Date: Wed, 25 Jun 1997 23:03:31 +0100 From: Brian Somers <brian@awfulhak.org> To: 0000-Administrator <root@counterintelligence.cdrom.com> Cc: Brian Somers <brian@awfulhak.org>, questions@freebsd.org Subject: Re: Routing Problems Message-ID: <199706252203.XAA04650@awfulhak.demon.co.uk> In-Reply-To: Your message of "Wed, 25 Jun 1997 00:33:15 PDT." <Pine.BSF.3.96.970625001636.209A-100000@counterintelligence.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> **** I just wanted to check to see if I did this right, I changed the
> /etc/hosts file to have two entries
>
> 127.0.0.1 localhost
> 127.0.0.1 counterintelligence.cdrom.com counterintelligence
>
>
> so that when the ppp0 interface is not up (ip address 206.86.94.101) then
> the resolver uses /etc/hosts instead of then nameserver so telnetting to
> counterintelligence or counterintelligence.cdrom.com is routed to
> 127.0.0.1 which goes through the loopback device lo0
>
> (counterintelligence.cdrom.com is also mdean.vip.best.com)
>
> also i do a: route add -host 206.86.94.101 -interface lo0
> in my rc files so that once the ppp interface comes up (and even when it
> is down) packets headed for the ppp device go through the loopback, this
> seems to work but I don't really entirely understand the function of
> -interface (the man page said so)
>
>
> when the ppp device comes up i end up with a routing table like:
>
> Routing tables
>
> Internet:
> Destination Gateway Flags Refs Use Netif
> Expire
> default ns3.best.com UGSc 1 0 ppp0
> localhost localhost UH 0 53 lo0
> ns3.best.com mdean.vip.best.com UH 2 0 ppp0
> mdean.vip.best.com lo0 UHS 0 0 lo0
>
> Which seems to work well --- kind of clumsy, but I guess it would be ok
> then to change counterintelligence in the host file to 206.86.94.101?
> Would it not.
Yep, this IMO is the best way. I looked at lobbing stuff from
ip_output.c to ip_input.c, but it was way too uncontrollable. The
first thing it broke badly was "ping localhost". I'll still look at
doing it at the ppp/tun level.
> ALSO MORE IMPORTANTLY ----- Can anyone tell me how to do something
> equivalent to IP Masquerading in linux on a FreeBSD box, I really want to
> change my work machine (which is masquerading a 20 winbox lan) over to
> FreeBSD, because linux in lame performance wise (for instance when I am
> doing a "tar czvf backup.tgz /" on the machine (it is a ppro-180 w/64mb
> 2 ethernet cards and a modem, serves as our router) the networking [we are
> talking a 28.8 modem here] slows to a halt --- it takes a minute and a
> half to login from the outside through the modem, i tried this with
> freebsd and it doesn't lag the same way.
Look into natd. It was a port. It's now in src/usr.sbin/natd.
Don't use the port, use version 1.8.
> The good thing is that Linux masquerading works with ping and traceroute
> (ICMP) in addition to ftp and netscape now, I'd love to have the same for
> FreeBSD so I could throw my Linux machine in the Trash. Please point me
> somewhere.
Ha ! In addition, natd does IRC, PMTU and RPC. I'd blindly bet that
Linux doesn't do all of them !
--
Brian <brian@awfulhak.org>, <brian@freebsd.org>
<http://www.awfulhak.org>;
Don't _EVER_ lose your sense of humour....
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706252203.XAA04650>