From owner-freebsd-questions@FreeBSD.ORG  Fri Feb 13 17:16:22 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5093E16A4CE
	for <freebsd-questions@freebsd.org>;
	Fri, 13 Feb 2004 17:16:22 -0800 (PST)
Received: from smtp-2.mdc.net (smtp-2.mdc.net [209.251.64.26])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EA9B443D1F
	for <freebsd-questions@freebsd.org>;
	Fri, 13 Feb 2004 17:16:21 -0800 (PST)
	(envelope-from matthew@netway.com)
Received: from admin1.mdc.net (admin1.mdc.net [209.251.64.23])
	by smtp-2.mdc.net (8.9.3/8.9.1) with ESMTP id UAA60722;
	Fri, 13 Feb 2004 20:16:10 -0500 (EST)
	(envelope-from matthew@netway.com)
Date: Fri, 13 Feb 2004 20:16:04 -0500 (EST)
From: matthew <matthew@netway.com>
X-X-Sender: matthew@admin1.mdc.net
To: Michael Madden <madden@cmsrtp.com>
In-Reply-To: <402D709D.6030902@cmsrtp.com>
Message-ID: <20040213201146.G67547@admin1.mdc.net>
References: <402D709D.6030902@cmsrtp.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: freebsd-questions@freebsd.org
Subject: Re: FreeBSD 5.2 Router Setup
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Feb 2004 01:16:22 -0000



On Fri, 13 Feb 2004, Michael Madden wrote:

> I am trying to setup a pc with FreeBSD 5.2 as a
> router.  I've got two NICs setup. My laptop
> can ping the LAN side of the router (192.168.200.1),
> and it can also ping the WAN side of the router (172.16.20.10).

Good.

> However, I cannot get past the WAN side of the router to
> other pcs or the internet, but if I login to the
> router, I can see other pcs and the internet.
> It almost seems like IP forwarding isn't working
> isn't working on the router.
>

Well, most people run network address translation (NATD).
And they also use ipfw to send packets to the natd daemon.

When you ping past the freebsd gateway, your source address is a 192.*.*.*
You cannot expect machines past the freebsd router to know where
to send its reply to you.

Those machines you are trying to ping just send the reply to
their default gateway instead of the freebsd machine.

So, are you using natd? man natd and then man ipfw.
google for a nice howto.

If this is not your goal email back and we will continue again.

m

> Here is /etc/rc.conf:
>
> ifconfig_xl0="inet 172.16.20.10  netmask 255.255.0.0"
> ifconfig_xl1="inet 192.168.200.1  netmask 255.255.255.0"
> defaultrouter="172.16.255.1"
> gateway_enable="YES"
> hostname="pcmadden.cms-stl.com"
> linux_enable="YES"
> moused_enable="YES"
> ntpdate_enable="YES"
> ntpdate_flags="time-ext.missouri.edu"
> sshd_enable="YES"
> usbd_enable="YES"
>
> Here is the output of ifconfig:
> xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>          options=b<RXCSUM,TXCSUM,VLAN_MTU>
>          inet 172.16.20.10 netmask 0xffff0000 broadcast 172.16.255.255
>          inet6 fe80::201:2ff:fe3f:5823%xl0 prefixlen 64 scopeid 0x1
>          ether 00:01:02:3f:58:23
>          media: Ethernet autoselect (100baseTX <full-duplex>)
>          status: active
> xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>          options=b<RXCSUM,TXCSUM,VLAN_MTU>
>          inet 192.168.200.1 netmask 0xffffff00 broadcast 192.168.200.255
>          inet6 fe80::210:5aff:fea8:fd83%xl1 prefixlen 64 scopeid 0x2
>          ether 00:10:5a:a8:fd:83
>          media: Ethernet autoselect (none)
>          status: no carrier
> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
>          inet 127.0.0.1 netmask 0xff000000
>          inet6 ::1 prefixlen 128
>          inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
>
> Here is the output of netstat -r:
> Routing tables
>
> Internet:
> Destination        Gateway            Flags    Refs      Use  Netif Expire
> default            guardian-int       UGS         0      516    xl0
> localhost          localhost          UH          0        2    lo0
> 172.16             link#1             UC          0        0    xl0
> stldns             00:06:5b:8b:dd:9f  UHLW        0       43    xl0   1059
> hulk               00:30:d3:01:98:f1  UHLW        0        6    xl0
> light              00:c0:4f:a1:2b:f8  UHLW        0        3    xl0   1057
> legolas            00:06:5b:84:44:c5  UHLW        0     1325    xl0    836
> guardian-int       00:a0:8e:1d:bd:b4  UHLW        1        0    xl0    660
> 192.168.200        link#2             UC          0        0    xl1
>
> Internet6:
> Destination        Gateway            Flags      Netif Expire
> localhost.cms-stl. localhost.cms-stl. UH          lo0
> fe80::%xl0         link#1             UC          xl0
> fe80::201:2ff:fe3f 00:01:02:3f:58:23  UHL         lo0
> fe80::%xl1         link#2             UC          xl1
> fe80::210:5aff:fea 00:10:5a:a8:fd:83  UHL         lo0
> fe80::%lo0         fe80::1%lo0        U           lo0
> fe80::1%lo0        link#3             UHL         lo0
> ff01::             localhost.cms-stl. U           lo0
> ff02::%xl0         link#1             UC          xl0
> ff02::%xl1         link#2             UC          xl1
> ff02::%lo0         localhost.cms-stl. UC          lo0
>
> Any help figuring this out would be greatly appreciated.
>
> Thanks,
> Michael
>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>