE <<<[/color]
sybren@sybren:Mechwarrior Mercenaries$ wine MW4Mercs.exe
INSTR_IDT_Emulate Evil attempt to exploit win9x system security flaws detected
INSTR_IDT_Emulate UNIX system security is too strong, can't emulate properly
| |
| Yousaf 2002-12-19, 8:25 am |
|
>
>
> That's Windoze for you. It runs all kinds of things that you're not
> aware of. If you don't want to use his DHCP server, just block UDP ports
> 67 and 68 from/to his machine on your own firewall.
>
I think I know now how it manages to run a dhcp server read below:
From Win2k documentation
a.. A computer with Internet connection sharing needs two connections. One
connection, typically a LAN adapter, connects to the computers on the home
network. The other connection connects the home network to the Internet. You
need to ensure that Internet connection sharing is enabled on the connection
that connects your home network to the Internet. By doing this, the home
network connection appropriately allocates TCP/IP addresses to its own
users, the shared connection can connect your home network to the Internet,
and users outside your home network are not at risk of receiving
inappropriate addresses from your home network. By enabling Internet
connection sharing on a connection, the Internet connection sharing computer
becomes a Dynamic Host Configuration Protocol (DHCP) allocator for the home
network. DHCP distributes TCP/IP addresses to users as they start up. If
Internet connection sharing is enabled on the wrong network adapter, users
outside your home network might be granted TCP/IP addresses by the home
network DHCP allocator, causing problems on their own networks.
So the only way he can disable the dhcp server on his machine is to disable his internet
connection sharing and that would mean we can't share the connection.
The other thing is that my friend is not very convinced by you reply about KDE slowing down,
read below what he says:
> Because it uses the network a lot, for instance for looking up
> hostnames. KDE makes good use of your loopback device too.
>
To me this reply sounds a lot like "Because it does."
I still need to give him an answer to this question, otherwise he might refer to KDE as a
buggy software for the rest of his life.
Here is something else he said:
"I think the solution would simply be not to be so paranoid about security
and just leave my box on as I used to. Still, what buggers me is why KDE
needs a DHCP server to access local files"
what he means is, why if he turns off his machine, KDE slows down?
Here is what happens:
- His machine is on without firewall
- I bring up my dhcp eth0
- His machine gives me the IP address
- He turns his machine off, or turns the firewall on
- KDE slows down!!!
He was saying that this might be a bug, as to him it seems like a bug.
But I am still defending my opinion, but to be honest with you I haven't got a clue why this
happens, as your answer says previously that it uses the network a lot i.e.for looking up
host names etc. So that means that my network configurations need to be spot on, other wise
I won't even be able to do (well there is a performance overhead) non-network related work
on KDE i.e. opening openoffice.org, browsing local files, playing mp3s?
Thanks
Yousaf
>
> Sybren
> --
> >>> RUNNING A MICROSOFT GAME USING WINE <<<
> sybren@sybren:Mechwarrior Mercenaries$ wine MW4Mercs.exe
> INSTR_IDT_Emulate Evil attempt to exploit win9x system security flaws detected
> INSTR_IDT_Emulate UNIX system security is too strong, can't emulate properly
|
|
|
|
|