From owner-freebsd-net  Sat May 26 20: 0: 3 2001
Delivered-To: freebsd-net@freebsd.org
Received: from fester.unkempt.net (cm623478-a.ftwrth1.tx.home.com [24.4.14.251])
	by hub.freebsd.org (Postfix) with ESMTP id 7BD9537B422
	for <freebsd-net@freebsd.org>; Sat, 26 May 2001 19:59:57 -0700 (PDT)
	(envelope-from brandt@unkempt.net)
Received: from osc20 (OSC3 [206.46.190.20])
	by fester.unkempt.net (8.9.3/8.9.3) with SMTP id WAA56633
	for <freebsd-net@freebsd.org>; Sat, 26 May 2001 22:04:26 -0500 (CDT)
	(envelope-from brandt@unkempt.net)
Message-ID: <00ef01c0e659$1a49dce0$14be2ece@osc20>
From: "Brandt" <brandt@unkempt.net>
To: <freebsd-net@freebsd.org>
References: <20010527025207.FXQD13163.femail1.sdc1.sfba.home.com@grinch>
Subject: Re: natd, 2 NIC's, 2 Hubs, Something I'm missing?
Date: Sat, 26 May 2001 21:59:23 -0500
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

Well, I assumed the natd would be noticed in the subject line, and also
it is listed under the "rc.conf" section I listed below.

As for the dc0, I forgot I had tried a 255.255.0.0 subnet, and played
with the broadcast just for giggles.  Normally they are 255.255.0.0
and 192.168.1.255 respectively.

And no its not the firewall rules, I don't think, but I'm no expert.
## ipfw #########
00050 divert 8668 ip from any to any via vr0
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
00300 deny ip from 127.0.0.0/8 to any
65000 allow ip from any to any
65535 deny ip from any to any

----- Original Message ----- 
From: "Justin C.Walker" <justin@mac.com>
To: <freebsd-net@FreeBSD.ORG>
Sent: Saturday, May 26, 2001 9:52 PM
Subject: Re: natd, 2 NIC's, 2 Hubs, Something I'm missing?


> Your msg implies you're using NAT, but you've not included anything 
> about the NAT config.  Also, the 'ifconfig' output for dc0 doesn't 
> jibe with the rest of your message.
> 
> Regards,
> 
> Justin
> 
> On Saturday, May 26, 2001, at 07:32 PM, Brandt wrote:
> 
> > Hello all, this has got me stumped.
> >
> > FreeBSD 4.3
> >   vr0: ip=   65.3.111.111 subnet 255.255.255.0
> >   dc0: ip=  192.168.1.1   subnet 255.255.255.0
> >
> > Kernel has been recompiled with IPDIVERT and IPFIREWALL options,
> > and every thing WORKS fine as long as I have both NIC's pluged into the
> > SAME hub.
> >
> > But shouldn't this also work when the vr0 interface is moved to a 
> > seperate
> > hub?  So that the internet interface and the LAN interface (dc0) are on
> > seperate networks?
> >
> > The strange thing is that as soon as I unplug the 65.3.*.* 
> > interface from the
> > hub, the other 192.168.1.* boxes can't ping the dc0, 192.168.1.1 
> > interface
> > even though they are still connected to the same hub.  At the same 
> > time, the
> > dc0 interface can still ping the other LAN boxen on the 192.168 
> > network.
> >
> > Any ideas as to what is going on?
> >
> > - Brandt
> > ## My Kernel ##########
> > options         IPDIVERT
> > options        IPFIREWALL
> >
> > ## /etc/rc.conf ##########
> > sendmail_enable="YES"
> > sshd_enable="YES"
> > inetd_enable="YES"
> > gateway_enable="YES"
> > network_interfaces="vr0 lo0 dc0"
> > ifconfig_vr0="inet 65.3.111.111  netmask 255.255.255.0"
> > defaultrouter="65.3.111.1"
> > ifconfig_dc0="inet 192.168.1.1  netmask 255.255.255.0"
> > hostname="myhostname.mydomain.com"
> >
> > #NATD
> > natd_enable="YES"
> > natd_interface="vr0"
> > natd_flags="-f /etc/natd.conf"
> >
> > #FIREWALL
> > firewall_enable="YES"
> > firewall_script="/etc/rc.firewall"
> > firewall_type="open"
> > firewall_quiet="NO"
> > firewall_logging="YES"
> > firewall_flags=""
> >
> > #ATTEMPT TO CORRECT ROUTING TABLE
> > router_enable="YES"
> > router="routed"
> > router_flags="-s"
> >
> > ## ifconfig  ##########
> > dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> >         inet 192.168.1.1 netmask 0xffff0000 broadcast 192.168.255.255
> >         inet6 fe80::280:c8ff:fee8:58fe%dc0 prefixlen 64 scopeid 0x1
> >         ether ff:ff:ff:ff:ff:ff
> >         media: autoselect (100baseTX <full-duplex>) status: active
> >         supported media: autoselect 100baseTX <full-duplex> 
> > 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP none
> > vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> >         inet 65.3.111.111 netmask 0xffffff00 broadcast 65.3.111.255
> >         inet6 fe80::280:c8ff:fee8:58fe%vr0 prefixlen 64 scopeid 0x2
> >         ether 00:80:c8:e8:58:fe
> >         media: autoselect (10baseT/UTP) status: active
> >         supported media: autoselect 100baseTX <full-duplex> 
> > 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP none
> 
> ---
> Justin C. Walker, Curmudgeon-At-Large  *
> Institute for General Semantics        |
> Director of Technology                 | It's not whether you win 
> or lose...
> Nexsi Systems Corp.                    |  It's whether *I* win or lose.
> 1959 Concourse Drive                   |
> San Jose, CA  95131                    |
> *--------------------------------------*-------------------------------*
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message