From owner-freebsd-questions Fri Jul 6 14:23:19 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.usermail.com (www.usermail.com [208.239.240.90]) by hub.freebsd.org (Postfix) with ESMTP id D503737B405 for ; Fri, 6 Jul 2001 14:23:10 -0700 (PDT) (envelope-from kobes@usermail.com) Received: from terrapin (nic-41-c89-114.mn.mediaone.net [66.41.89.114]) by mail.usermail.com (8.9.3/8.9.3) with SMTP id QAA30365 for ; Fri, 6 Jul 2001 16:25:31 -0400 Message-ID: <001201c10662$6043c3e0$0201a8c0@goldenrod.net> From: "Mark Kobussen" To: Subject: Re: IPFW/NATD or Cable Modem Trouble?? Date: Fri, 6 Jul 2001 16:26:22 -0500 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_000F_01C10638.6539B320" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. ------=_NextPart_000_000F_01C10638.6539B320 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable > natd_flags=3D"-l -d -s -m -u -dynamic -ned2" > I added the flags you recommended above, and altogether, it seems to = work a bit better. Unfortunately, the router still becomes unreachable every = few minutes. This leads me to another question -- why, if my configuration looks = fairly decent, would not only the ed2 interface stop communicating with the = cable modem, but ed1 ALSO stops responding to telnet and ssh sessions. Also, I noticed some "ed2 NIC memory corrupt - invalid packet size" = messages on the console last time I looked. It seems these JUST started = appearing after I added various NATD flags. > > I also added the following to let DHCP through > # Allow DHCP through > ${fwcmd} add pass udp from any 68 to any 67 out via ${oif} > ${fwcmd} add pass udp from any 67 to any 68 in via ${oif} Added these two, seems to be working a-ok. > And, do you have the following in /etc/dhclient.conf: > > interface "ed2" { > send host-name ""; > request subnet-mask, broadcast-address, routers,\ > domain-name-servers, domain-name, time-servers; > require domain-name-servers; > } > I added the above to my dhclient.conf file, and DHCP stopped receiving domain resolution information. I've left the dhclient.conf empty (as it = was before), as it was not only working fine, but also providing all of the information you were requesting in your dhclient.conf. Thanks for the suggestions, Mark ------=_NextPart_000_000F_01C10638.6539B320 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

> natd_flags=3D"-l -d = -s -m -u=20 -dynamic -ned2"
>

I added the flags you recommended above, = and=20 altogether, it seems to work a
bit better.  Unfortunately, the = router=20 still becomes unreachable every few
minutes.

This leads me to = another=20 question -- why, if my configuration looks fairly
decent, would not = only the=20 ed2 interface stop communicating with the cable
modem, but ed1 ALSO = stops=20 responding to telnet and ssh sessions.

Also, I noticed some "ed2 = NIC=20 memory corrupt - invalid packet size" messages
on the console last = time I=20 looked.  It seems these JUST started appearing
after I added = various=20 NATD flags.

>
> I also added the following to let DHCP=20 through
>     # Allow DHCP=20 through
>     ${fwcmd} add pass udp from any = 68 to any=20 67 out via ${oif}
>     ${fwcmd} add pass udp = from any=20 67 to any 68 in  via ${oif}

Added these two, seems to be = working=20 a-ok.

> And, do you have the following in=20 /etc/dhclient.conf:
>
> interface "ed2"=20 {
>         send host-name = "<your isp provided hostname=20 here>";
>         = request=20 subnet-mask, broadcast-address, routers,\
> domain-name-servers,=20 domain-name,=20 time-servers;
>         = require=20 domain-name-servers;
>       &nb= sp;=20 }
>

I added the above to my dhclient.conf file, and DHCP = stopped=20 receiving
domain resolution information.  I've left the = dhclient.conf=20 empty (as it was
before), as it was not only working fine, but also = providing=20 all of the
information you were requesting in your=20 dhclient.conf.

Thanks for the=20 suggestions,
Mark
------=_NextPart_000_000F_01C10638.6539B320-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message