Date: Fri, 25 Jan 2002 10:48:12 +0800 From: Calvin NG <calvinng@brel.com> To: Questions <freebsd-questions@FreeBSD.ORG> Cc: Calvin NG <calvinng@brel.com> Subject: problem with ARP proxy Message-ID: <20020125104812.B68512@brel.com>
next in thread | raw e-mail | index | archive | help
Greetings,
Quick Question:
--------------
I seems to be encountering repeated panics/crash (Fatal Trap 12:page fault
while in kernel mode) due to the use of arp proxy. The system is running
FreeBSD 4.5-RC cvsup on 24 Jan 2002. Following the FAQ I did a
"nm -n kernel | grep ..." and found that the function it points to is
"arptfree". And I found this in the source sys/netinet/if_ether.c
For the moment I am switching to using static routes on the internal
network, and not use proxy arp. If anyone has a similar scenario and
is successful, please give some advise. Or anyone with better suggestions,
do share it with me, thanks in advance. Of course, if someone in the know
can investigate this proxy arp thing a bit, and check if there is a bug,
even better. ;-)
Background:
----------
I am adding a ADSL connection to a token ring network, and it looks like
the following:
(ISP) ---- (ADSL modem) -- (Win98) -- (firewall) ---- (token ring network)
The (firewall) machine is the one we are interested in, it runs FreeBSD 4.5-RC
with IPFirewall, a onboard ethernet (fxp0) connected to the (Win98), and
a Olicom card (OC-3137) (oltr0) connected to the internal network.
To make the proxy machine transparent to the token ring user, I decided
to subnet some IPs from the internal network, and use proxy arp to route
the request to the win98 machine, and thus out to the internet.
token ring : 10.1.0.0/255.255.0.0
firewall : oltr0 : 10.1.0.250/255.255.0.0
fxp0 : 10.1.0.253/255.255.255.252
( in addition: arp -s $(win98-hostname) ($oltr:lladdr) pub only )
win98 : 10.1.0.254/255.255.255.252
( the other interface is connected to the ADSL modem, and this also
runs the PPoE (spellling?) client ).
Problem:
-------
The configuration works, nodes on the token ring network can see
the win98 PC, even with the IPfirewall rules enabled.
However, the firewall suffer repeated crashes once in a while, when
more than 1 internal node tries to connect to the win98 machine through
the firewall.
Current Solution:
----------------
My initial thought was maybe problem with the IPFirewall or the token ring
driver, since this are things I am not that fmailiar with. But I did some search
and followed some instructions in the FAQ on troubleshooting, and found that
the crash occurs in the function arptfree(). This leads me to think I am
having problem with the proxy arp. Actually during the testing, I have
less than 5 entries in my arp table when the crashes occurs, and this includes
the proxy entry.
Anyway, I have removed the proxy arp entry and using static routes on
the nodes, and is having relative success for the pass hour or so.
Regards,
/calvin
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020125104812.B68512>