Date: Mon, 9 Oct 2000 12:32:27 -0500 From: "Doug Poland" <doug@polands.org> To: "ListServer FreeBSD Questions" <FreeBSD-Questions@FreeBSD.ORG> Subject: routing problem, what am I missing!?!?!? Message-ID: <NDBBKMNOJKJGAEKJNLIAIEFCELAA.doug@polands.org>
next in thread | raw e-mail | index | archive | help
Hello, I'm struggling here trying to get my 4.1.1-RELEASE box working as a gateway. I've followed the instructions on http://www.mostgraveconcern.com/freebsd/ipfw.html exactly and both NICs are functioning on their own networks. The box still appears to not route ip from ed0 (this NIC talks to my cable modem) to ed1 (on my internal network). When I ping from another fbsd box (10.20.1.134) on my network: % ping freebsd.org PING freebsd.org (216.136.204.18): 56 data bytes When I run #natd -v -n ed0 natd[257]: Aliasing to 24.164.246.248, mtu 1500 bytes I see many messages like... Oct 9 11:02:46 nebo routed[585]: Send bcast sendto (ed0,255.255.255.255.520): Network is unreachable On the console screen I get messages like... Oct 9 11:44:36 nebo /kernel: ed0: promiscuous mode enabled When I run #tcpdump -n -i ed0 I see many, many messages like... 11:03:23.827471 arp who-has 24.164.245.216 tell 24.164.244.1 11:03:23.827578 arp who-has 24.164.244.241 tell 24.164.244.1 11:03:23.841950 arp who-has 24.164.244.247 tell 24.164.244.1 11:03:23.882579 arp who-has 24.164.247.92 tell 24.164.244.1 11:03:23.891482 arp who-has 24.164.247.82 tell 24.164.244.1 Using the ping freebsd.org example above, I see this... 12:06:51.512227 24.164.246.248.1029 > 198.41.0.4.53: 53362 A? freebsd.org. (29) 12:06:51.567269 198.41.0.4.53 > 24.164.246.248.1029 53362- 0/6/6 (259) 12:06:51.593928 24.164.246.248.1029 > 204.216.27.53: 53503 A? freebsd.org. (29) 12:06:51.748317 204.216.3.53 > 24.164.246.248.1029: 53503* 1/7/7 A 216.136.204.18 (319) 12:06:51.853579 10.20.1.134 > 216.136.204.18: icmp: echo request 12:06:51.853623 10.20.1.134 > 216.136.204.18: icmp: echo request (the above lines repeat until I <ctl> c ping ############ ifconfig -a ed0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 inet6 fe80::200:c0ff:fef7:dc9e%ed0 prefixlen 64 scopeid 0x1 inet 24.164.246.248 netmask 0xfffffc00 broadcast 255.255.255.255 ether 00:00:c0:f7:dc:9e ed1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 inet6 fe80::200:e9ff:fef9:107d%ed1 prefixlen 64 scopeid 0x2 inet 10.20.1.129 netmask 0xffff0000 broadcast 10.20.255.255 ether 00:00:e9:f9:10:7d faith0: flags=8000<MULTICAST> mtu 1500 gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280 gif1: flags=8010<POINTOPOINT,MULTICAST> mtu 1280 gif2: flags=8010<POINTOPOINT,MULTICAST> mtu 1280 gif3: flags=8010<POINTOPOINT,MULTICAST> mtu 1280 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500 ########### ipfw list 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 65000 allow ip from any to any 65535 deny ip from any to any ########### /etc/rc.conf gateway_enable="YES" nfs_server_enable="YES" weak_mountd_authentication="YES" portmap_enabled="YES" portmap_flags="" network_interfaces="ed0 lo0 ed1" ifconfig_ed0="DHCP" hostname="nebo.new.rr.com" ntpdate_flags="ncar.ucar.edu" check_quotas="NO" ntpdate_enable="YES" sshd_enable="YES" local_startup="/usr/local/etc/rc.d" ifconfig_ed1="inet 10.20.1.129 netmask 255.255.0.0" firewall_enable="YES" firewall_script="/etc/rc.firewall" firewall_type="open" firewall_quiet="NO" natd_program="/sbin/natd" natd_enabled="YES" natd_interface="ed0" natd_flags="-f /etc/natd.conf" ########### /etc/resolv.conf search new.rr.com nameserver 24.164.225.35 nameserver 24.164.225.36 ########### /etc/natd.conf dynamic yes use_sockets same_ports yes ########### netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 24.164.244.1 UGSc 6 0 ed0 10.20/16 link#2 UC 0 0 ed1 => 10.20.1.128 0:0:c0:5d:35:ec UHLW 0 66 ed1 801 10.20.1.130 0:d0:59:1a:33:de UHLW 2 53 ed1 1094 24.164.244/22 link#1 UC 0 0 ed0 => 24.164.244.1 0:1:64:f6:48:54 UHLW 7 0 ed0 1160 127.0.0.1 127.0.0.1 UH 1 26 lo0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UH lo0 fe80::%ed0/64 link#1 UC ed0 fe80::%ed1/64 link#2 UC ed1 fe80::%lo0/64 fe80::1%lo0 Uc lo0 ff01::/32 ::1 U lo0 ff02::%ed0/32 link#1 UC ed0 ff02::%ed1/32 link#2 UC ed1 ff02::%lo0/32 fe80::1%lo0 UC lo0 So what am I missing? I'm so close but obviously I'm missing a key element. Many, many thanks for you help Regards, Doug To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NDBBKMNOJKJGAEKJNLIAIEFCELAA.doug>