Date: Wed, 13 Oct 1999 23:23:54 +0200 (CEST) From: Andreas Haakh <ah@alvman.RoBIN.de> To: Dominik Rothert <dr@domix.de> Cc: Eilko Bos <Eilko.Bos@nl.origin-it.com>, isdn@FreeBSD.ORG Subject: sppp/named/natd (was: Re: natd (was: authentication failures)) Message-ID: <Pine.BSF.4.05.9910132151380.38476-100000@alvman.RoBIN.de> In-Reply-To: <19991013163706.A2713@speed.localnet.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 13 Oct 1999, Dominik Rothert wrote:
> Eilko Bos <Eilko.Bos@nl.origin-it.com> wrote:
>
> > All I can do is a 'ping [ip-address]', 'ping [hostname] will not do since
> > there are DNS-lookups involved (I guess)
>
> Yup, same problem here. Only hostnames which my local DNS already cached
> work.
>
> > kill -HUP `cat /var/run/natd.pid` helps most of the time.
>
> This doesn't make it working here.
>
> > I heard somebody saying that 'natd -dynamic' will help, however I did not
> > try this yet.
>
> I start natd with -dynamic; same problem. I can't believe there's no
> solution to this problem.
>
> Best wishes,
> Dominik Rothert.
Yesterday I set up a computer to connetc via sppp to the internet.
I used FreeBSD 4.0 current!!! as of Oct 13th,1999
The first problem which arose was the well known ifconfig isp1 inet
0.0.0.0 0.0.0.1 -problem. A look at if_spppsubr.c revealed, that the local
sppp-device acknowledges the remote request for its ip-address but then
does not change the remote it. A function like sppp_set_ip_addr for the
remote side is missing - any volunteers?? If you don't bother about the
wrong IP-address and add a static route to your ISP's nameserver and a
default route to your isp-device everything will work fine. I assume that
you can omit the static route to dns but if it is there it does not do
any harm.
I also realised, that a close look at the FAQ's regarding spppcontrol
saves al lot of time ;-))
Now to the nameserver-problem: I set up a simple local nameserver. I
replaced 127.0.0.1 in the "forwarders" section of /etc/named/named.conf
with the IP address of the ISP's nameserver and enabled "forwarders only".
This will cache some addresses.
Later when configuring for natd I enabled "query-source address *
port 53". Don't forget to run "make-localhost" in /etc/namedb/. I also
increased some values in SOA in localhost.rev
Last to natd: I just start it with options
"-u -dynamic -log_facility daemon" and of course the interfacename.
You don't have to deal with "ipfw add divert...", it's in rc.firewall and
will be executed if natd_enable is set to "YES".
Finally I installed imap-uw and fetchmail from /ports/mail and samba for
my OS/2 client.
Now _everything_ works just fine!!!!
For all of you who wish a more practical approach i will include the
relevant configuration lines/files.
------ start of rc.conf - lines ------
isdn_enable="YES"
isdn_fsdev="/dev/ttyvb"
isdn_flags="-dn -d0x1f9 -b"
isdn_trace="NO"
[...]
gateway_enable="YES"
[...]
network_interfaces="... isp0"
[...]
# remove debug-option if everything works fine !!!
ifconfig_isp0="inet 0.0.0.0 0.0.0.1 netmask 0xffffffff link1 debug"
[...]
sppp_interfaces="isp0 ..."
spppconfig_isp0="myauthproto=pap myauthname=_some_telekom_worm_#001 \
myauthsecret=_some_telekom_secret hisauthproto=none"
[...]
static_routes="DnsDtag ..."
route_DnsDtag="-host 194.25.2.129 -interface isp0"
[...]
defaultrouter="-interface isp0"
[...]
natd_enable="YES"
natd_interface="isp0"
natd_flags="-dynamic -u -log_facility daemon"
------ end of rc.conf - lines ------
------ start of named.conf - lines ------
[...]
forward only;
[...]
forwarders {
194.25.2.129;
};
[...]
query-source address * port 53;
[...]
------ end of named.conf - lines ------
Hope thes helps ;-))
Andreas
--
Andreas Haakh * Mollerstraße 7 * 64289 Darmstadt * ah@alvman.RoBIN.de
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isdn" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9910132151380.38476-100000>