From owner-freebsd-questions Sun Oct 1 13: 3:57 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id D436D37B503 for ; Sun, 1 Oct 2000 13:03:54 -0700 (PDT) Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Sun, 1 Oct 2000 13:02:41 -0700 Received: (from cjc@localhost) by 149.211.6.64.reflexcom.com (8.11.0/8.11.0) id e91K3m456877; Sun, 1 Oct 2000 13:03:48 -0700 (PDT) (envelope-from cjc) Date: Sun, 1 Oct 2000 13:03:48 -0700 From: "Crist J . Clark" To: Julian Steinberg Cc: "'Odhiambo Washington'" , mj@isy.liu.se, questions@FreeBSD.ORG Subject: Re: Thanks for your responses! Message-ID: <20001001130348.J25121@149.211.6.64.reflexcom.com> Reply-To: cjclark@alum.mit.edu References: <000001c02bde$5fe23c10$320aa8c0@PIII> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <000001c02bde$5fe23c10$320aa8c0@PIII>; from Julian@imaginetrix.com on Sun, Oct 01, 2000 at 11:46:28AM -0700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, Oct 01, 2000 at 11:46:28AM -0700, Julian Steinberg wrote: > I do appreciate them very much. > > However, I am going to leave this issue alone right now. Huh? And if you are going to change the Subject: line, you probably should keep it to something in line with the content of the message. I deleted it first pass through the list, but accidently read it anyway. > I am trying to make my BSD machine into an IP router. > > I have done everything that the documentation suggests but I have a feeling > I am missing something or something is left out: Looks that way. > I have: > > a) Compiled a kernel with options: IP FIREWALL and IPDivert OK. > b) I have rc.conf set with gateway enable OK. > c) I have two NICS OK. > d) The BSD machine can ping the internet OK. > e) My internal machines can ping both NIC's of the BSD, the one on their > logical subnet and the one with the external address. It is somewhat misleading to say that they can "ping both NIC's." But it is nice to know that the FreeBSD box knows it has an interface with that IP. > f) My firewall type is " Open" Good. > However, internal machines cannot ping anything on the internet You seemed to have left out the part where you are running a NAT daemon like natd(8). You put 'IPDIVERT' in the kernel and all, so I guess that you know you need to do that, right? > When a client on the inside makes an external request, I get the following > message from the BSD console: > > " /Kernel: arp: 192.168.10.50 ( my win2k client ) is on xl1 but got reply > from > 00:10:4b:2a:32:e5 on xl0" This makes it look like your physical networking is messed up. > Xl0 is my external ip address ( 63.195.121.108 255.2555.255.0) > xl1 is my internal address ( 192.168.10.10. 255.255.255.0 ) Please tell me that you don't have everything plugged into one hub. That's what that ARP message looks like. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message