Date: Sat, 26 May 2001 21:59:23 -0500 From: "Brandt" <brandt@unkempt.net> To: <freebsd-net@freebsd.org> Subject: Re: natd, 2 NIC's, 2 Hubs, Something I'm missing? Message-ID: <00ef01c0e659$1a49dce0$14be2ece@osc20> References: <20010527025207.FXQD13163.femail1.sdc1.sfba.home.com@grinch>
next in thread | previous in thread | raw e-mail | index | archive | help
Well, I assumed the natd would be noticed in the subject line, and also it is listed under the "rc.conf" section I listed below. As for the dc0, I forgot I had tried a 255.255.0.0 subnet, and played with the broadcast just for giggles. Normally they are 255.255.0.0 and 192.168.1.255 respectively. And no its not the firewall rules, I don't think, but I'm no expert. ## ipfw ######### 00050 divert 8668 ip from any to any via vr0 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 00300 deny ip from 127.0.0.0/8 to any 65000 allow ip from any to any 65535 deny ip from any to any ----- Original Message ----- From: "Justin C.Walker" <justin@mac.com> To: <freebsd-net@FreeBSD.ORG> Sent: Saturday, May 26, 2001 9:52 PM Subject: Re: natd, 2 NIC's, 2 Hubs, Something I'm missing? > Your msg implies you're using NAT, but you've not included anything > about the NAT config. Also, the 'ifconfig' output for dc0 doesn't > jibe with the rest of your message. > > Regards, > > Justin > > On Saturday, May 26, 2001, at 07:32 PM, Brandt wrote: > > > Hello all, this has got me stumped. > > > > FreeBSD 4.3 > > vr0: ip= 65.3.111.111 subnet 255.255.255.0 > > dc0: ip= 192.168.1.1 subnet 255.255.255.0 > > > > Kernel has been recompiled with IPDIVERT and IPFIREWALL options, > > and every thing WORKS fine as long as I have both NIC's pluged into the > > SAME hub. > > > > But shouldn't this also work when the vr0 interface is moved to a > > seperate > > hub? So that the internet interface and the LAN interface (dc0) are on > > seperate networks? > > > > The strange thing is that as soon as I unplug the 65.3.*.* > > interface from the > > hub, the other 192.168.1.* boxes can't ping the dc0, 192.168.1.1 > > interface > > even though they are still connected to the same hub. At the same > > time, the > > dc0 interface can still ping the other LAN boxen on the 192.168 > > network. > > > > Any ideas as to what is going on? > > > > - Brandt > > ## My Kernel ########## > > options IPDIVERT > > options IPFIREWALL > > > > ## /etc/rc.conf ########## > > sendmail_enable="YES" > > sshd_enable="YES" > > inetd_enable="YES" > > gateway_enable="YES" > > network_interfaces="vr0 lo0 dc0" > > ifconfig_vr0="inet 65.3.111.111 netmask 255.255.255.0" > > defaultrouter="65.3.111.1" > > ifconfig_dc0="inet 192.168.1.1 netmask 255.255.255.0" > > hostname="myhostname.mydomain.com" > > > > #NATD > > natd_enable="YES" > > natd_interface="vr0" > > natd_flags="-f /etc/natd.conf" > > > > #FIREWALL > > firewall_enable="YES" > > firewall_script="/etc/rc.firewall" > > firewall_type="open" > > firewall_quiet="NO" > > firewall_logging="YES" > > firewall_flags="" > > > > #ATTEMPT TO CORRECT ROUTING TABLE > > router_enable="YES" > > router="routed" > > router_flags="-s" > > > > ## ifconfig ########## > > dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > > inet 192.168.1.1 netmask 0xffff0000 broadcast 192.168.255.255 > > inet6 fe80::280:c8ff:fee8:58fe%dc0 prefixlen 64 scopeid 0x1 > > ether ff:ff:ff:ff:ff:ff > > media: autoselect (100baseTX <full-duplex>) status: active > > supported media: autoselect 100baseTX <full-duplex> > > 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP none > > vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > > inet 65.3.111.111 netmask 0xffffff00 broadcast 65.3.111.255 > > inet6 fe80::280:c8ff:fee8:58fe%vr0 prefixlen 64 scopeid 0x2 > > ether 00:80:c8:e8:58:fe > > media: autoselect (10baseT/UTP) status: active > > supported media: autoselect 100baseTX <full-duplex> > > 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP none > > --- > Justin C. Walker, Curmudgeon-At-Large * > Institute for General Semantics | > Director of Technology | It's not whether you win > or lose... > Nexsi Systems Corp. | It's whether *I* win or lose. > 1959 Concourse Drive | > San Jose, CA 95131 | > *--------------------------------------*-------------------------------* > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00ef01c0e659$1a49dce0$14be2ece>