Date: Wed, 13 Sep 2000 01:21:50 -0700 From: "Crist J . Clark" <cjclark@reflexnet.net> To: JP <jr@paranoia.demon.nl> Cc: freebsd-questions@freebsd.org Subject: Re: Dual homed host routing problem Message-ID: <20000913012150.M69158@149.211.6.64.reflexcom.com> In-Reply-To: <200009122019.WAA00707@pig.bigmama.xx>; from jr@paranoia.demon.nl on Tue, Sep 12, 2000 at 10:02:09PM %2B0200 References: <20000911232915.J69158@149.211.6.64.reflexcom.com> <200009122019.WAA00707@pig.bigmama.xx>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 12, 2000 at 10:02:09PM +0200, JP wrote:
>
>
> >>>>> On Mon, 11 Sep 2000, "Crist" == Crist J . Clark wrote:
>
>
> Crist> The gateway_enable="YES" and manually setting
> Crist> net.inet.ip.forwarding is redundant, that's what the
> Crist> gateway_enable does.
>
> Ok
>
> Crist> How have you tested it? What are the symptoms of yur problem?
> Crist> Saying ed1 does not "fully forward" is a little unclear? Are
> Crist> you trying to connect from a host on ed0's LAN to one on
> Crist> ed1's? Or the other way around? Can the gateway connect to
> Crist> machines on either LAN? -- Crist J. Clark cjclark@alum.mit.edu
>
>
> What happens is that from both the gateway machine and all hosts on the
> 192.168.118 network, I am able to access the ed1 interface, but
> anything beyond the ed1 (other computers connected to that subnet, a
> router that sits there, etc) are unreachable. But they are not totally
> unreachable, the traffic seems to get to the 172... address, but does
> not get routed back. I say that because the message returned is "host
> is down" after only about 10 seconds
You should only get a 'host is down' message for machines on the local
net. I believe that is what you get after the ARP fails.
What I would still like to know is can the gateway machine itself
communicate with other machines on the 172.16.1.0/24 net? Can you ping
172.16.1.2 from the gateway, for example?
> but if i for example attempt to
> ping a host that really does not exist, telnet will wait for many
> minutes then the eventual message is "Unable to connect to remote
> host". Additionally, I see the traffic hit the nics/router on the
> other side (the lights flash).
Have you done tcpdump's on each interface to see what is getting in
and out?
> I also see now after trying Steve van den Akker's suggestion to use the
> "cheat sheet" that natd is reporting "failed to write packet back (host
> is down).
>
> Any ideas what I am doing wrong?
NAT? You never said you were doing NAT. I suppose you have some
firewall rules too? So, here is what we know and still want to know,
1) Can the gateway itself reach hosts on the 172.16.1.0/24 net?
Answer: ?
2) Can the gateway itself reach hosts on the 198.168.118.0 net?
Answer: Not explicitly said, but since the next one works the
other direction I'll assume yes.
3) Can the 198.168.118.0 hosts reach the gateway?
Answer: No.
4) Can the 172.16.1.0/24 hosts reach the gateway?
Answer: ?
5) Can 172.16.1.0/24 hosts reach the 198.168.118.0 net?
Answer: ?, but if you are doing NAT (and unless you masked your
address numbers, I don't know why you would be), this
will be no.
6) Can 198.168.118.0 hosts reach the 172.16.1.0/24 net?
Answer: No.
8) If (1), (2), (3), or (4) is "no," do a tcpdump on the gateway's
interface of interest during the test and see if anything is going
on.
9) If (5) or (6) fails, do tcpdump's on _each_ interface while
attempting the connections an see what happens.
> > On Mon, Sep 11, 2000 at 11:33:49PM +0200, JP (J. Patrick Russell) wrote:
> > > HELP! I'm trying to setup a dual homed host with two ethernet devices. Only
> > > one device seems to be forwarding. ed1 never seems to fully forward, I have
> > > switched the card out with another type (rl0), but the behavior was identical
> > > -- only interface ed0 worked. ed1 is recognized and the cards do not seem to
> > > conflict:
> > >
> > > dmesg relevant output:
> > >
> > > ed0: <NE2000 PCI Ethernet (RealTek 8029)> port 0x6000-0x601f irq 11 at device
> > > 12.0 on pci0
> > > ed0: address 52:54:00:da:22:0c, type NE2000 (16 bit)
> > > ed1: <NE2000 PCI Ethernet (RealTek 8029)> port 0x6100-0x611f irq 10 at device
> > > 14.0 on pci0
> > > ed1: address 52:54:00:da:21:6d, type NE2000 (16 bit)
> > >
> > > and ed1 is automatically added to the routing table:
> > >
> > > Internet:
> > > Destination Gateway Flags Netif Expire
> > > default 172.16.1.2 UGSc ed1
> > > 127.0.0.1 127.0.0.1 UH lo0
> > > 172.16.1/24 link#2 UC ed1 =>
> > > 172.16.1.2 link#2 UHLW ed1 =>
> > > 172.16.1.3 52:54:0:da:21:6d UHLW lo0
> > > 192.168.118 link#1 UC ed0 =>
> > > 192.168.118.1 52:54:0:da:22:c UHLW lo0
> > > 192.168.118.2 0:e0:4c:66:77:3d UHLW ed0 750
> > >
> > > getting to the ed1 interface from the ed0 subnet works, but nothing gets
> > > forwarded beyond the nic.
> > > gateway_enable="YES" is set in rc.conf, and sysctl is set so
> > > net.inet.ip.forwarding=1
>
--
Crist J. Clark cjclark@alum.mit.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000913012150.M69158>