Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 20 Nov 2006 11:29:44 -0600
From:      Aaron Martinez <ml@proficuous.com>
To:        Lane <lane@joeandlane.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: ping send to problem, what am i missing
Message-ID:  <4561E608.1040903@proficuous.com>
In-Reply-To: <200611201049.36275.lane@joeandlane.com>
References:  <4561D4A6.10702@proficuous.com> <200611201049.36275.lane@joeandlane.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Lane wrote:
> On Monday 20 November 2006 10:15, Aaron Martinez wrote:
>   
>> I'm trying to get some routing working from my freebsd 6.1 machine that
>> i thought should be extremely easy, but not having any luck.  When
>> trying to ping the destination address (192.168.5.6) i get : "ping:
>> sendto: Invalid argument"
>>
>> the net goes like so:   freebsd6.1----linux router-----another linux
>> router---openbsd machine (running openvpn)
>>
>> the corresponding routing tables are as such:
>>
>> freebsd6.1:
>> Internet:
>> Destination        Gateway            Flags    Refs      Use  Netif Expire
>> default            192.168.3.94       UGS         1   121441   fxp0
>> 127.0.0.1          127.0.0.1          UH          0        0    lo0
>> 192.168.3.64/27    link#1             UC          0        0   fxp0
>> 192.168.3.94       00:40:f4:76:3d:d3  UHLW        2   106622   fxp0   1154
>> 192.168.4.1/32     192.168.4.5        UGS         0     2042   tun0
>> 192.168.4.5        192.168.4.6        UH          1        0   tun0
>> 192.168.5          192.168.0.66       UGS         0      154   fxp0
>>
>>
>> I manually added the 192.168.5 route using the following command (please
>> correct me if i did it incorrectly
>>
>> route -n add 192.168.5/24 192.168.0.66
>>
>>
>> first linux router:
>> Kernel IP routing table
>> Destination     Gateway         Genmask         Flags   MSS Window  irtt
>> Iface
>> 192.168.3.32    0.0.0.0         255.255.255.224 U        40 0          0
>> eth0
>> 192.168.3.96    0.0.0.0         255.255.255.224 U        40 0          0
>> eth2
>> 192.168.3.64    0.0.0.0         255.255.255.224 U        40 0          0
>> eth1
>> 192.168.3.160   0.0.0.0         255.255.255.224 U        40 0          0
>> eth4
>> 192.168.3.128   0.0.0.0         255.255.255.224 U        40 0          0
>> eth3
>> 0.0.0.0         192.168.3.62    0.0.0.0         UG       40 0          0
>> eth0
>>
>>
>> second linux router:
>> Kernel IP routing table
>> Destination     Gateway         Genmask         Flags   MSS Window  irtt
>> Iface
>> 192.168.3.32    0.0.0.0         255.255.255.224 U        40 0          0
>> eth3
>> 192.168.3.96    192.168.3.34    255.255.255.224 UG       40 0          0
>> eth3
>> 192.168.3.64    192.168.3.34    255.255.255.224 UG       40 0          0
>> eth3
>> 192.168.3.160   192.168.3.34    255.255.255.224 UG       40 0          0
>> eth3
>> 192.168.3.128   192.168.3.34    255.255.255.224 UG       40 0          0
>> eth3
>> 192.168.2.0     0.0.0.0         255.255.255.0   U        40 0          0
>> eth2
>> 192.168.1.0     0.0.0.0         255.255.255.0   U        40 0          0
>> eth1
>> 192.168.0.0     0.0.0.0         255.255.255.0   U        40 0          0
>> eth0
>> 0.0.0.0         0.0.0.0         0.0.0.0         U        40 0          0
>> dsl1
>>
>>
>> openbsd machine:
>> Routing tables
>>
>> Internet:
>> Destination        Gateway            Flags    Refs      Use    Mtu
>> Interface
>> default            192.168.0.254      UGS         5   516934      -   rl0
>> 127/8              127.0.0.1          UGRS        0        0  33224   lo0
>> 127.0.0.1          127.0.0.1          UH          1      125  33224   lo0
>> 192.168.0/24       link#1             UC          2        0      -   rl0
>> 192.168.0.2        00:d0:b7:8f:51:41  UHLc        0        5      -   rl0
>> 192.168.0.254      00:e0:18:90:17:f1  UHLc        1        0      -   rl0
>> 192.168.4/24       192.168.4.2        UGS         0     2042      -   tun0
>> 192.168.4.2        192.168.4.1        UH          1        0      -   tun0
>> 192.168.5/24       192.168.5.2        UGS         0     3411      -   tun1
>> 192.168.5.2        192.168.5.1        UH          1        5      -   tun1
>> 224/4              127.0.0.1          URS         0        0  33224   lo0
>>
>>
>> i can successfully ping the 192.168.0.66 host with no problems, so i'm
>> guessing that most of my routes are fine, i am a little suspect however
>> about the route i manually put in.  I can also ping the 192.168.5.6
>> address FROM the openbsd machine.  All firewalls between these machines
>> ARE disabled.   i DO have ip forwarding enabled on the OPENBSD machine:
>> # sysctl -a | grep
>> forward
>>
>> net.inet.ip.forwarding=1
>>
>> I can't figure what's going on here any help would be terribly
>> appreciated.  Any more info that is needed just ask.
>>
>> thanks in advance,
>>
>> Aaron
>>
>> _______________________________________________
>> freebsd-questions@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to
>> "freebsd-questions-unsubscribe@freebsd.org"
>>     
>
> Aaron,
>
> It looks like the FreeBSD and the OpenBSD machines are vpn tunnelling through 
> the linux routers, right?
>   

Not exactly.  I have one openvpn tunnel from my freebsd6.1 machine to 
the openbsd machine via the 192.168.4.0  interface.   There is another 
vpn from a window's machine on a network connected to first linux router 
in the above mentioned netowrk.  what i'm trying to do is connect (not 
through the vpn connection i have from my freebsed ---> openbsd machine, 
but from the standard fxp0 on my freebsd machine to the openbsd box, at 
which time the openbsd machine should route me through to the 
192.168.5.x network.  As i said previously i CAN ping directly to the 
192.168.0.66 machine but for some reason not to the 192.168.5.x network. 
Since i am getting no information from the openbsd machine about the 
192.168.5.x network, i need to manually add the route.  Essentially it's 
safe to forget at the 192.168.4.x network.. that's seperate.
> If that is the case then you really shouldn't have to mess around with manual 
> routing tables, at all.  You should be looking at the OpenVPN configuration.
>
> If I was working on this problem, I'd first shut down openvpn and verify that 
> FreeBSD and OpenBSD can talk along their default routes (it looks like they 
> each have only one nic, so the default routes will be used).
>
> Next, after I am able to verify clear communication from both sides, I'd start 
> working on the OpenVPN configuration.  When configured correctly the openvpn 
> server will push an appropriate route to the client, and presto!  VPN.
>
> lane
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>   

One very important piece of information that i think is the key here, I 
set up tcpdump on all of the  linux and openbsd machines looking for 
icmp from my host as such:

 tcpdump -i ethx host 192.168.3.68 and icmp

I get no packets at all on any of the machines when pinging the 
192.168.5.6 address but when i ping 192.168.0.66 i see them clearly:
tcpdump: listening on eth1
11:19:08.166549 192.168.3.68 > 192.168.0.66: icmp: echo request
11:19:08.166968 192.168.0.66 > 192.168.3.68: icmp: echo reply
11:19:09.167387 192.168.3.68 > 192.168.0.66: icmp: echo request
11:19:09.167794 192.168.0.66 > 192.168.3.68: icmp: echo reply
11:19:10.168507 192.168.3.68 > 192.168.0.66: icmp: echo request
11:19:10.168904 192.168.0.66 > 192.168.3.68: icmp: echo reply
11:19:11.169615 192.168.3.68 > 192.168.0.66: icmp: echo request
11:19:11.170013 192.168.0.66 > 192.168.3.68: icmp: echo reply

This leads me back to the manual route that i put in. It seems that 
something is amiss with that as there are no packets heading for the 
192.168.0.66 machine when i try to ping 192.168.5.6..  ideas???/

thanks,

Aaron




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?4561E608.1040903>