Date: Sat, 1 Feb 1997 12:11:03 +0100 (MET) From: grog@lemis.de To: pmcandre@tiac.net (patrick mcandrew) Cc: questions@FreeBSD.org (FreeBSD Questions) Subject: Re: IP ROUTING Message-ID: <199702011111.MAA06281@freebie.lemis.de> In-Reply-To: <199701270335.WAA00282@tiac.net> from patrick mcandrew at "Jan 26, 97 10:35:38 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
patrick mcandrew writes:
> Hello all,
>
> I have a FreeBSD box that is a gateway to the internet. Its config is pretty
> simple, 1 network card (which goes to my 4 suns, my internal lan) and a USR
> modem (external) that goes to the internet. I have a dynamic ip, now i enabled
> IP forwarding/gatewaying, and the box dosent forward ICMP, TCP,or UDP packets
> to the ppp interface via the net card. It worked fine with linux, and i cant
> understand why its not working. Also, when i ping a host on the net, i see
> the SendData modem light light up, but the receive data stays dark. prehaps
> the packets can't find their way back?? i used imaginery ip address' for my
> internal lan(6.6.6.2-6.6.6.5).
DON'T DO THIS! THIS IS NOT YOUR ADDRESS! In fact, although I can't
find a name, it appears to belong to the US military. Of course the
data can't find its way back to your net (and I'm pretty sure the same
config would fail under Linux, as well). Class A network 6 is known
round the world, and it appears to go underground somewhere near San
Diego. Here's a traceroute I just tried:
=== root@freebie (/dev/ttypa) /home/grog 4 -> traceroute 6.6.6.1
traceroute to 6.6.6.1 (6.6.6.1), 30 hops max, 40 byte packets
1 194.97.201.10 (194.97.201.10) 33.506 ms 34.080 ms 35.797 ms
2 isdn-gw1.Seicom.Net (194.97.201.9) 38.227 ms 36.248 ms 36.179 ms
3 Reutlingen.Seicom.Net (194.97.200.22) 45.425 ms 41.028 ms 45.635 ms
4 Frankfurt.seicom.NET (194.97.192.2) 56.677 ms 52.742 ms 49.218 ms
5 Frankfurt.topnet.de (194.97.192.38) 54.757 ms 56.280 ms 47.846 ms
6 frankfurt.topnet.de (194.97.110.185) 55.578 ms 54.506 ms 51.749 ms
7 Serial3-2.GW1.FFT1.ALTER.NET (146.188.128.21) 59.734 ms 98.336 ms 51.710 ms
8 Fddi0-0.CR1.FFT1.Alter.Net (146.188.31.225) 155.023 ms 59.868 ms 53.137 ms
9 212.Hssi4-0.CR1.LND1.Alter.Net (146.188.2.2) 107.885 ms 88.240 ms 98.021 ms
10 167.Hssi4-0.CR1.TCO1.Alter.Net (137.39.69.226) 390.996 ms 229.958 ms 274.784 ms
11 411.atm10-0.br1.tco1.alter.net (137.39.13.13) 190.353 ms 179.117 ms 178.036 ms
12 Sprint-TCO1-gw.ALTER.NET (137.39.103.18) 171.765 ms 167.037 ms 167.686 ms
13 198.67.0.7 (198.67.0.7) 227.322 ms 175.494 ms 187.889 ms
14 144.228.10.105 (144.228.10.105) 233.627 ms 255.212 ms 257.117 ms
15 198.67.6.5 (198.67.6.5) 259.376 ms 240.608 ms 225.792 ms
16 144.228.10.22 (144.228.10.22) 239.347 ms 225.007 ms 228.314 ms
17 192.203.230.20 (192.203.230.20) 266.819 ms 232.664 ms 230.159 ms
18 137.209.13.2 (137.209.13.2) 230.316 ms 290.137 ms 235.544 ms
19 198.26.126.18 (198.26.126.18) 231.652 ms 233.291 ms 235.776 ms
20 SAN-DIEGO-CI.dla.mil (33.0.250.2) 318.962 ms 324.200 ms 267.885 ms
21 33.0.108.2 (33.0.108.2) 272.450 ms 254.921 ms 277.683 ms
22 33.253.70.1 (33.253.70.1) 289.422 ms 275.027 ms 342.408 ms
23 198.26.80.90 (198.26.80.90) 293.684 ms 371.611 ms 336.902 ms
24 6.1.0.252 (6.1.0.252) 614.940 ms 329.283 ms 314.441 ms
25 6.110.1.1 (6.110.1.1) 305.974 ms 340.309 ms 297.970 ms
26 * *^C
This won't look too different if you try it from your ISP. This
means, for example:
1. You send a ping from 6.6.6.2 to your ISP (let's say
192.168.192.169).
2. 6.6.6.1, your FreeBSD box, faithfully sends it on to
192.168.192.169.
3. 192.168.192.169 replies. Its routing looks at the reply packet
and says, "6.6.6.2, huh? Let's see..." and picks out, say,
Sprint-TCO1-gw.ALTER.NET (137.39.103.18).
4. It sends the reply there. The rest looks much the same as the
traceroute above.
5. Your "imposter" 6.6.6.2 sees nothing.
> The gateway is 6.6.6.1 on the net card (WD8003)
> and the ppp0 interface is assigned a number dynamicly. I have on all the suns
> the default route set to 6.6.6.1 and the default route on the gateway(6.6.6.1)
> set to the far end of the ppp link. now i can access the entire internet through
> freebsd, but my lan cant. any help??
Yes. Get real addresses. How do you expect the Internet to know how
to route data to you if you don't register the addresses? You may be
able to convince your ISP to give you a block of addresses; otherwise,
he might be able to tell you how to do it. Generally, though, you're
in bad shape trying to connect a network via a dynamically assigned
address. Try to get a static address (one of the block) instead.
Greg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702011111.MAA06281>