From owner-freebsd-questions@FreeBSD.ORG Tue Sep 30 14:57:15 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 69D5716A4C1 for ; Tue, 30 Sep 2003 14:57:15 -0700 (PDT) Received: from sdf-eu.org (sdf-eu.org [192.94.73.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id 47F9A44013 for ; Tue, 30 Sep 2003 14:57:14 -0700 (PDT) (envelope-from lewiz@sdf-eu.org) Received: from sdf-eu.org (IDENT:lewiz@localhost [127.0.0.1]) by sdf-eu.org (8.12.8/8.11.6) with ESMTP id h8ULv9q3022401 for ; Tue, 30 Sep 2003 21:57:09 GMT Received: (from lewiz@localhost) by sdf-eu.org (8.12.8/8.12.8/Submit) id h8ULv9Fb022396 for questions@freebsd.org; Tue, 30 Sep 2003 21:57:09 GMT Date: Tue, 30 Sep 2003 21:57:09 +0000 From: Lewis Thompson To: questions@freebsd.org Message-ID: <20030930215709.GA21498@SDF-EU.ORG> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i Subject: weird natd issue (maybe reinjection trouble?) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Sep 2003 21:57:15 -0000 # please cc me! I've just got to university and can't get all my mail # right now. It'd really help a lot. Thanks! Hi, I'm having trouble with natd on a dual-homed host. I've done my best to troubleshoot the problem but I'm no networking expert and I'm hoping it's something I've overlooked. I have two machines -- clientmachine (also black.lewiz.org/192.168.0.12) and natdmachine (also purple.lewiz.org/192.168.0.1, lh014.halls.umist.ac.uk/130.88.163.14). natdmachine can access the Internet fine -- I can use the web, ping, etc. However, when it comes to natting the connection I stumble across problems. First of all ICMP ping works and I get replies. Some nat stuff is going on and seemingly working. However, if I try and access the web (through a proxy at UMIST) the trouble starts. It seems to me that the following is happening (the ``evidence'' from tcpdump and natd is shown below): clientmachine attempts to access site through proxy. The default route is to natdmachine. This arrives at natdmachine and gets passed through natd, which then duly sends out the packet to the proxy. Fine. The response from the proxy comes back, goes through natd (which realises where the packet is bound) and then... well, nothing. It's very much as though natd doesn't spit the packet back out. I have searched for reinjection problems but afaik this is not it (please tell me I'm wrong!) I've not included the log outputs for an ICMP ping but it basically shows: 22:43:20.207183 black.lewiz.org > 216.239.37.99: icmp: echo request 22:43:20.288565 216.239.37.99 > black.lewiz.org: icmp: echo reply on natdmachine's local interface (sis0). With an attempt to access the proxy all I get is the equivalent of a request but no response (despite it being processed by natd). *ANY IDEAS AT ALL* would be greatly appreciated! I'm really stuck here and I'm no routing/natting genius. If it's something simple I'm sorry (but glad). I can provide any details required. Thanks very much, # logs. all snipped as i saw appropriate. if you want more verbosity, # just ask! clientmachine# tcpdump -i rl0 (rl0 is clientmachine's only if (internal)) 22:33:05.514351 black.lewiz.org.49205 > kevin.umist.ac.uk.3128: S 4110987312:411 0987312(0) win 65535 (DF) natdmachine# tcpdump -i sis0 (sis0 is internal if) 22:33:06.391596 black.lewiz.org.49205 > kevin.umist.ac.uk.3128: S 4110987312:411 0987312(0) win 65535 (DF) natdmachine# /sbin/natd -n rl0 -v (rl0 is internet/external if) Out [TCP] [TCP] 192.168.0.12:49205 -> 130.88.96.65:3128 aliased to [TCP] 130.88.163.14:49205 -> 130.88.96.65:3128 In [TCP] [TCP] 130.88.96.65:3128 -> 130.88.163.14:49205 aliased to [TCP] 130.88.96.65:3128 -> 192.168.0.12:49205 natdmachine# tcpdump -i rl0 (rl0 is internet/external if) 22:33:06.391813 lh014.halls.umist.ac.uk.49205 > kevin.umist.ac.uk.3128: S 411098 7312:4110987312(0) win 65535 (DF) 22:33:06.392139 kevin.umist.ac.uk.3128 > lh014.halls.umist.ac.uk.49205: S 355908 4666:3559084666(0) ack 4110987313 win 5792 (DF) # no response from lh014 here 22:33:06.878969 kevin.umist.ac.uk.3128 > lh014.halls.umist.ac.uk.49204: S 351740 0283:3517400283(0) ack 3127196455 win 5792 (DF) -lewiz.