Re: changing ethernet devices, new one stops cold at iptables

[David Ford]

No need to reboot it.  Simply flush the neighbor cache.

Scott root # ip neigh flush help
Usage: ip neigh { add | del | change | replace } { ADDR [ lladdr LLADDR ]
         [ nud { permanent | noarp | stale | reachable } ]
         | proxy ADDR } [ dev DEV ]
      ip neigh {show|flush} [ to PREFIX ] [ dev DEV ] [ nud STATE ]

David

Gene Heskett wrote:

> On Sunday 25 July 2004 05:50, Henrik Nordstrom wrote:
>  
>
> > On Thu, 22 Jul 2004, Gene Heskett wrote:
> >    
> >
> > > I can ping the firewall, and I can ssh into it, so that part of
> > > the network is fine, I just cannot get past iptables in the
> > > firewall when eth0 is the nforce hardware, which has a different
> > > MAC address.
> > >      
> > Have you verified that the routing got correctly set up on the new
> > box?
> >
> >  ip ro ls
> >
> > The usual cause to the symptoms you describe is that the default
> > route has gone missing or is invalid.
> >    
>
> The routing was good, showing the fireall as the default gateway 
> address.
>
> In this case, the fix was to reboot the firewall so that its arp 
> tables got refreshed to match the new MAC address of the onboard 
> nforce (forcedeth) nic.  Once that was done, everything was peachy.
>
> Thanks, I appreciate the reply, Henrik.
>
>  
begin:vcard
fn:David Ford
n:Ford;David
email;internet:david@xxxxxxxxxxxxx
title:Industrial Geek
tel;home:Ask please
tel;cell:(203) 650-3611
x-mozilla-html:TRUE
version:2.1
end:vcard