Date: Fri, 23 Jul 1999 00:30:32 -0400 From: "James Gill" <gill@topsecret.net> To: <cjclark@home.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: RE: my gateway is a gate, but not a way! Message-ID: <NDBBJDFMIMOCFNNCEKADKEHOCKAA.gill@topsecret.net> In-Reply-To: <199907230330.XAA14753@cc942873-a.ewndsr1.nj.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks Crist, I've got it now. My configuration problem was having the .33 box set with .1 as it's default gateway instead of .2 =) -> -> James Gill wrote, -> > Here is a diagram of the network as it is currently -> implemented (wrapped for -> > readability): -> > -> > -> > +==========+==========\ -> > .130 .131 .129 -> > + -> > .2 -> > _____ / -> > Internet<==/_.1_/====+======== -> > .33 -> > -> > .130 and .131 are on the internal half of the 255.255.255.192 -> subnet. -> ^^^^^^^^^^^^^^^ -> OK, first point of confusion for me. If you have a mask like that, you -> only can be using numbers from 0-63 (1-62 usable), right? Actually, it -> would be more proper to say that you only have 62 host addresses to -> work with; they need not start at 1. -> -> I think I may not understand what that is a mask for. -> -> > The gateway, which has two NICs and .129 on the internal one -> and .2 on the -> > external one *should* route packets. .1 is an ISDN routing -> device (no ppp, -> > dialup headaches, yay!) and .33 is a machine that is -> (currently) on the -> > external side of the gateway. -> -> Ignoring that netmask stuff, I'm with you. -> -> > from .130 and .131 I can ping each other, .129 *and* .2 -> addresses, but *not* -> > the .33 or .1 addresses. from the gateway machine I can ping -> all addresses -> > on the network and internet. -> -> OK. Sounds like .33 and .1 don't know what to do with the packets, or -> (less likely) .129 is not passing them along. -> -> > I'm really not sure where to look first to make .33 and the internet -> > accessable from the internal machines. Eventually, the -> gateway machine will -> > be a firewall and NAT (and .33 will go to .133) but currently it is -> > installed with a minimal config, the source distribution, -> make, and bind -> > (bind is not yet configured). -> > -> > So let's start with what is in my /etc/rc.conf file on the gateway: -> > -> > # -- sysinstall generated deltas -- # -> > ntpdate_flags="ncar.ucar.edu" -> > saver="star" -> > blanktime="300" -> > gateway_enable="YES" -> > ntpdate_enable="YES" -> > network_interfaces="ed0 ed1 lo0" -> > ifconfig_ed0="inet 10.101.101.2 netmask 255.255.255.192" -> > ifconfig_ed1="inet 10.101.101.129 netmask 255.255.255.192" -> > defaultrouter="10.101.101.1" -> > #defaultrouter="NO" -> > hostname="panama.int.topsecret.net" -> > releaseName="" -> > #static_routes="route_int route_ext" #list of static routes -> > #route_int="-net 10.101.101.0 10.101.101.2" -> > #route_ext="-net 10.101.101.128 10.101.101.129" -> > -> > as you can see, i've tried a few things already and the -> gateway_enable="YES" -> > *is* turned on. When I uncomment the last three lines I get -> errors in the -> > myst that goes by as the system boots, but it's at some point -> after what -> > shows up in /var/run/dmesg.boot -> -> OK, I think I understand your netmasks now. -> -> > and here's what ifconfig -a shows me: -> > -> > ed0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 -> > inet 10.101.101.2 netmask 0xffffffc0 broadcast 10.101.101.63 -> > ether 00:80:29:ef:61:71 -> > ed1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 -> > inet 10.101.101.129 netmask 0xffffffc0 broadcast -> 10.101.101.191 -> > ether 00:80:29:ef:81:d1 -> > lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 -> > inet 127.0.0.1 netmask 0xff000000 -> -> [snip] -> -> > any suggestions? -> -> Sure. The problem likely has absolutely nothing to do with the gateway -> machine. The problem is the configuration of .1 and .33. How are .1 -> and .33 configured? When .33 or .1 receives a packet with an address -> to .130, what will it do with it? Does .33 expect .130 to be on the -> local ethernet? Does it have the route in place to send the packet to -> .2? Or does it send it to the default, .1? You're hosed if it thinks -> it's local. It should be working if it knows the route. And if it -> sends it to .1, it will only work if .1 then knows to bounce it back -> to .2. -> -> So, how are .33 and .1 set up? Turn on tcpdump on .2 and listen for -> packets when .33 tries to ping .130. Any trying to go? -> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NDBBJDFMIMOCFNNCEKADKEHOCKAA.gill>