Date: Thu, 17 Sep 1998 13:56:38 -0700 From: Robert Clark <Clark@open.org> To: chas <panda@peace.com.my> Cc: "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: Re: 2 NICs disable all network services. (Re: FBSD proxy between firewall and LAN) Message-ID: <36017786.6A196CB4@open.org> References: <3.0.32.19980918020828.009c9f0c@mail.peace.com.my>
next in thread | previous in thread | raw e-mail | index | archive | help
Do you have your network cables reversed?
Sometimes PCI bus numbering is counter-intuitive.
IE: The second card you installed, may be fxp0 and not fxp1.
(Been there myself.)
[RC]
chas wrote:
>
> Added second NIC :
> ------------------
> Our FreeBSD box was working fine with one NIC. Upon adding a second
> NIC, network services didn't work. The extra NIC was detected as dmesg
> shows below :
>
> fxp0 <Intel EtherExpress Pro 10/100B Ethernet> rev 5 int a irq 9 on pci0:16:0
> fxp0: Ethernet address 00:a0:c9:e4:c2:ed
> fxp1 <Intel EtherExpress Pro 10/100B Ethernet> rev 2 int a irq 15 on pci0:18:0
> fxp1: Ethernet address 00:a0:c9:cf:b8:b2
>
> I also added the following to /etc/rc.conf :
>
> network_interfaces="fxp0 fxp1 lo0"
> ifconfig_fxp0="inet 202.184.153.5 netmask 255.255.255.0"
> ifconfig_fxp1="inet 10.0.0.1 netmask 255.255.255.0"
> ifconfig_lo0="inet 127.0.0.1"
>
> But still no joy. Ifconfig showed that the interfaces were configured though.
>
> Rebuilt the kernel :
> --------------------
> Figuring the kernel had to be rebuilt first for 2 NICs to work, we did :
>
> 1) rebuilt the kernel with OPTIONS IPFIREWALL enabled
> 2) set the following in /etc/rc.conf :
> firewall_enable="YES"
> firewall_type="OPEN"
> gateway_enable="YES"
> 3) /etc/rc.firewall was left as the default for "OPEN" which, if I
> understand this correctly, should let everything through :
> $fwcmd add 100 pass all from any to any via lo0
> $fwcmd add 200 deny all from any to 127.0.0.0/8
> # Prototype setups.
> if [ "${firewall_type}" = "open" -o "${firewall_type}" = "OPEN" ]; then
> $fwcmd add 65000 pass all from any to any
>
> This still didn't help. Again, dmesg and ifconfig report the NICs are there
> but IP services are totally dead.
>
> Added Natd :
> ------------
> In a vain hope that this would help, natd was also configured :
>
> 1) Added OPTIONS IPDIVERT to the kernel and rebuilt the kernel again.
> 2) Ensured that natd 8668/divert was in /etc/services - default anyway
> 3) $ natd -interface fxp0
>
> Still no joy.
>
> I'm guessing that something waay back at initial hardware/kernel
> level is erroneous (not natd or firewall) but I can't see any conflicts
> in dmesg. Any clues ?
>
> thanking you very much,
>
> chas
>
> Latest dmesg is :
>
> CPU: Pentium II (299.15-MHz 686-class CPU)
> Origin = "GenuineIntel" Id = 0x634 Stepping=4
>
> Features=0x80fbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMO
> V,MMX>
> real memory = 134217728 (131072K bytes)
> avail memory = 129048576 (126024K bytes)
> eisa0: <DEL5a (System Board)>
> Probing for devices on the EISA bus
> DPT: EISA SCSI HBA Driver, version 1.4.3
> Probing for devices on PCI bus 0:
> chip0 <Intel 82440FX (Natoma) PCI and memory controller> rev 2 on pci0:0:0
> chip1 <Intel 82375EB PCI-EISA bridge> rev 21 on pci0:13:0
> ahc0 <Adaptec aic7880 Ultra SCSI host adapter> rev 0 int a irq 14 on pci0:15:0
> ahc0: aic7880 Wide Channel, SCSI Id=7, 16 SCBs
> ahc0 waiting for scsi devices to settle
> (ahc0:0:0): "WDIGTL WDE4360-1807A3 1.80" type 0 fixed SCSI 2
> sd0(ahc0:0:0): Direct-Access 4095MB (8388314 512 byte sectors)
> ahc0:A:5: refuses WIDE negotiation. Using 8bit transfers
> (ahc0:5:0): "NEC CD-ROM DRIVE:465 1.03" type 5 removable SCSI 2
> cd0(ahc0:5:0): CD-ROM can't get the size
> fxp0 <Intel EtherExpress Pro 10/100B Ethernet> rev 5 int a irq 9 on pci0:16:0
> fxp0: Ethernet address 00:a0:c9:e4:c2:ed
> fxp1 <Intel EtherExpress Pro 10/100B Ethernet> rev 2 int a irq 15 on pci0:18:0
> fxp1: Ethernet address 00:a0:c9:cf:b8:b2
> vga0 <VGA-compatible display device> rev 64 on pci0:20:0
> Probing for devices on the ISA bus:
> sc0 at 0x60-0x6f irq 1 on motherboard
> sc0: VGA color <16 virtual consoles, flags=0x0>
> sio0 at 0x3f8-0x3ff irq 4 on isa
> sio0: type 16550A
> sio1 at 0x2f8-0x2ff irq 3 on isa
> sio1: type 16550A
> lpt0 at 0x378-0x37f irq 7 on isa
> lpt0: Interrupt-driven port
> lp0: TCP/IP capable interface
> psm0 at 0x60-0x64 irq 12 on motherboard
> psm0: model Generic PS/2 mouse, device ID 0
> fdc0 at 0x3f0-0x3f7 irq 6 drq 2 on isa
> fdc0: FIFO enabled, 8 bytes threshold
> fd0: 1.44MB 3.5in
> npx0 flags 0x1 on motherboard
> npx0: INT 16 interface
> IP packet filtering initialized, divert enabled, logging disabled
> changing root device to sd0s1a
>
> ps. It's probably a bit overpowered for a gateway machine - but we're
> going to run Squid on it too.
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?36017786.6A196CB4>