From owner-freebsd-isdn Wed Oct 13 15: 6:55 1999 Delivered-To: freebsd-isdn@freebsd.org Received: from alvman.RoBIN.de (alvman.robin.de [193.174.7.33]) by hub.freebsd.org (Postfix) with ESMTP id 2F8741552E for ; Wed, 13 Oct 1999 15:06:19 -0700 (PDT) (envelope-from ah@alvman.RoBIN.de) Received: from localhost (ah@localhost) by alvman.RoBIN.de (8.9.3/8.8.8) with ESMTP id XAA42152; Wed, 13 Oct 1999 23:23:54 +0200 (CEST) (envelope-from ah@alvman.RoBIN.de) Date: Wed, 13 Oct 1999 23:23:54 +0200 (CEST) From: Andreas Haakh To: Dominik Rothert Cc: Eilko Bos , isdn@FreeBSD.ORG Subject: sppp/named/natd (was: Re: natd (was: authentication failures)) In-Reply-To: <19991013163706.A2713@speed.localnet.lan> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=iso-8859-1 Content-Transfer-Encoding: 8BIT Sender: owner-freebsd-isdn@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 13 Oct 1999, Dominik Rothert wrote: > Eilko Bos wrote: > > > All I can do is a 'ping [ip-address]', 'ping [hostname] will not do since > > there are DNS-lookups involved (I guess) > > Yup, same problem here. Only hostnames which my local DNS already cached > work. > > > kill -HUP `cat /var/run/natd.pid` helps most of the time. > > This doesn't make it working here. > > > I heard somebody saying that 'natd -dynamic' will help, however I did not > > try this yet. > > I start natd with -dynamic; same problem. I can't believe there's no > solution to this problem. > > Best wishes, > Dominik Rothert. Yesterday I set up a computer to connetc via sppp to the internet. I used FreeBSD 4.0 current!!! as of Oct 13th,1999 The first problem which arose was the well known ifconfig isp1 inet 0.0.0.0 0.0.0.1 -problem. A look at if_spppsubr.c revealed, that the local sppp-device acknowledges the remote request for its ip-address but then does not change the remote it. A function like sppp_set_ip_addr for the remote side is missing - any volunteers?? If you don't bother about the wrong IP-address and add a static route to your ISP's nameserver and a default route to your isp-device everything will work fine. I assume that you can omit the static route to dns but if it is there it does not do any harm. I also realised, that a close look at the FAQ's regarding spppcontrol saves al lot of time ;-)) Now to the nameserver-problem: I set up a simple local nameserver. I replaced 127.0.0.1 in the "forwarders" section of /etc/named/named.conf with the IP address of the ISP's nameserver and enabled "forwarders only". This will cache some addresses. Later when configuring for natd I enabled "query-source address * port 53". Don't forget to run "make-localhost" in /etc/namedb/. I also increased some values in SOA in localhost.rev Last to natd: I just start it with options "-u -dynamic -log_facility daemon" and of course the interfacename. You don't have to deal with "ipfw add divert...", it's in rc.firewall and will be executed if natd_enable is set to "YES". Finally I installed imap-uw and fetchmail from /ports/mail and samba for my OS/2 client. Now _everything_ works just fine!!!! For all of you who wish a more practical approach i will include the relevant configuration lines/files. ------ start of rc.conf - lines ------ isdn_enable="YES" isdn_fsdev="/dev/ttyvb" isdn_flags="-dn -d0x1f9 -b" isdn_trace="NO" [...] gateway_enable="YES" [...] network_interfaces="... isp0" [...] # remove debug-option if everything works fine !!! ifconfig_isp0="inet 0.0.0.0 0.0.0.1 netmask 0xffffffff link1 debug" [...] sppp_interfaces="isp0 ..." spppconfig_isp0="myauthproto=pap myauthname=_some_telekom_worm_#001 \ myauthsecret=_some_telekom_secret hisauthproto=none" [...] static_routes="DnsDtag ..." route_DnsDtag="-host 194.25.2.129 -interface isp0" [...] defaultrouter="-interface isp0" [...] natd_enable="YES" natd_interface="isp0" natd_flags="-dynamic -u -log_facility daemon" ------ end of rc.conf - lines ------ ------ start of named.conf - lines ------ [...] forward only; [...] forwarders { 194.25.2.129; }; [...] query-source address * port 53; [...] ------ end of named.conf - lines ------ Hope thes helps ;-)) Andreas -- Andreas Haakh * Mollerstraße 7 * 64289 Darmstadt * ah@alvman.RoBIN.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isdn" in the body of the message