Routing issue on Solaris

From: ryan.worthington@westam.com
Date: Thu Jun 03 2004 - 21:35:17 EDT

• Next message: Michael E. Willard: "panic - boot: Boot: scratch memory overflow"
• Previous message: robert.j.howlett@mainroads.qld.gov.au: "Help with SAN Configuration MPXIO/JNI/Hitachi"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello Gents,

After my last disastrous question, I've decided to spend a number of hours
making sure this question isn't solved with basic math.
I've inherited a much damaged network that is using public address space as
private space, in violation of RFC 1918.
There is nothing I can do but work around it, unfortunately.

The problem I'm having is that after adding some new subnets, I am
completely unable to route to them.
There is a Sol 7 box running checkpoint acting as the company firewall and
NAT appliance. I've added static routes via the route command (not what I
would like to do, but I have to comply with company guidelines on this one)
and have added the proper allow rules to the firewall software.
When I try to run traceroute to these new subnets, the first hop hits the
inside interface on the firewall, and the second hop hits the new subnet.
This would be great, except the time taken is right around 0.499 ms, and
there are something like 8 routers and firewalls between here and the new
networks (in Japan)
so I know the ICMP isn't actually making it there. It's almost like there
is a host entry for those subnets pointing to localhost, but I've checked
/etc/hosts and /etc/network and no such entry exists.

Any ideas?
The box is running Solaris 7, Checkpoint 4.1, and has 9 interfaces. I've
posted a similar question to the Checkpoint firewall list, so I'm hoping
between the two groups, I can some up with some things to try.

-- Ryan Worthington
Systems and Network Analyst IT Infrastructure Team
WestAM - Houston, TX
713-963-5315
"Quid me nutrit me destruit."

 
 
This message is confidential and may be privileged. It is
intended solely for the named addressee. If you are not the
intended recipient please inform us. Any unauthorised
dissemination, distribution or copying hereof is prohibited.
As we cannot guarantee the genuineness or completeness of
the information contained in this message, the statements
set forth above are not legally binding.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Michael E. Willard: "panic - boot: Boot: scratch memory overflow"
• Previous message: robert.j.howlett@mainroads.qld.gov.au: "Help with SAN Configuration MPXIO/JNI/Hitachi"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:28:47 EDT