From owner-freebsd-questions@FreeBSD.ORG Mon Jan 11 15:44:43 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5A3801065679 for ; Mon, 11 Jan 2010 15:44:43 +0000 (UTC) (envelope-from nvidican@envieweb.net) Received: from gateway08.websitewelcome.com (gateway08.websitewelcome.com [67.18.34.19]) by mx1.freebsd.org (Postfix) with SMTP id 19DFE8FC23 for ; Mon, 11 Jan 2010 15:44:42 +0000 (UTC) Received: (qmail 8716 invoked from network); 11 Jan 2010 16:02:51 -0000 Received: from armada.websitewelcome.com (74.52.142.66) by gateway08.websitewelcome.com with SMTP; 11 Jan 2010 16:02:51 -0000 Received: from localhost ([127.0.0.1]:36356) by armada.websitewelcome.com with esmtpa (Exim 4.69) (envelope-from ) id 1NUMRc-0007Hs-O7; Mon, 11 Jan 2010 09:44:40 -0600 Received: from 19.1.212.137 (19.1.212.137 [19.1.212.137]) by www.envieweb.net (Horde MIME library) with HTTP; Mon, 11 Jan 2010 10:44:40 -0500 Message-ID: <20100111104440.2vc6xxvc0k8oc80g@www.envieweb.net> Date: Mon, 11 Jan 2010 10:44:40 -0500 From: nvidican@envieweb.net To: Paul Shi References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Internet Messaging Program (IMP) H3 (4.1.6) X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - armada.websitewelcome.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - envieweb.net Cc: freebsd-questions@freebsd.org Subject: Re: Setup of Router machine with FreeBSD X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jan 2010 15:44:43 -0000 Quoting Paul Shi : > Dear All, > > I have tried to setup a wireless network consist of a server, AP, a router > machine and wireless client. Here is setup and configuration of my design. > Please correct me if I am wrong about anything. > > Server > IP: 192.168.2.1, Gateway: 192.168.2.2, Netmask: 255.255.255.0 > --------------------------------------------------------------------------= ------------------- > IP: 192.168.2.2, Netmask: 255.255.255.0 > Router > IP: 192.168.1.1, Netmask: 255.255.255.0 > --------------------------------------------------------------------------= ------------------- > IP:192.168.1.2, Gateway: 192.168.1.1, Netmask: 255.255.255.0 > Access Point > --------------------------------------------------------------------------= ------------------- > IP: 192.168.1.3, Netmask: 255.255.255.0 > Client > > I have add following to /etc/rc.conf of server machine > > static_routes=3D"serverinternal" > routes_serverinternal=3D"'-net 192.168.2.1/24 192.168.2.2" > > and following to /etc/rc.conf of router machine > > static_routes=3D"internal" > routes_internal=3D"'-net 192.168.2.2/24 192.168.1.1" > > Is there anything I have done wrong? Or anything else I need to do. My > problem now is I cannot connect from server to router machine. Any > suggestion would be greatly appreciated! > > Your sincerely, > Paul Shi > Electronic and Communication Engineering Senior > Department of Electrical and Electronic Engineering > University of Hong Kong > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.or= g" > Paul, It seems to me your problem is in your route configuration. =20 "192.168.2.1/24" is incorrect, /24 indicates the bitmask; the network =20 address should be correctly written as "192.168.2.0/24" instead =20 indicating a network address of '192.168.2.0' with a network of 254 =20 usable IP addresses in the same subnet. You'll thus only have to have ONE route entry for the whole network, =20 not one per IP (unless that is your intention -in which case the =20 '-net' syntax is incorrectly being used). So long as routing is turned =20 on (man sysctl), simply pointing the server to the router and the =20 client to the router to connect to each other should work. Try doing =20 the commands from the console first to get it all working, then worry =20 about putting in the startup configs on boot-up. Given your example, I'd login to 'server' and run: route add 192.168.1.0/24 192.168.2.2 (if the router is the ONLY router from the server, use this instead): route add 0.0.0.0 192.168.2.2 Then, from the client, add: route add 192.168.2.0/24 192.168.1.1 The gateway/router box itself does not need any routing setup =20 internally; you don't need/shouldn't be setting any routes given that =20 192.168.2.2, and 192.168.1.2 are hosts on the two networks for which =20 you want to allow routes. They key is in getting the clients to both =20 use the same gateway, (as accessible from the network they are =20 respectfully on). This may be a little more clearly depicted below: Host A (192.168.2.1) <--> Router (192.168.2.2) (192.168.1.1) <--> Host =20 B (192.168.1.3) Host A: - needs to know to use '192.168.2.2' as it's gateway to 192.168.1.0/24 - may just use 192.168.2.2 as it's default gateway to ANY network Host B: - needs to know to use '192.168.1.1' as it's gateway to 192.168.2.0/24 - similarly, may just use '192.168.1.1' as it's default gateway to =20 ANY as well Assuming you're connecting the internet at some point to the gateway =20 (router) machine, a decent firewall filter and NAT will most likely be =20 required as well. Read up in the handbook a bit on the subject or feel =20 free to come back for more info if needed. Hope this helps. -- Nathan Vidican nathan@vidican.com