Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 06 Jul 2001 13:35:26 -0500
From:      Eric Long <eric@metrotv.com>
To:        <questions@freebsd.org>
Subject:   Is this a routing problem?
Message-ID:  <B76B6F1D.3CDE%eric@metrotv.com>
next in thread | raw e-mail | index | archive | help 
I am at a loss with this setup, any suggestions are welcome:

Details:
Running Freebsd 4.3-RELEASE, ipfw, natd, dhcpd, and gateway is enabled

I'm running this box with two NIC's and an Emerging Technologies card that
functions as a router.  The Emerging Technologies card (eth0) is the WAN
interface, one of the NIC's (fxp1) is the LAN interface.  Nothing on the LAN
interface can access the internet (via the WAN interface).

What I know:
1.)  Traffic gets to the FreeBSD box from the WAN interface.
2.)  Traffic goes out the WAN interface from the FreeBSD box
3.)  Traffic goes out the LAN interface from the FreeBSD box (workstations
are assigned ip's via dhcpd therefore telling me that they are seeing the
box on the network via the LAN interface), plus I can also ping these boxes
when they are assigned an IP
4.)  Traffic does NOT go out the WAN interface from the LAN interface (no
workstation can reach the net).

Problem:
Is this a routing issue?  Traffic simply isn't being passed from the LAN
interface to the WAN interface.

My routing tables:

% netstat -r -n
Routing tables

Internet:
Destination        Gateway            Flags     Refs     Use     Netif
Expire
default            65.114.176.41      UGSc        6    24630     eth0
65.114.176.41      65.114.176.42      UH          5        2     eth0
127.0.0.1          127.0.0.1          UH          0        4      lo0
192.168.1          link#2             UC          0        0     fxp1 =>

eth0 is 65.114.176.42
fxp1 is 192.168.1.1

Pertinent details from /etc/rc.conf:
gateway_enable="YES"
firewall_enable="YES"
firewall_type="open"
natd_enable="YES"
natd_interface="eth0"
natd_flags="-f /etc/natd.conf"

ipfw details:
% ipfw list
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
00300 deny ip from 127.0.0.0/8 to any
65000 allow ip from any to any
65535 deny ip from any to any

-Eric


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B76B6F1D.3CDE%eric>