From owner-freebsd-questions@FreeBSD.ORG Sat Mar 31 16:54:46 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 57A3C16A401 for ; Sat, 31 Mar 2007 16:54:46 +0000 (UTC) (envelope-from benfell@earth.parts-unknown.org) Received: from earth.parts-unknown.org (earth.parts-unknown.org [66.93.170.243]) by mx1.freebsd.org (Postfix) with SMTP id 3045113C484 for ; Sat, 31 Mar 2007 16:54:42 +0000 (UTC) (envelope-from benfell@earth.parts-unknown.org) Received: (qmail 97489 invoked by uid 501); 31 Mar 2007 16:54:37 -0000 DomainKey-Status: no signature Date: Sat, 31 Mar 2007 09:54:37 -0700 From: David Benfell To: Lowell Gilbert Message-ID: <20070331165437.GA88581@parts-unknown.org> Mail-Followup-To: Lowell Gilbert , freebsd-questions@freebsd.org References: <20070330030001.GA38549@parts-unknown.org> <44hcs14fud.fsf@Lowell-Desk.lan> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="9zSXsLTf0vkW971A" Content-Disposition: inline In-Reply-To: <44hcs14fud.fsf@Lowell-Desk.lan> X-gnupg-public-key: http://www.parts-unknown.org/gnupg/export-0DD1D1E3 X-stardate: [-29]7368.32 X-moon: The Moon is Waxing Gibbous (97% of Full) User-Agent: Mutt/1.5.14 (2007-02-12) Cc: freebsd-questions@freebsd.org Subject: Re: dhcpd assigns address, but DNS resolvers and ping fail X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Mar 2007 16:54:46 -0000 --9zSXsLTf0vkW971A Content-Type: multipart/mixed; boundary="oyUTqETQ0mS9luUI" Content-Disposition: inline --oyUTqETQ0mS9luUI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, 31 Mar 2007 11:01:30 -0400, Lowell Gilbert wrote: > David Benfell writes: >=20 > > Another in my mysterious problems list... > > > > pf.conf is set up to allow icmp anywhere. And dhcpd offers a > > plausible IP address and gateway that the client (tested under > > both Linux and Windows) accepts. > > > > The client doesn't get the DNS resolver information and can't > > ping anywhere, even by raw IP address, even to the router. The > > router also fails to ping the client. > Yeah, offhand it looks like it *should* work.=20 > Fairly complicated setup; make sure you really need those > shared-networks if you're using them. > Have you tried putting the domain-name-servers entries > at the subnet or global scope? It *is* a fairly complicated setup. I noticed some kernel arp messages claiming the client wasn't on the network, so I've just gotten back from checking that I had things wired up right. I *think* I do. ifconfig reports that all the interfaces that are supposed to have connections do and the ones that aren't don't. And I've checked all the other networks recently enough to know that they're correctly connected. But there is this one aggravating message that doesn't make any sense to me. In order to explain it, I have to reveal a bit of the network setup. (ifconfig -a output attached) 66.93.170.241 is the LAN address on the T1 router from my ISP. It *is* on interface xl0. I know this (I think) because I can access the outside world without difficulty on this system. The network bits for this seem properly arranged. sf1 is the interface I use to my VOIP box, which has a web interface, and that's all I use that interface for. The VOIP box is just that, something I got from my ISP (Speakeasy). I'm getting arp messages that say 66.93.170.241 is on xl0 but got a reply from (some MAC address) on sf1. For whatever reason, I wasn't getting these messages when this was an OpenBSD box. Meanwhile sf0 is the network that has this public DHCP interface and I have other interfaces available (including one that OpenBSD didn't support--Thanks FreeBSD!) for if I ever need to plug the community I live in and share my T1 with back into *my* local router again. Now, in response to your suggestions, I am trying getting rid of the 192.168.17.x DHCP range in the configuration. This is not currently in use (and I think I actually meant to have that on a different interface anyway). I have also copied the declarations you suggested into the subnet setup; this got the correct DNS resolver information onto the client. But I'm still not able to ping (in either direction) and DNS resolution doesn't work on the client. Thanks! --=20 David Benfell, LCP benfell@parts-unknown.org --- Resume available at http://www.parts-unknown.org/ NOTE: I sign all messages with GnuPG (0DD1D1E3). --oyUTqETQ0mS9luUI Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=ifconfig Content-Transfer-Encoding: quoted-printable sf0: flags=3D8843 mtu 1500 inet 192.168.17.1 netmask 0xffffff00 broadcast 192.168.17.255 inet 192.168.20.1 netmask 0xffffffff broadcast 192.168.20.1 inet 192.168.17.242 netmask 0xffffffff broadcast 192.168.17.242 inet 192.168.17.249 netmask 0xffffffff broadcast 192.168.17.249 ether 00:00:d1:f0:24:2d media: Ethernet autoselect (100baseTX ) status: active sf1: flags=3D8843 mtu 1500 inet 192.168.102.2 netmask 0xffffff00 broadcast 192.168.102.255 ether 00:00:d1:f0:24:2e media: Ethernet autoselect (100baseTX ) status: active sf2: flags=3D8802 mtu 1500 ether 00:00:d1:f0:24:2f media: Ethernet autoselect (none) status: no carrier sf3: flags=3D8843 mtu 1500 inet 192.168.19.1 netmask 0xffffff00 broadcast 192.168.19.255 inet 192.168.19.30 netmask 0xffffffff broadcast 192.168.19.30 inet 192.168.19.31 netmask 0xffffffff broadcast 192.168.19.31 inet 192.168.19.32 netmask 0xffffffff broadcast 192.168.19.32 inet 192.168.19.60 netmask 0xffffffff broadcast 192.168.19.60 inet 192.168.19.61 netmask 0xffffffff broadcast 192.168.19.61 inet 192.168.19.62 netmask 0xffffffff broadcast 192.168.19.62 inet 192.168.19.242 netmask 0xffffffff broadcast 192.168.19.242 ether 00:00:d1:f0:24:30 media: Ethernet autoselect (100baseTX ) status: active dc0: flags=3D8843 mtu 1500 options=3D8 inet 192.168.18.1 netmask 0xffffff00 broadcast 192.168.18.255 inet 192.168.18.30 netmask 0xffffffff broadcast 192.168.18.30 inet 192.168.18.31 netmask 0xffffffff broadcast 192.168.18.31 inet 192.168.18.32 netmask 0xffffffff broadcast 192.168.18.32 ether 00:a0:cc:65:ba:d0 media: Ethernet autoselect (100baseTX ) status: active xl0: flags=3D8843 mtu 1500 options=3D8 inet 66.93.170.242 netmask 0xfffffff0 broadcast 66.93.170.255 inet 66.93.170.244 netmask 0xffffffff broadcast 66.93.170.244 inet 66.93.170.245 netmask 0xffffffff broadcast 66.93.170.245 inet 66.93.170.246 netmask 0xffffffff broadcast 66.93.170.246 inet 66.93.170.247 netmask 0xffffffff broadcast 66.93.170.247 inet 66.93.170.248 netmask 0xffffffff broadcast 66.93.170.248 inet 66.93.170.249 netmask 0xffffffff broadcast 66.93.170.249 inet 66.93.170.250 netmask 0xffffffff broadcast 66.93.170.250 inet 66.93.170.251 netmask 0xffffffff broadcast 66.93.170.251 inet 66.93.170.252 netmask 0xffffffff broadcast 66.93.170.252 ether 00:60:97:58:f4:49 media: Ethernet autoselect (100baseTX ) status: active vr0: flags=3D8802 mtu 1500 ether 00:40:63:c3:80:0e media: Ethernet autoselect (none) status: no carrier lo0: flags=3D8049 mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8=20 inet6 ::1 prefixlen 128=20 inet 127.0.0.1 netmask 0xff000000=20 pflog0: flags=3D141 mtu 33208 --oyUTqETQ0mS9luUI Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="dhcpd.conf" # $OpenBSD: dhcpd.conf,v 1.1 1998/08/19 04:25:45 form Exp $ # # DHCP server options. # See dhcpd.conf(5) and dhcpd(8) for more information. # # Network: 192.168.20.0/255.255.255.0 # Domain name: cybernude.org # Name servers: 192.168.19.4 # Default router: 192.168.17.1 # Addresses: 192.168.20.2 - 192.168.20.254 # shared-network LOCAL-NET { option domain-name "cybernude.org"; option domain-name-servers 192.168.18.31, 192.168.19.130, 64.81.79.2, 216.231.41.2; #subnet 192.168.17.0 netmask 255.255.255.0 { #option routers 192.168.17.1; #} subnet 192.168.20.0 netmask 255.255.255.0 { option domain-name "cybernude.org"; option domain-name-servers 192.168.18.31, 192.168.19.130, 64.81.79.2, 216.231.41.2; option routers 192.168.20.1; range 192.168.20.2 192.168.20.254; } } #domain cybernude.org #nameserver 192.168.19.130 #nameserver 192.168.18.31 #nameserver 64.81.79.2 #nameserver 216.231.41.2 #shared-network LUPIN { #option domain-name "cybernude.org"; #option domain-name-servers 192.168.18.31; #subnet 192.168.100.0 netmask 255.255.255.0 { #option routers 192.168.100.1; #range 192.168.100.100 192.168.100.200; #} #} ddns-update-style ad-hoc; --oyUTqETQ0mS9luUI-- --9zSXsLTf0vkW971A Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iD8DBQFGDpJNUd+dMw3R0eMRAhPAAJ0USvNnrRFLdv7wsiDapJqa5Pp2UgCfWI8s 4o+hpTjhmeLQUdSRnytB1xA= =9aF1 -----END PGP SIGNATURE----- --9zSXsLTf0vkW971A--