Date: 26 Sep 2001 10:04:26 -0700 From: swear@blarg.net (Gary W. Swearingen) To: Joe Abley <jabley@automagic.org>, Jamie Norwood <mistwolf@mushhaven.net>, David Wolfskill <david@catwhisker.org> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: 127/8 continued Message-ID: <f18zf1vq79.zf1@localhost.localdomain> In-Reply-To: <20010926103827.S37693@buffoon.automagic.org> References: <20010924094048.X5906-100000@coredump.scriptkiddie.org> <3BB0A0A2.6CCC454B@chrisland.net> <j2lmj2vjmy.mj2@localhost.localdomain> <20010926103827.S37693@buffoon.automagic.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for your responses, David, Jamie, and Joe. Sorry for the whining; I had intended to withhold it until I had my story better organized. But I'm just frustrated, after reading several networking books, many articles, and man pages repeatedly, having a three-sigma IQ and over 20 years of computing , yet still have to resort to experimental methods to get a working network of only 3 computers. And the network I've got isn't what I intended nor what I still think I could eventually achieve if I have enough persistence to reverse-engineer the software or learn from the mailing lists what I haven't learned from the poor documentation. I'd really rather be helping work on FreeBSD documentation (which is what I want to do with my recreational computing time). (As much as I hate M$, I have no doubt why the future of Unix (of which I'm a 12-year user), sadly, dim.) Joe wrote: > Are you sure you're just not setting your interface netmask incorrectly? I'm sure that it's incorrect by some definitions. It's correct in the sense that it works, if awkwardly. AFAIK, I don't have enough IP addresses (/29 subnet) to make it correct by standard definitions. My complaint is that it is, AKAIK, an unnecessary design restriction. (Maybe if I knew "bridging" better it would be a non-issue for me.) > If you configure the interface with a netmask of 255.255.255.255 there > should be no connected subnet route to add. I've tried configuring with a CIDR /32 address and using the point-to-point scheme and have never been able to get a packet past my gateway/route when the netmask is 255.255.255.255. I've managed to get something working by using /31 so there's a default route to my firewall and a route on addr/31 out the interface. My biggest problems have been with the inscrutable "route" command. I add a route to the firewall and it sets the gateway localhost's interface to the firewall (so it pings itself). Why? I use one command (I forget right now) with "-interface xl0" and it sets the gateway to "xl0something", apparently a bug. I configure the interface point-to-point and try adding a default route to the other end and it says it can't find the other end. I could go on, but I'd rather do it when I get things stable under 4.4 and can discuss problems one at a time with logs, etc. What I've got here is a firewall connected via crossover cables to a DSL router, a DMZ server, and a workstation. Most people do this with NAT but I haven't been convinced that that is the optimum scheme (though I know I wouldn't have had the problems I've had) as long as your firewall is well configured. I started trying to use network 10.x addresses on all NICs and alias a couple public addresses for the server and workstation, but I couldn't get that to work and have resorted to public address on all NICs. With a /29 subnet, I don't have enough to have three sub-subnets for my three network segments, but have managed to get it to work in what I think is a non-standard scheme with a router between the three segments of one subnet. I've thought about trying the "bridging" setup, but that's so under-documented, that I've been discouraged to try that so far. Geeze, I do go on and on. You deserve a medal if you've read all that. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f18zf1vq79.zf1>