From owner-freebsd-questions Thu Sep 17 13:58:52 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA28096 for freebsd-questions-outgoing; Thu, 17 Sep 1998 13:58:52 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from mailhost.pii.com (mailhost.pii.com [192.77.209.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA27914 for ; Thu, 17 Sep 1998 13:58:04 -0700 (PDT) (envelope-from Clark@open.org) Received: from open.org (dash8.pii.com [192.77.209.226]) by mailhost.pii.com (8.9.1/8.9.1) with ESMTP id OAA26570; Thu, 17 Sep 1998 14:03:52 -0700 (PDT) Message-ID: <36017786.6A196CB4@open.org> Date: Thu, 17 Sep 1998 13:56:38 -0700 From: Robert Clark X-Mailer: Mozilla 4.05 [en] (X11; U; HP-UX B.10.20 9000/735) MIME-Version: 1.0 To: chas CC: "freebsd-questions@FreeBSD.ORG" Subject: Re: 2 NICs disable all network services. (Re: FBSD proxy between firewall and LAN) References: <3.0.32.19980918020828.009c9f0c@mail.peace.com.my> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Do you have your network cables reversed? Sometimes PCI bus numbering is counter-intuitive. IE: The second card you installed, may be fxp0 and not fxp1. (Been there myself.) [RC] chas wrote: > > Added second NIC : > ------------------ > Our FreeBSD box was working fine with one NIC. Upon adding a second > NIC, network services didn't work. The extra NIC was detected as dmesg > shows below : > > fxp0 rev 5 int a irq 9 on pci0:16:0 > fxp0: Ethernet address 00:a0:c9:e4:c2:ed > fxp1 rev 2 int a irq 15 on pci0:18:0 > fxp1: Ethernet address 00:a0:c9:cf:b8:b2 > > I also added the following to /etc/rc.conf : > > network_interfaces="fxp0 fxp1 lo0" > ifconfig_fxp0="inet 202.184.153.5 netmask 255.255.255.0" > ifconfig_fxp1="inet 10.0.0.1 netmask 255.255.255.0" > ifconfig_lo0="inet 127.0.0.1" > > But still no joy. Ifconfig showed that the interfaces were configured though. > > Rebuilt the kernel : > -------------------- > Figuring the kernel had to be rebuilt first for 2 NICs to work, we did : > > 1) rebuilt the kernel with OPTIONS IPFIREWALL enabled > 2) set the following in /etc/rc.conf : > firewall_enable="YES" > firewall_type="OPEN" > gateway_enable="YES" > 3) /etc/rc.firewall was left as the default for "OPEN" which, if I > understand this correctly, should let everything through : > $fwcmd add 100 pass all from any to any via lo0 > $fwcmd add 200 deny all from any to 127.0.0.0/8 > # Prototype setups. > if [ "${firewall_type}" = "open" -o "${firewall_type}" = "OPEN" ]; then > $fwcmd add 65000 pass all from any to any > > This still didn't help. Again, dmesg and ifconfig report the NICs are there > but IP services are totally dead. > > Added Natd : > ------------ > In a vain hope that this would help, natd was also configured : > > 1) Added OPTIONS IPDIVERT to the kernel and rebuilt the kernel again. > 2) Ensured that natd 8668/divert was in /etc/services - default anyway > 3) $ natd -interface fxp0 > > Still no joy. > > I'm guessing that something waay back at initial hardware/kernel > level is erroneous (not natd or firewall) but I can't see any conflicts > in dmesg. Any clues ? > > thanking you very much, > > chas > > Latest dmesg is : > > CPU: Pentium II (299.15-MHz 686-class CPU) > Origin = "GenuineIntel" Id = 0x634 Stepping=4 > > Features=0x80fbff V,MMX> > real memory = 134217728 (131072K bytes) > avail memory = 129048576 (126024K bytes) > eisa0: > Probing for devices on the EISA bus > DPT: EISA SCSI HBA Driver, version 1.4.3 > Probing for devices on PCI bus 0: > chip0 rev 2 on pci0:0:0 > chip1 rev 21 on pci0:13:0 > ahc0 rev 0 int a irq 14 on pci0:15:0 > ahc0: aic7880 Wide Channel, SCSI Id=7, 16 SCBs > ahc0 waiting for scsi devices to settle > (ahc0:0:0): "WDIGTL WDE4360-1807A3 1.80" type 0 fixed SCSI 2 > sd0(ahc0:0:0): Direct-Access 4095MB (8388314 512 byte sectors) > ahc0:A:5: refuses WIDE negotiation. Using 8bit transfers > (ahc0:5:0): "NEC CD-ROM DRIVE:465 1.03" type 5 removable SCSI 2 > cd0(ahc0:5:0): CD-ROM can't get the size > fxp0 rev 5 int a irq 9 on pci0:16:0 > fxp0: Ethernet address 00:a0:c9:e4:c2:ed > fxp1 rev 2 int a irq 15 on pci0:18:0 > fxp1: Ethernet address 00:a0:c9:cf:b8:b2 > vga0 rev 64 on pci0:20:0 > Probing for devices on the ISA bus: > sc0 at 0x60-0x6f irq 1 on motherboard > sc0: VGA color <16 virtual consoles, flags=0x0> > sio0 at 0x3f8-0x3ff irq 4 on isa > sio0: type 16550A > sio1 at 0x2f8-0x2ff irq 3 on isa > sio1: type 16550A > lpt0 at 0x378-0x37f irq 7 on isa > lpt0: Interrupt-driven port > lp0: TCP/IP capable interface > psm0 at 0x60-0x64 irq 12 on motherboard > psm0: model Generic PS/2 mouse, device ID 0 > fdc0 at 0x3f0-0x3f7 irq 6 drq 2 on isa > fdc0: FIFO enabled, 8 bytes threshold > fd0: 1.44MB 3.5in > npx0 flags 0x1 on motherboard > npx0: INT 16 interface > IP packet filtering initialized, divert enabled, logging disabled > changing root device to sd0s1a > > ps. It's probably a bit overpowered for a gateway machine - but we're > going to run Squid on it too. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message