Date: Sun, 27 May 2001 07:39:33 +0200 From: alex <ml-freebsd-net@phobgate.de> To: Brandt <brandt@unkempt.net>, freebsd-net@freebsd.org Subject: Re: natd, 2 NIC's, 2 Hubs, Something I'm missing? Message-ID: <3106695403.990949173@[192.168.2.94]> In-Reply-To: <00c901c0e655$481099b0$14be2ece@osc20>
next in thread | previous in thread | raw e-mail | index | archive | help
hi, i have a fbsd 4.3 box with natd acting as a router too. unfortunately i did all the natd and ipfw stuff in my own rc.firewall script. but here my suggestions: - kernel options seems to be ok for natd - in rc.conf remove the 'natd_flags="-f /etc/natd.conf"' line in NATD section (or do you have anything special in this file..?). remove the whole 'router_*' section (you probably don't need routing when doing nat). - as you have the 'gateway_enable=YES' in your rc.conf, net.inet.ip.forwarding should already be enabled (done by rc.network if gateway_enable=yes) and anything should be fine, well i hope so :) i'm just worried about your ifconfig output for dc0, hat it really hw_addr of ff:ff:ff:ff:ff:ff ? unusual i think..?? greetings, alex --On Samstag, 26. Mai 2001 21:32 -0500 Brandt <brandt@unkempt.net> wrote: > Hello all, this has got me stumped. > > FreeBSD 4.3 > vr0: ip= 65.3.111.111 subnet 255.255.255.0 > dc0: ip= 192.168.1.1 subnet 255.255.255.0 > > Kernel has been recompiled with IPDIVERT and IPFIREWALL options, > and every thing WORKS fine as long as I have both NIC's pluged into the > SAME hub. > > But shouldn't this also work when the vr0 interface is moved to a > seperate hub? So that the internet interface and the LAN interface > (dc0) are on seperate networks? > > The strange thing is that as soon as I unplug the 65.3.*.* interface from > the hub, the other 192.168.1.* boxes can't ping the dc0, 192.168.1.1 > interface even though they are still connected to the same hub. At the > same time, the dc0 interface can still ping the other LAN boxen on the > 192.168 network. > > Any ideas as to what is going on? > > - Brandt > ## My Kernel ########## > options IPDIVERT > options IPFIREWALL > > ## /etc/rc.conf ########## > sendmail_enable="YES" > sshd_enable="YES" > inetd_enable="YES" > gateway_enable="YES" > network_interfaces="vr0 lo0 dc0" > ifconfig_vr0="inet 65.3.111.111 netmask 255.255.255.0" > defaultrouter="65.3.111.1" > ifconfig_dc0="inet 192.168.1.1 netmask 255.255.255.0" > hostname="myhostname.mydomain.com" > > #NATD > natd_enable="YES" > natd_interface="vr0" > natd_flags="-f /etc/natd.conf" > > #FIREWALL > firewall_enable="YES" > firewall_script="/etc/rc.firewall" > firewall_type="open" > firewall_quiet="NO" > firewall_logging="YES" > firewall_flags="" > > #ATTEMPT TO CORRECT ROUTING TABLE > router_enable="YES" > router="routed" > router_flags="-s" > > ## ifconfig ########## > dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > inet 192.168.1.1 netmask 0xffff0000 broadcast 192.168.255.255 > inet6 fe80::280:c8ff:fee8:58fe%dc0 prefixlen 64 scopeid 0x1 > ether ff:ff:ff:ff:ff:ff > media: autoselect (100baseTX <full-duplex>) status: active > supported media: autoselect 100baseTX <full-duplex> 100baseTX > 10baseT/UTP <full-duplex> 10baseT/UTP none vr0: > flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet > 65.3.111.111 netmask 0xffffff00 broadcast 65.3.111.255 inet6 > fe80::280:c8ff:fee8:58fe%vr0 prefixlen 64 scopeid 0x2 ether > 00:80:c8:e8:58:fe > media: autoselect (10baseT/UTP) status: active > supported media: autoselect 100baseTX <full-duplex> 100baseTX > 10baseT/UTP <full-duplex> 10baseT/UTP none > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3106695403.990949173>