Did I take down the whole Middle School with NAT?

Gavin McCullagh gmccullagh at gmail.com
Sat Sep 12 11:19:46 BST 2009


On Fri, 11 Sep 2009, Joseph Hartman wrote:

> Hmmm...I have 2 NIC cards on the server, and from what I understand
> (admittedly not much) it shouldn't be possible for other computers around
> campus to find that server for IP addresses since it's serving the sub
> network only. 

That's the theory alright, but it seems pretty clear that for some reason
it started serving DHCP to your main network.  NAT of itself would not
cause this.  A misconfigured DHCP is almost certainly the cause.  One
possible cause is that somehow the network cables got swapped between the
network cards.

> In any case, I went around yesterday and very methodically
> reconnected everything back up that the district guy and I had disconnected
> on Wednesday. The lab is again up and running and all the other classroom
> LTSP setups are running fine too. I renewed IP addresses on a few machines
> and got good numbers along the way so maybe it WAS just a coincidence.
> Thanks for the quick reply in any case. I took my first CCNA course last
> night so I'm on my way to knowing what I'm talking about. Cheers -joe

One suggestion if you want to be clear.  Run the following command on the
ltsp server

	sudo tcpdump -vn -i eth0 udp port 67 or port 68

this will capture all dhcp requests and replies which hit your eth0
interface (you might need to use eth1 if that's the interface on your main
network).  If you watch that for a while you should see dhcp requests
and responses and who they are coming from and to.  You will see for sure
then if your server ever responds to dhcp requests on that interface.


More information about the edubuntu-users mailing list