From owner-freebsd-net@FreeBSD.ORG  Wed Sep 13 13:06:54 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D3E0716A403
	for <freebsd-net@freebsd.org>; Wed, 13 Sep 2006 13:06:54 +0000 (UTC)
	(envelope-from p.chadwick@internode.on.net)
Received: from smtp1.adl2.internode.on.net (smtp1.adl2.internode.on.net
	[203.16.214.181])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4EA2B43D45
	for <freebsd-net@freebsd.org>; Wed, 13 Sep 2006 13:06:54 +0000 (GMT)
	(envelope-from p.chadwick@internode.on.net)
Received: from kt400.internode.on.net (ppp54-236.lns1.cbr1.internode.on.net
	[59.167.54.236])
	by smtp1.adl2.internode.on.net (8.13.6/8.13.5) with ESMTP id
	k8DD6pK6081080
	for <freebsd-net@freebsd.org>; Wed, 13 Sep 2006 22:36:52 +0930 (CST)
	(envelope-from p.chadwick@internode.on.net)
Received: from kt400.internode.on.net (localhost.internode.on.net [127.0.0.1])
	by kt400.internode.on.net (8.13.6/8.13.4) with ESMTP id
	k8DD8WIw001267
	for <freebsd-net@freebsd.org>; Wed, 13 Sep 2006 23:08:32 +1000 (EST)
	(envelope-from p.chadwick@internode.on.net)
Received: (from phil@localhost)
	by kt400.internode.on.net (8.13.6/8.13.4/Submit) id k8DD8Vrq001266
	for freebsd-net@freebsd.org; Wed, 13 Sep 2006 23:08:31 +1000 (EST)
	(envelope-from phil)
Message-Id: <200609131308.k8DD8Vrq001266@kt400.internode.on.net>
To: freebsd-net@freebsd.org
Date: Wed, 13 Sep 2006 23:08:31 +1000 (EST)
Sender: p.chadwick@internode.on.net
From: Phil Chadwick <p.chadwick@internode.on.net>
X-Mailer: ELM [version 2.4ME+ PL121h (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII
Subject: FreeBSD 6.1 + ath0 + NAT
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Phil Chadwick <p.chadwick@internode.on.net>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Sep 2006 13:06:54 -0000

Hi all,

This is my first post, so please be gentle :-)

I have a Linksys WAG54G V.2 ADSL modem (Firmware Version: 1.00.39)
connection to the Internet, and a Netgear WG311T wireless Ethernet card
running on FreeBSD 6.1 (PC#1).

Recently I added a second FreeBSD 6.1 system (PC#2) which has no
wireless card (well it does, but it's a TI chipset not supported in
FreeBSD).  So I connected it to PC#1 with a Gigabit copper wire
connection.  I also added firewall and NATing on PC#1 to provide PC#2
with a route to the Internet.

When I boot PC#1, the connection between ath0 and the ADSL modem will run
as expected (routing to the Internet for itself and PC#2) for some time
(roughly anywhere from 0 to 30 minutes), but always eventually hangs.
It's then not possible to ping the ADSL modem.

The hang happens regardless of whether the new (PC#2) system is booted
or not.

The PC#1 ath0 wireless connection has been woking flawlessly (without
the firewall and NAT changs) for nearly a year (originally under FreeBSD
6.0 with Sam Lefflers ath patches) and more recently on FreeBSD 6.1.

Can anybody spot anything obviously wrong with the new setup, or know of
any bug reports that might impact a NATing gateway on a wireless connection?

I have also recently discovered the link goes up and down every 20 or 30
minutes with what looks like a DHCP lease renewal.  This extracted from
/var/log/messages:

Sep 13 19:42:21 kt400 kernel: ath0: link state changed to DOWN
Sep 13 19:42:23 kt400 kernel: ath0: link state changed to UP
Sep 13 19:42:23 kt400 dhclient: New IP Address (ath0): 192.168.1.64
Sep 13 19:42:23 kt400 dhclient: New Subnet Mask (ath0): 255.255.255.0
Sep 13 19:42:23 kt400 dhclient: New Broadcast Address (ath0): 192.168.1.255
Sep 13 19:42:23 kt400 dhclient: New Routers (ath0): 192.168.1.1
Sep 13 20:12:21 kt400 kernel: ath0: link state changed to DOWN
Sep 13 20:12:23 kt400 kernel: ath0: link state changed to UP
Sep 13 20:12:23 kt400 dhclient: New IP Address (ath0): 192.168.1.64
Sep 13 20:12:23 kt400 dhclient: New Subnet Mask (ath0): 255.255.255.0
Sep 13 20:12:23 kt400 dhclient: New Broadcast Address (ath0): 192.168.1.255
Sep 13 20:12:23 kt400 dhclient: New Routers (ath0): 192.168.1.1
Sep 13 21:32:21 kt400 kernel: ath0: link state changed to DOWN
Sep 13 21:32:24 kt400 kernel: ath0: link state changed to UP

Looks like a smoking gun?  Is this likely to upset the firewall/NATing?

[I have not yet had a chance to correlate the hang with the lease renewal,
but will test that tomorrow.]

In the kernel config file I have added:

options IPFIREWALL
options IPDIVERT

In /etc/rc.conf I have:

# See also /etc/wpa_supplicant.conf
ifconfig_ath0="WPA DHCP"
# Private x-over to printer
ifconfig_rl0="inet kt400pr netmask 255.255.255.0 broadcast 10.0.0.255"
# Private x-over to Dell 350 (PC#2)
ifconfig_sk0="inet gbkt400 netmask 255.255.255.0 broadcast 192.168.2.255"
# These added for firewall/NATing
gateway_enable="YES"
firewall_enable="YES"
firewall_type="OPEN"
natd_enable="YES"
natd_interface="ath0"
natd_flags=""

[kt400.145] cat /etc/wpa_supplicant.conf
network={
    ssid="linksys"
    key_mgmt=NONE
    wep_key0=xxxxxxxxxx
    wep_tx_keyidx=0
}

[kt400.146] ifconfig -a
sk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet6 fe80::215:e9ff:feb0:e5b0%sk0 prefixlen 64 scopeid 0x1
inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255
ether 00:15:e9:b0:e5:b0
media: Ethernet autoselect (none)
status: no carrier

ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::20f:b5ff:fef6:28eb%ath0 prefixlen 64 scopeid 0x2
inet 192.168.1.64 netmask 0xffffff00 broadcast 192.168.1.255
ether 00:0f:b5:f6:28:eb
media: IEEE 802.11 Wireless Ethernet autoselect (DS/11Mbps)
status: associated
ssid linksys channel 11 bssid 00:14:bf:7a:57:94
authmode OPEN privacy ON deftxkey 1 wepkey 1:40-bit txpowmax 37
protmode CTS burst roaming MANUAL bintval 100

rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet6 fe80::220:edff:fe70:471a%rl0 prefixlen 64 scopeid 0x3
inet 10.0.0.254 netmask 0xffffff00 broadcast 10.0.0.255
ether 00:20:ed:70:47:1a
media: Ethernet autoselect (none)
status: no carrier

fwe0: flags=108802<BROADCAST,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
options=8<VLAN_MTU>
ether 02:00:20:71:b9:a6
ch 1 dma -1
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
inet 127.0.0.1 netmask 0xff000000


Thanks,


-- 
Phil

I don't do drugs anymore 'cause I find I get the same effect just by standing
up really fast.
        -- Johnathan Katz