Date: Tue, 12 Jan 2010 08:16:44 -0500 From: nvidican@envieweb.net To: Paul Shi <shihang@hkusua.hku.hk> Cc: freebsd-questions@freebsd.org Subject: Re: Setup of Router machine with FreeBSD Message-ID: <20100112081644.rjooqz9544kwokws@www.envieweb.net> In-Reply-To: <ea6713a21001120002n3831ccf0v60d270b0c8fe281d@mail.gmail.com> References: <ea6713a21001110710i6d347f84wdc0b55d29dcb510c@mail.gmail.com> <20100111104440.2vc6xxvc0k8oc80g@www.envieweb.net> <ea6713a21001120002n3831ccf0v60d270b0c8fe281d@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Paul, The key thing you need to look at is enabling routing on the machine =20 you want to act as a gateway. Given the dual-homed nature of the =20 machine it's routing table will already contain each of the interfaces =20 on the two networks, and as such the router machine will 'know' how to =20 connect to each of the networks it is on. What is missing, is that you =20 must tell the router machine that it can relay information across =20 these known networks for other hosts. As with most things, there's better documentation available on the =20 subject, and I'd HIGHLY recommend you try reading the following =20 handbook section 'Gateways and Routes' for a better understanding: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-routing.ht= ml Within that section, it will elaborate as to how you can turn on and =20 off the function to act as a gateway for other hosts. As in my =20 original email reply to the list, the specific command is 'sysctl' =20 which allows you to tune key variables controlling the kernel =20 functionality - in this case, the behavior of acting as a gateway. Please take a few moments and read through that section, it should =20 greatly clarify some things for you. As always, feel free to ask again =20 if you need further help with something. Regarding your ping problem; are you using the correct cabling to go =20 from ethernet card to card? You must use cross cables for direct =20 connections, and straight-through if using a hub or switch. Assuming =20 that you have no firewall in place blocking traffic, then ping should =20 work fine - I would suggest you check your cabling first and go from =20 there. Running the command 'ifconfig -a' will list your active network =20 interfaces and should show the 'media state' as being connected and at =20 what speed/duplex - check there first and work your way back. Hope this helps. -- Nathan Vidican nathan@vidican.com Quoting Paul Shi <shihang@hkusua.hku.hk>: > Nathan, > > Thank you very much for your reply. > > I have tried out your suggestion and experienced some problem. Hope you > could kindly shed some light on them and I really appreciate it. > > First, I experienced connection problem from server machine(192.168.2.1) t= o > router interface (192.168.2.2). I connected the two network cards with > standard Internet cable and tried to ping each other. However, it output > following message which makes me think the connection between server and > router is problematic; > > PING sendto Host is down. > > Any idea why this is happening? I think "ping" should work as long as I se= t > the IP of network cards correctly and connect them with cable. > > Second, I am confused about the setup at the router machine. How the route= r > machine figures out the relationship between 192.168.2.2 and 192.168.1.1 i= f > we do not configure it to do so? Is there anything needs to be done beside= s > adding route at server machine and client? > > Thank you very much for your kind attention! Have a nice day! > > Your sincerely, > Paul Shi > Electronic and Communication Engineering Senior > Department of Electrical and Electronic Engineering > University of Hong Kong > > > On Mon, Jan 11, 2010 at 11:44 PM, <nvidican@envieweb.net> wrote: > >> Quoting Paul Shi <shihang@hkusua.hku.hk>: >> >> Dear All, >>> >>> I have tried to setup a wireless network consist of a server, AP, a rout= er >>> machine and wireless client. Here is setup and configuration of my desig= n. >>> Please correct me if I am wrong about anything. >>> >>> Server >>> IP: 192.168.2.1, Gateway: 192.168.2.2, Netmask: 255.255.255.0 >>> >>> ------------------------------------------------------------------------= --------------------- >>> IP: 192.168.2.2, Netmask: 255.255.255.= 0 >>> Router >>> IP: 192.168.1.1, Netmask: 255.255.255.= 0 >>> >>> ------------------------------------------------------------------------= --------------------- >>> IP:192.168.1.2, Gateway: 192.168.1.1, Netmask: 255.255.255.0 >>> Access Point >>> >>> ------------------------------------------------------------------------= --------------------- >>> IP: 192.168.1.3, Netmask: 255.255.255.0 >>> Client >>> >>> I have add following to /etc/rc.conf of server machine >>> >>> static_routes=3D"serverinternal" >>> routes_serverinternal=3D"'-net 192.168.2.1/24 192.168.2.2" >>> >>> and following to /etc/rc.conf of router machine >>> >>> static_routes=3D"internal" >>> routes_internal=3D"'-net 192.168.2.2/24 192.168.1.1" >>> >>> Is there anything I have done wrong? Or anything else I need to do. My >>> problem now is I cannot connect from server to router machine. Any >>> suggestion would be greatly appreciated! >>> >>> Your sincerely, >>> Paul Shi >>> Electronic and Communication Engineering Senior >>> Department of Electrical and Electronic Engineering >>> University of Hong Kong >>> _______________________________________________ >>> freebsd-questions@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >>> To unsubscribe, send any mail to " >>> freebsd-questions-unsubscribe@freebsd.org" >>> >>> >> Paul, >> >> It seems to me your problem is in your route configuration. " >> 192.168.2.1/24" is incorrect, /24 indicates the bitmask; the network >> address should be correctly written as "192.168.2.0/24" instead indicatin= g >> a network address of '192.168.2.0' with a network of 254 usable IP addres= ses >> in the same subnet. >> >> You'll thus only have to have ONE route entry for the whole network, not >> one per IP (unless that is your intention -in which case the '-net' synta= x >> is incorrectly being used). So long as routing is turned on (man sysctl), >> simply pointing the server to the router and the client to the router to >> connect to each other should work. Try doing the commands from the consol= e >> first to get it all working, then worry about putting in the startup conf= igs >> on boot-up. >> >> Given your example, I'd login to 'server' and run: >> >> route add 192.168.1.0/24 192.168.2.2 >> (if the router is the ONLY router from the server, use this instead): >> route add 0.0.0.0 192.168.2.2 >> >> Then, from the client, add: >> route add 192.168.2.0/24 192.168.1.1 >> >> The gateway/router box itself does not need any routing setup internally; >> you don't need/shouldn't be setting any routes given that 192.168.2.2, an= d >> 192.168.1.2 are hosts on the two networks for which you want to allow >> routes. They key is in getting the clients to both use the same gateway, = (as >> accessible from the network they are respectfully on). This may be a litt= le >> more clearly depicted below: >> >> Host A (192.168.2.1) <--> Router (192.168.2.2) (192.168.1.1) <--> Host B >> (192.168.1.3) >> >> Host A: >> - needs to know to use '192.168.2.2' as it's gateway to 192.168.1.0/24 >> - may just use 192.168.2.2 as it's default gateway to ANY network >> >> Host B: >> - needs to know to use '192.168.1.1' as it's gateway to 192.168.2.0/24 >> - similarly, may just use '192.168.1.1' as it's default gateway to ANY a= s >> well >> >> Assuming you're connecting the internet at some point to the gateway >> (router) machine, a decent firewall filter and NAT will most likely be >> required as well. Read up in the handbook a bit on the subject or feel fr= ee >> to come back for more info if needed. >> >> Hope this helps. >> >> -- >> Nathan Vidican >> nathan@vidican.com >> >> > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.or= g" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100112081644.rjooqz9544kwokws>