Date: Sun, 1 Nov 1998 00:41:23 +0900 From: john cooper <john@isi.co.jp> To: freebsd-hackers@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG, jabley@clear.co.nz, john@isi.co.jp Cc: tfujii@isi.co.jp Subject: Re: Request help with packet forwarding problem [2.2.7].. Message-ID: <98Nov1.004713jst.21889@ns.isi.co.jp>
next in thread | raw e-mail | index | archive | help
> Date: Sat, 31 Oct 1998 23:45:36 +0900 > From: Joe Abley <jabley@clear.co.nz> > To: john cooper <john@isi.co.jp>, freebsd-hackers@FreeBSD.org, > freebsd-questions@FreeBSD.org > Cc: tfujii@isi.co.jp > Subject: Re: Request help with packet forwarding problem [2.2.7].. > > > John, > > Could you do a "netstat -rn" on A, B and FW, and post the output? Machine A: Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 203.168.62.35 UGSc 0 21183 ed1 127.0.0.1 127.0.0.1 UH 0 7 lo0 203.168.62 link#1 UC 0 0 203.168.62.35 0:0:f4:4a:ad:e8 UHLW 2 312 ed1 1125 203.168.62.58 0:20:18:71:be:2d UHLW 1 26 lo0 Machine FW: Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 202.214.62.33 UGSc 4 530 vx0 127.0.0.1 127.0.0.1 UH 0 2 lo0 202.214.62 link#1 UC 0 0 202.214.62.33 0:a0:de:0:13:76 UHLW 4 0 vx0 15 202.214.62.35 0:a0:24:2a:9:24 UHLW 0 34 vx0 795 202.214.62.62 link#1 UHLW 1 8266 203.168.62 link#2 UC 0 0 203.168.62.35 0:0:f4:4a:ad:e8 UHLW 0 8 lo0 203.168.62.58 0:20:18:71:be:2d UHLW 0 2 ed0 1197 Machine B: Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 202.214.62.33 UGSc 2 87918 vx0 127.0.0.1 127.0.0.1 UH 0 180 lo0 202.214.62/25 link#1 UC 0 0 202.214.62.33 link#1 UHLW 3 0 202.214.62.35 0:a0:24:2a:9:24 UHLW 2 3142 vx0 1101 202.214.62.40 0:a0:24:7d:c6:7c UHLW 2 297 vx0 1038 202.214.62.62 0:a0:24:7d:c6:43 UHLW 0 0 lo0 203.214.62 202.214.62.40 UGSc 0 596 vx0 > Where were you running tcpdump? On machine FW. > Were you identifying the gateway for > each ICMP request or response by looking at the destination ethernet > address? No, I was referring to /etc/rc.conf: defaultrouter="..." Thanks for the response, -john > > Joe > > On Sat, Oct 31, 1998 at 11:06:16PM +0900, john cooper wrote: > > I'm trying to get a system configured as a gateway. The > > first step [which I thought would be simple] was to simply > > forward packets between interfaces: > > > > > > ------- > > | | default gateway: 203.168.62.35 > > | A | > > | | > > ------- > > | 203.168.62.58 (ed1) > > | > > | 203.168.62.35 (ed0) > > ------- > > | | default gateway: ISP router > > | FW | net.inet.ip.forwarding: 1 > > | | > > ------- > > | 202.214.62.40 (vx0) > > | > > -----|-----------------------------> ISP router + DNS server > > | > > | 202.214.62.62 > > ------- > > | | default gateway: ISP router > > | B | static route: 202.214.62.40 for net 203.168.62.0 > > | | > > ------- > > > > Using netstat and tcpdump I discovered the following. If I ping > > machine B from A, I can see the ICMP packets make this journey: > > > > ICMP request: A --> FW --> B > > ICMP reply: B --> FW --> land of no return > > > > If I ping machine A from B, I get this: > > > > ICMP request: B --> FW --> ISP router > > > > I seems that FW will only forward packets in one direction. > > However in the first case it appears the ICMP reply packets > > are silently dropped [netstat does not report dropped packets]. > > > > In the second case, FW is actively trying to forward the packets > > to the default gateway. > > > > I'm at a loss to explain why this is occuring. I've enabled > > packet forwarding in FW's kernel. Is something else required > > to get packets forwarded between network interfaces on the same > > machine??? > > > > Incidentally, IPFW is not built into machine FW's kernel. > > > > Any suggestions would be most appreciated. > > > > Thanks, > > > > -john > > -- > Joe Abley <jabley@clear.co.nz> Tel +64 9 912-4065, Fax +64 9 912-5008 > Network Architect, CLEAR Net http://www.clear.net.nz/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?98Nov1.004713jst.21889>