RV042 Firewall issues with Fedora Core 5

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by arr2036, Aug 27, 2006.

  1. arr2036

    arr2036 Network Guru Member

    I live in a shared house and recently purchased an rv042 and all the accompanying networking gear.

    We currently have five computers on the network one PPC running windows mobile one Mac laptop one xp prosp2 machine one win2k laptop and one Linux box dual booting suse and fedora core 5.

    Every computer can access the internet fine when the firewall is enabled on the router except the Linux box when it's booted fedora core 5.

    Some websites will load fine such as google.com others like live journal with half load then stop and others just won't load at all.

    When the Linux box is booted into Suse it can access everything fine with the firewall on, so it's defiantly not a hardware issue.

    Tried upgrading the router to and changing the MTU to 1458 but both have had little effect.

    If anyone could shed some light onto this it would be most appreciated. Also whats the deal with v, it appears in the downloads section but It gives me an error message when I try and download it.
  2. Toxic

    Toxic Administrator Staff Member

    The v1.3.7.10 is an Alpha code that I should not have put up it has been removed and is NOT available for download. it contains one new feature that is not fully tested. once it is fully tested it will be moved to beta.

    Now. the RV042 works fine with ALL PCs connected. Except for one dual boot system. this Dual boot system works for SUSE, but not for Fedora. so what I gather Fedaora's network settings are not entirely the same as the SUSE settings. is it using a different Subnet? different Subnet mask?

    the problem to me would be the fedora configuration and not the RV042 since you have proved the Dual boot system does work on SUSE. so no hardware issue. and certainly the RV042 works fine with it.
  3. ka9yhd

    ka9yhd LI Guru Member

    Yes I agree with Simon. Check your network settings.

    I have been using various Linux distros, Win XP, Win 98, and an Apple iMac with OSX 10.3.9 and never had a problem connecting.
  4. arr2036

    arr2036 Network Guru Member

    Yes thats what I thought, but all the network settings on Fedora are coming up like they should.

    To make things matter weirder, prior to getting ADSL activated I was using a wap54g in client mode to pick up internet from an unsecure WRT54G, in that configuration everything was working fine on fedora...

    So It must be an imcompatiblity between Fedora and the rv042.

    Theres also a second problem where if the router sends out it's own IP as the DNS server e.g fedora can't resolve any addresses. However if the DHCP server passes the ISP's addresses through it can resolve everything fine.

    I'm confused.

    If anyone is running Fedora Core 5 and a rv042 or even a RVxxx and they have it working, then I can tell my housemate that he has to reinstall Fedora.

    Thanks for your replies so far :)
  5. digit2006

    digit2006 LI Guru Member

    I am running 3 FC5 boxes and all have access to the web, one is a WINS, Intranet server the other is an EMAIL server and the other is an FTP server... all are working great! Tell your roomate he should just set DHCP and make sure you have primary and secondary DNS set in the DHCP config on the RV042.

  6. giffordj

    giffordj LI Guru Member

  7. Toxic

    Toxic Administrator Staff Member

  8. giffordj

    giffordj LI Guru Member

    I think we probably should track the firmware revisions and Fedora Core 5 Kernels.

    My RV016 is using 2.0.10
    Fedora Kernel is 2.6.17-1.2174
  9. aver5

    aver5 LI Guru Member

    Since kernel 2.6.17 stack windows sizes are larger
    It's a good thing for high bandwith
    so negociation with other equipement are based on windows scale
    and it seem that some routers don't understand very well this option
    even i'ts not a bug on theses kernel but on middle box like somes routers
    you can modify windows scaling on your FC5 installation :
    add this line in /etc/sysctl.conf
    net.ipv4.tcp_window_scaling = 0
    execute sysctl -p /etc/sysctl.conf or restart your computer
    and all wil lbe fine
    NOTE : disabeling windows scaling can is not a good idea for large networks with hight latency but in most case ( DSL , ADSL) it doesn't affect performances
  10. arr2036

    arr2036 Network Guru Member

    Thanks, will pass the info on as soon as he gets back and let you know the result.

    Can now confirm using the router as a DNS forwarder also fails on Mac OSX. see this wouldn't be an issue except when external DNS addresses are sent via DHCP you lose internal DNS on the network (RV042 has a built in DNS server like most routers).

    But no matter now, the latest firmware (V1.3.7.9) refuses to let me set the router back as a DNS server anyway, I can type it's ip in the primary dns box ( but even after deleting the dhcp leases of the router and doing renewing the DHCP lease on my computer it still gives the ISP's DNS servers instead of the addresses I entered :(
    This may however be a stop gap fix, whilst linksys investigate the forwarding issue.
    Note that if you try and set the DNS server to another IP say it'll do it fine, so you can still run a DNS server on your network, just not the inbuilt one.
  11. arr2036

    arr2036 Network Guru Member

    Thanks Aver, Can confirm that this has fixed the problem :)

    However still weirdness with DNS , can anyone shed some light on this ?
  12. aver5

    aver5 LI Guru Member

    Look at my post about tunning tcp-ip stack with sysctl it will solve your problem
  13. arr2036

    arr2036 Network Guru Member


    But it looks like linksys have temporarily disabled local DNS in their latest Beta Firmwares, as this is an issue on macs as well it would seem.

    Any chance one of the admins could make a sticky about FC5, I imagine there are many more confused FC5 users out there.
  14. aviegas

    aviegas Network Guru Member

    The main issue here sounds like the one with Windows Vista new TCP stack. Same behavior and the same reason: TCP window size.
    Windows Vista TCP stack includes a featue that will allow the window size to "change" and it has a terrible interaction with any SPI firewall.
    I'm still trying to figure out why this fails, but there is a way to turn it off in Windows Vista, much like the one for Linux

    netsh int tcp set global autotuninglevel=disabled

    I hope M$ will have it either fixed or an easy way to handle it by the time they release it

    as for FC5 and other Linux distributions what support the tcp_window_scaling, the quick way to get it off in a single command is:

    echo 0 > /proc/sys/net/ipv4/tcp_window_scalling

    No need to reinitialize the TCP stack or reboot. Still needs the configuration line for it to work on the next boot.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice