From owner-freebsd-net Sat May 26 19:52:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from femail1.sdc1.sfba.home.com (femail1.sdc1.sfba.home.com [24.0.95.81]) by hub.freebsd.org (Postfix) with ESMTP id 6C74737B422 for ; Sat, 26 May 2001 19:52:07 -0700 (PDT) (envelope-from justin@mac.com) Received: from grinch ([65.11.111.111]) by femail1.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP id <20010527025207.FXQD13163.femail1.sdc1.sfba.home.com@grinch> for ; Sat, 26 May 2001 19:52:07 -0700 Date: Sat, 26 May 2001 19:52:04 -0700 Content-Type: text/plain; format=flowed; charset=us-ascii X-Mailer: Apple Mail (2.388) From: Justin C.Walker To: Mime-Version: 1.0 (Apple Message framework v388) In-Reply-To: <00c901c0e655$481099b0$14be2ece@osc20> Subject: Re: natd, 2 NIC's, 2 Hubs, Something I'm missing? Content-Transfer-Encoding: 7bit Message-Id: <20010527025207.FXQD13163.femail1.sdc1.sfba.home.com@grinch> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Your msg implies you're using NAT, but you've not included anything about the NAT config. Also, the 'ifconfig' output for dc0 doesn't jibe with the rest of your message. Regards, Justin On Saturday, May 26, 2001, at 07:32 PM, Brandt wrote: > Hello all, this has got me stumped. > > FreeBSD 4.3 > vr0: ip= 65.3.111.111 subnet 255.255.255.0 > dc0: ip= 192.168.1.1 subnet 255.255.255.0 > > Kernel has been recompiled with IPDIVERT and IPFIREWALL options, > and every thing WORKS fine as long as I have both NIC's pluged into the > SAME hub. > > But shouldn't this also work when the vr0 interface is moved to a > seperate > hub? So that the internet interface and the LAN interface (dc0) are on > seperate networks? > > The strange thing is that as soon as I unplug the 65.3.*.* > interface from the > hub, the other 192.168.1.* boxes can't ping the dc0, 192.168.1.1 > interface > even though they are still connected to the same hub. At the same > time, the > dc0 interface can still ping the other LAN boxen on the 192.168 > network. > > Any ideas as to what is going on? > > - Brandt > ## My Kernel ########## > options IPDIVERT > options IPFIREWALL > > ## /etc/rc.conf ########## > sendmail_enable="YES" > sshd_enable="YES" > inetd_enable="YES" > gateway_enable="YES" > network_interfaces="vr0 lo0 dc0" > ifconfig_vr0="inet 65.3.111.111 netmask 255.255.255.0" > defaultrouter="65.3.111.1" > ifconfig_dc0="inet 192.168.1.1 netmask 255.255.255.0" > hostname="myhostname.mydomain.com" > > #NATD > natd_enable="YES" > natd_interface="vr0" > natd_flags="-f /etc/natd.conf" > > #FIREWALL > firewall_enable="YES" > firewall_script="/etc/rc.firewall" > firewall_type="open" > firewall_quiet="NO" > firewall_logging="YES" > firewall_flags="" > > #ATTEMPT TO CORRECT ROUTING TABLE > router_enable="YES" > router="routed" > router_flags="-s" > > ## ifconfig ########## > dc0: flags=8843 mtu 1500 > inet 192.168.1.1 netmask 0xffff0000 broadcast 192.168.255.255 > inet6 fe80::280:c8ff:fee8:58fe%dc0 prefixlen 64 scopeid 0x1 > ether ff:ff:ff:ff:ff:ff > media: autoselect (100baseTX ) status: active > supported media: autoselect 100baseTX > 100baseTX 10baseT/UTP 10baseT/UTP none > vr0: flags=8843 mtu 1500 > inet 65.3.111.111 netmask 0xffffff00 broadcast 65.3.111.255 > inet6 fe80::280:c8ff:fee8:58fe%vr0 prefixlen 64 scopeid 0x2 > ether 00:80:c8:e8:58:fe > media: autoselect (10baseT/UTP) status: active > supported media: autoselect 100baseTX > 100baseTX 10baseT/UTP 10baseT/UTP none --- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | Director of Technology | It's not whether you win or lose... Nexsi Systems Corp. | It's whether *I* win or lose. 1959 Concourse Drive | San Jose, CA 95131 | *--------------------------------------*-------------------------------* To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message