Date: Tue, 15 Feb 2000 23:48:39 +0100 From: Dermot McNally <dermot@mcnally.de> To: freebsd-net@freebsd.org Subject: NAT issues with ppp Message-ID: <4.2.0.58.20000215233615.02334c30@tim>
next in thread | raw e-mail | index | archive | help
Folks, No sooner am I up and running with PPPoE than I hit a snag. When running ppp in -nat mode, I get What I Expect when connecting over a conventional external ISDN TA, but not using PPPoE. Here's my configuration: ed0 is connected to the DSL "Modem", has no IP address, but the interface is brought up at boot time. Internet access over PPPoE works. xl0 is connected to my local network. The FreeBSD box is configured as a gateway, and works as an Internet gateway from all boxes on my local network when using ISDN. When connecting over PPPoE, here are the symptoms: Gateway box: Can use any Internet services, everything works. Internal boxes (Windows and FreeBSD/alpha): Can do DNS lookups, pings and traceroutes. Can send mail to an external SMTP server. Telnet works, but starting pine in a Telnet session makes the session freeze (not sure how this could be...). Seems to be able to do passive FTP, can't do active. Can't browse Web with Netscape, nor use fetch to grab the contents of a URL. The Gateway box, as mentioned, can do all of these things. My question - is there any reason why the NAT functionality of ppp should work differently when the connection is using PPPoE and not a serial port? There doesn't appear to be anything in my configuration that could cause this. FWIW, here are tcpdump outputs from tun0, for a "fetch http://www.freebsd.org/", both from the gateway box and from an internal FreeBSD/alpha box: Gateway: 23:31:32.971235 62.158.207.171.1162 > 204.216.27.21.http: S 4244921612:4244921612(0) win 17520 <mss 1450> (DF) (ttl 64, id 28445) 23:31:33.345163 204.216.27.21.http > 62.158.207.171.1162: S 870726063:870726063(0) ack 4244921613 win 17400 <mss 1460> (DF) (ttl 46, id 566) 23:31:33.345293 62.158.207.171.1162 > 204.216.27.21.http: FP 1:127(126) ack 1 win 17520 (DF) (ttl 64, id 28447) 23:31:33.676529 204.216.27.21.http > 62.158.207.171.1162: . 1:1(0) ack 128 win 17274 (DF) (ttl 46, id 588) 23:31:33.702500 204.216.27.21.http > 62.158.207.171.1162: . 1:1451(1450) ack 128 win 17400 (DF) (ttl 46, id 589) 23:31:33.702625 62.158.207.171.1162 > 204.216.27.21.http: . 128:128(0) ack 1451 win 16070 (DF) (ttl 64, id 28467) 23:31:33.718568 204.216.27.21.http > 62.158.207.171.1162: . 1451:2901(1450) ack 128 win 17400 (DF) (ttl 46, id 590) 23:31:33.718659 62.158.207.171.1162 > 204.216.27.21.http: R 4244921740:4244921740(0) win 0 (ttl 64, id 28473) 23:31:34.063055 204.216.27.21.http > 62.158.207.171.1162: R 870727514:870727514(0) win 0 (ttl 46, id 607) Internal: 23:32:19.257112 192.168.0.1.1040 > 204.216.27.21.http: S 2290649560:2290649560(0) win 16384 <mss 1460> (DF) (ttl 63, id 11973) 23:32:19.550951 204.216.27.21.http > 192.168.0.1.1040: S 887263498:887263498(0) ack 2290649561 win 17520 <mss 1460> (DF) (ttl 46, id 5591) 23:32:19.551425 192.168.0.1.1040 > 204.216.27.21.http: FP 1:128(127) ack 1 win 17520 (DF) (ttl 63, id 11974) 23:32:19.846814 204.216.27.21.http > 192.168.0.1.1040: . 1:1(0) ack 129 win 17393 (DF) (ttl 46, id 5606) Any ideas? Thanks, Dermot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.0.58.20000215233615.02334c30>