Date: Thu, 24 Jun 2004 23:50:09 +0200 From: "Dave Raven" <dave@raven.za.net> To: <freebsd-questions@freebsd.org> Subject: RE: Urgent 4.9 networking problems Message-ID: <00c801c45a35$388b0d20$3200000a@lucy> In-Reply-To: <MIEPLLIBMLEEABPDBIEGEEAOGEAA.Barbish3@adelphia.net>
next in thread | previous in thread | raw e-mail | index | archive | help
It is currently functioning perfectly and has been for 48 days - ipnat
bimap's are working all over its just this one specific interface that's =
now
giving problems. There is no method to access any dns servers - is it =
not
possible to _not_ have a dns server without having the timeout. =
Resolv.conf
is blank...
# wc -l /etc/ipf.rules
5149 /etc/ipf.rules
I also wont be able to post those.. But I have been working with ipf + =
ipnat
for a long time now - my top rule is a pass all at the moment...
I think I can solve the problem with the BIMAP - I'm just interested in
finding out why it has to wait to resolve the host name when I'm =
telnetting
directly to an ip address and I have no nameservers specified? Surely =
that
can't be the way it has to be...
Thanks again
Dave
-----Original Message-----
From: JJB [mailto:Barbish3@adelphia.net]=20
Sent: 24 June 2004 11:45 PM
To: Dave Raven; freebsd-questions@freebsd.org
Subject: RE: Urgent 4.9 networking problems
Post your ipf rules and ipnat rules and /etc/resolv.conf
resolv.conf should have your isp's dns server names. If not then
post rc.conf also. Give interface name of Nic card connected to
public internet. Has this network ever functioned correctly or is
it something you are just putting together now?
-----Original Message-----
From: owner-freebsd-questions@freebsd.org
[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Dave Raven
Sent: Thursday, June 24, 2004 5:29 PM
To: freebsd-questions@freebsd.org
Subject: RE: Urgent 4.9 networking problems
I have made further progress - thanks for all your steady replies. I
know it
might look like I haven't looked into it enough but this is just
part of my
bigger problem - here we go..
By adding my routers ip and my local machines ip to hosts, I've
fixed the
telnet to the router and the ping -R - but why is telnet timing out
?? I
have NO DNS at all - there is nothing in resolv.conf yet it still
makes
requests to local host. I have to disable dns.
I have no idea why it would sit for 2 minutes trying to resolve the
ip for
my telnet though???
Is this a problem? How do I stop dns altogether... The machine is
acting as
a firewall with NAT'ing and routing.
The real problem that's gotten me down to here is with IPNat
though - it
says its map'd the address but in actual fact freebsd forwards it.
Could
this all be a red herring as a dns problem?
Thanks
Dave
-----Original Message-----
From: JJB [mailto:Barbish3@adelphia.net]
Sent: 24 June 2004 11:23 PM
To: Dave Raven; freebsd-questions@freebsd.org
Subject: RE: Urgent 4.9 networking problems
Your symptoms are typical of DNS time outs.
Ping ip address does no DNS lookups.
Ping freebsd.org will not work either.
With out a lot more detail about your network environment, the best
I can say is look at how your network resolves DNS lookups.
Some times a ISP will change the ip address of their DNS or DHCP
servers and if you have their ip address hard coded in your firewall
rules your network will just stop talking to the public internet.
Start your research there.
-----Original Message-----
From: owner-freebsd-questions@freebsd.org
[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Dave Raven
Sent: Thursday, June 24, 2004 4:54 PM
To: freebsd-questions@freebsd.org
Subject: Urgent 4.9 networking problems
Hi all,
I really need some urgent help with this I'm completely
confused. I
have a FreeBSD 4.9 machine running ipfilter ipnat vrrp and a few
other
services, today is the first time I tried to access through the
specific
method but now every interface and every local address I try has the
same
problem. I can ping anything - but any other kind of traffic waits
for about
2 minutes before transmitting - this is true with tcp and udp. I'm
trying to
access machines on the same network - and if I ping -R you can see
the same
effect - pasted below. I've also included the interface that I'm
trying to
do this on although it seems to be happening on all my other
interfaces..
I try to telnet to a cisco router that's on a switch I'm plugged in
and I
see the same behaviour - it just waits then suddenly responds very
quickly.
My IpFilter rules don't log anything until it responds at which time
they
pass it - and tethereal + tcpdump also see if perfectly AFTER the
long
delay.
It appears that its sitting on the kernel for 2 minutes??? It just
does
NOTHING then all of a sudden responds. The only thing I can find
that works
is icmp - and perfectly. I'm sorry for the urgency but its very high
priority
Thanks in advance
Dave
# ifconfig fxp1
fxp1: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet x.y.186.3 netmask 0xffffff00 broadcast x.y.186.255
inet x.y.186.1 netmask 0xffffffff broadcast x.y.186.1
inet x.y.186.15 netmask 0xffffffff broadcast x.y.186.15
inet x.y.186.14 netmask 0xffffffff broadcast x.y.186.14
inet x.y.186.142 netmask 0xffffffff broadcast x.y.186.142
inet x.y.186.33 netmask 0xffffffff broadcast x.y.186.33
inet x.y.186.124 netmask 0xffffffff broadcast x.y.186.124
inet x.y.186.250 netmask 0xffffffff broadcast x.y.186.250
inet x.y.186.122 netmask 0xffffffff broadcast x.y.186.122
inet x.y.186.25 netmask 0xffffffff broadcast x.y.186.25
inet x.y.186.127 netmask 0xffffffff broadcast x.y.186.127
# date ; ping -R -c1 x.y.186.253 ; date
Thu Jun 24 22:43:13 SAST 2004
PING x.y.186.253 (152.110.186.253): 56 data bytes
64 bytes from x.y.186.253: icmp_seq=3D0 ttl=3D255 time=3D0.414 ms
RR: x.y.186.253
x.y.186.253
x.y.186.3
--- x.y.186.253 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev =3D 0.414/0.414/0.414/0.000 ms
Thu Jun 24 22:46:58 SAST 2004
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@freebsd.org"
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00c801c45a35$388b0d20$3200000a>