From owner-freebsd-questions@FreeBSD.ORG Mon May 10 07:45:30 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6FFFB16A4CE for ; Mon, 10 May 2004 07:45:30 -0700 (PDT) Received: from mail.darien-wifi.net (genesis.anywheretechnology.com [206.132.238.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id A8DA743D31 for ; Mon, 10 May 2004 07:45:26 -0700 (PDT) (envelope-from freebsd@stevenfettig.com) Received: (qmail 16949 invoked from network); 10 May 2004 14:36:53 -0000 Received: from unknown (HELO stevenfettig.com) (206.132.238.12) by mail.darien-wifi.net with SMTP; 10 May 2004 14:36:53 -0000 Message-ID: <409F9584.4040509@stevenfettig.com> Date: Mon, 10 May 2004 09:45:24 -0500 From: "Steven N. Fettig" User-Agent: Mozilla Thunderbird 0.5 (Macintosh/20040208) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Jeffrey P. Toth" , FreeBSD - questions References: <409ED2F7.9080200@attech.net.au> <000401c4362b$3a962ab0$0200a8c0@satellite> <409EE0BA.8080807@attech.net.au> <20040510052826.02711d1b@it.buh.cameradicommercio.ro> <409EED1A.2000609@attech.net.au> In-Reply-To: <409EED1A.2000609@attech.net.au> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Network Help X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 May 2004 14:45:30 -0000 Jeffrey P. Toth wrote: > Thank you for your response Ion-Mihai, > > On the router question, no, the router is a separate device, a D-Link > 504H but is a loaner while my D-Link 804HV is in the shop. After > changing them out is when I discovered I had problems. Apparently the > DL804 handled whatever the problem was without a complaint. > > Yes I have been through setup a few times. So far all I have been able > to do is take the server off-line. > > I have also looked up setup for NATD and I think I can enable it but > would not be able to write the firewall rules for it to read yet, as I > understand needs to be done. I also had a little help with setup > originally and I know there is something of a firewall setup but > without know what exactly I would be afraid of interfering with what > is there and making a mess of it. > > Sorry I am such a non-user. > > Jeff > Jeff, I've been reading this thread and I think you need to start from the beginning. I am going to make a broad assumption that your D-Link is set up correctly and that it *is* a sort of broadband router that does NAT and has DHCP services. This means that the D-Link should be somehow connected to your DSL modem and/or Cable modem (unless you are using some other sort of connection - I couldn't find the 504H on D-Link's site, but was able to find the 804HV and am *again* assuming that it is similar). So here is the assumption list: - Your D-Link is capable of doing NAT and DHCP - You can ping the D-Link from your FreeBSD box (Win box, etc.) - if you can't STOP - this is your first problem. - Your router's internal address is 192.168.0.1 with a netmask of 255.255.255.0 - You have chosen to statically assign your inside machines with addy's (although you could also get the addy assignment via DHCP from the D-Link, you may have chosen to go the static route for other reasons). On the FreeBSD box: in rc.conf you should keep: ifconfig_xl0="inet 192.168.0.150 netmask 255.255.255.0" # <-- no other machine on the network should have this address defaultrouter="192.168.0.1" Assigning an address to rl0 is irrelevant - also, make sure that that interface is unplugged from your network. Make sure the xl0 interface is plugged in correctly. For now, also make sure the following is true: natd_enable="NO" firewall_enable="NO" Save rc.conf Now, take a look at resolv.conf. It should show something like: nameserver 192.168.0.1 or the address of a nameserver you know is valid. Get rid of any other lines for now - you can simply comment them out by beginning the line with #. Save resolv.conf Although there are ways around this, reboot the machine. Once back up and running, you should be able to ping the router and ping an address like yahoo.com. If you can't ping a website outside your internal network - i.e. Yahoo's - then there is a problem probably related to the D-Link. On every machine, you should (basically) have the following configuration: IP: 192.168.0.x (NOT 1 or any address that you have used with another machine) netmask: 255.255.255.0 gateway: 192.168.0.1 DNS: 192.168.0.1 (or other valid DNS cache server). Since you are not doing NAT or firewalling on the FreeBSD machine, there is no need to enable them. If you eventually want to do firewalling directly on the FreeBSD box, then you can enable it and configure it after you have solved your networking problems. I would recommend simply allowing the IP addy's to be assigned via DHCP, though. On FreeBSD, you simply put: ifconfig_xl0="dhcp" in rc.conf and get rid of the other config info. Also, leave the firewall and nat off. In resolv.conf you can comment everything out with # as it will be assigned dynamically by the dhcp server. This *should* get you going... Steve