From owner-freebsd-questions Thu Jan 24 18:52:14 2002 Delivered-To: freebsd-questions@freebsd.org Received: from hobbits.brel.com (hobbits.brel.com [203.127.231.61]) by hub.freebsd.org (Postfix) with ESMTP id A0A0C37B400 for ; Thu, 24 Jan 2002 18:52:09 -0800 (PST) Received: by hobbits.brel.com (Postfix, from userid 1001) id 323F7330D; Fri, 25 Jan 2002 10:52:08 +0800 (SGT) Delivered-To: calvinng@hobbits.brel.com Received: from amerasu.brel.com (amerasu.brel.com [203.127.231.51]) by hobbits.brel.com (Postfix) with ESMTP id A4B953335 for ; Fri, 25 Jan 2002 10:48:13 +0800 (SGT) Received: (from calvinng@localhost) by amerasu.brel.com (8.11.6/8.11.6) id g0P2mKd93285 for calvinng@hobbits.brel.com; Fri, 25 Jan 2002 10:48:20 +0800 (SGT) (envelope-from calvinng) Received: from hobbits.brel.com (hobbits.brel.com [203.127.231.61]) by amerasu.brel.com (8.11.6/8.11.6) with ESMTP id g0P2mJx93282 for ; Fri, 25 Jan 2002 10:48:19 +0800 (SGT) (envelope-from calvinng@brel.com) Received: by hobbits.brel.com (Postfix, from userid 1001) id DEC76330D; Fri, 25 Jan 2002 10:48:12 +0800 (SGT) Date: Fri, 25 Jan 2002 10:48:12 +0800 From: Calvin NG To: Questions Cc: Calvin NG Subject: problem with ARP proxy Message-ID: <20020125104812.B68512@brel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Greetings, Quick Question: -------------- I seems to be encountering repeated panics/crash (Fatal Trap 12:page fault while in kernel mode) due to the use of arp proxy. The system is running FreeBSD 4.5-RC cvsup on 24 Jan 2002. Following the FAQ I did a "nm -n kernel | grep ..." and found that the function it points to is "arptfree". And I found this in the source sys/netinet/if_ether.c For the moment I am switching to using static routes on the internal network, and not use proxy arp. If anyone has a similar scenario and is successful, please give some advise. Or anyone with better suggestions, do share it with me, thanks in advance. Of course, if someone in the know can investigate this proxy arp thing a bit, and check if there is a bug, even better. ;-) Background: ---------- I am adding a ADSL connection to a token ring network, and it looks like the following: (ISP) ---- (ADSL modem) -- (Win98) -- (firewall) ---- (token ring network) The (firewall) machine is the one we are interested in, it runs FreeBSD 4.5-RC with IPFirewall, a onboard ethernet (fxp0) connected to the (Win98), and a Olicom card (OC-3137) (oltr0) connected to the internal network. To make the proxy machine transparent to the token ring user, I decided to subnet some IPs from the internal network, and use proxy arp to route the request to the win98 machine, and thus out to the internet. token ring : 10.1.0.0/255.255.0.0 firewall : oltr0 : 10.1.0.250/255.255.0.0 fxp0 : 10.1.0.253/255.255.255.252 ( in addition: arp -s $(win98-hostname) ($oltr:lladdr) pub only ) win98 : 10.1.0.254/255.255.255.252 ( the other interface is connected to the ADSL modem, and this also runs the PPoE (spellling?) client ). Problem: ------- The configuration works, nodes on the token ring network can see the win98 PC, even with the IPfirewall rules enabled. However, the firewall suffer repeated crashes once in a while, when more than 1 internal node tries to connect to the win98 machine through the firewall. Current Solution: ---------------- My initial thought was maybe problem with the IPFirewall or the token ring driver, since this are things I am not that fmailiar with. But I did some search and followed some instructions in the FAQ on troubleshooting, and found that the crash occurs in the function arptfree(). This leads me to think I am having problem with the proxy arp. Actually during the testing, I have less than 5 entries in my arp table when the crashes occurs, and this includes the proxy entry. Anyway, I have removed the proxy arp entry and using static routes on the nodes, and is having relative success for the pass hour or so. Regards, /calvin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message