Date: Wed, 13 Nov 2002 09:42:02 -0600 (CST) From: Kenny Elliott <kenny@eagle.homedns.org> To: freebsd-questions@freebsd.org Subject: firewall / natd problem I think Message-ID: <20021113094049.Q7187-100000@eagle.homedns.org>
next in thread | raw e-mail | index | archive | help
Hello Everyone. I have a problem that I just can't seem to figure out. I have a FreeBSD server connected to the internet via xl1 which is connected to a cable modem. This interface gets it's ip dynamicly via dhcp. Interface xl0 has an assigned ip address of 10.1.1.1 and is connected to an internal network. Clients on the internal network are given ip addresses in the 10.1.1.0/24 class C via dhcp. I use the homedns.org service to map the ip address that xl1 receives to eagle.homedns.org. I have configured natd to run on the server. rc.conf and ipfw output to follow I have an apache server running on this server and it is configured to respond to eagle.homedns.org. If I connect to the web server from the outside world it works correctly. However, if I attempt to connect to the web server from one of the internal clients the connection is VERY slow. Accessing outside web servers from the same client works without a problem speed is wuite acceptable. This client has the same problem (very slow) whne attempting to retreive it's mail from the pop server running on the freebsd box. Hopefully someone can point me in the right direction to get this corrected. Please excuse im if I am doing anything obviously wrong here. I'm not very familar with freebsd I mainly have experiance with Linux and Solaris. Thanks in advance. Kenny Contents of my rc.comf file: gateway_enable="YES" natd_program="/sbin/natd" natd_enable="YES" natd_interface="xl1" natd_flags="-f /etc/natd.conf" tcp_drop_synfin="YES" # -- sysinstall generated deltas -- # saver="fire" network_interfaces="xl0 xl1 lo0" pccard_ifconfig="NO" pccard_mem="DEFAULT" # -- sysinstall generated deltas -- # routerflags="" ifconfig_xl0="inet 10.1.1.1 netmask 255.255.255.0" ifconfig_xl1="DHCP" router="routed" router_enable="YES" hostname="eagle.homedns.org" ldconfig_paths="/usr/lib /usr/local/lib /usr/local/X11R6/lib" named_enable="YES" firewall_enable="YES" firewall_type="OPEN" firewall_quiet="NO" firewall_script="/etc/rc.firewall" Output of ipfw -a l: 00100 31895 10126379 divert 8668 ip from any to any via xl1 00100 282 11054 allow ip from any to any via lo0 00200 1 56 deny ip from any to 127.0.0.0/8 65000 31894 10126323 allow ip from any to any 65535 8 1482 deny ip from any to any To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021113094049.Q7187-100000>