Les Mikesell wrote: > On 6/13/2011 1:02 PM, m.roth at 5-cent.us wrote: >> We just went to replace the bridge/firewall services one one server with >> the same on another. It's pretty simple, and I literally cloned (w/ >> rsync) a third server that does this onto the one that will be the new >> one.Then >> copied the /etc/sysconfig/iptables from the one being replaced, and >> brought it up this morning. >> >> Nope. We had to put everything back the way it was. >> >> The new one sees the two or three servers behind the firewall, and we >> can ping them, from the new box. On one, we see IPP broadcasts; in fact, >> we >> see lots of broadcast packets using tcpdump. From outside, though, you >> can't see the servers. Trying to ping them, they see nothing. It seems >> to be the case that tcp and icmp packets are blocked, and we can't figure >> out why. <snip> > Are the HWADDR= entries fixed up to match the actual hardware after the > copy? And does ifconfig show that your config actually set up what you > expected? CentOS isn't very predictable in terms of which NIC gets > which interface name. Yes. And I made sure of that, before we started this excersize. (And my manager asked the same question - he's one of us, you see, *not* a PHB) mark mark