From owner-freebsd-hackers Sat Oct 14 23:32:14 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from klapaucius.zer0.org (klapaucius.zer0.org [204.152.186.45]) by hub.freebsd.org (Postfix) with ESMTP id 8EF9B37B66D for ; Sat, 14 Oct 2000 23:32:12 -0700 (PDT) Received: by klapaucius.zer0.org (Postfix, from userid 1001) id 7E737239AB3; Sat, 14 Oct 2000 23:32:12 -0700 (PDT) Date: Sat, 14 Oct 2000 23:32:12 -0700 From: Gregory Sutter To: hackers@freebsd.org Subject: Routing issues Message-ID: <20001014233212.H3444@klapaucius.zer0.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Organization: Zer0 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm setting up a network that looks like this: --Internet----Router---Firewall | | /--- host Switch----NAT-----<----- host | \----- host | \----- etc... --------- | | email ns In other words, a fairly typical small network. I've got an 8-IP subnet; all hosts outside the NAT have real IPs: router: 1.2.3.193 firewall: 1.2.3.196 fxp0 1.2.3.197 fxp1 nat: 1.2.3.198 email: 1.2.3.194 ns: 1.2.3.195 The problem I'm having is with my routing. Surprise. Here is the routing table for the firewall: default 1.2.3.193 fxp0 1.2.3.193 link#1 fxp0 1.2.3.192/29 link#2 fxp1 1.2.3.196 lo0 1.2.3.197 lo0 The gateway_enable (net.inet.ip.forwarding) is also enabled on the firewall. From the firewall, I can reach any host with no problems. However, from hosts inside the firewall, I cannot reach outside, and vice versa. I feel I must be missing something obvious, but have played with routes for hours to no avail. Does anyone see a problem with the routing of this network? Greg -- Gregory S. Sutter Computing is a terminal addiction. mailto:gsutter@zer0.org http://www.zer0.org/~gsutter/ PGP DSS public key 0x40AE3052 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message