From owner-freebsd-hackers Wed Nov 1 13:41:03 1995 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id NAA28744 for hackers-outgoing; Wed, 1 Nov 1995 13:41:03 -0800 Received: from megasoft.tic.ab.ca (root@megasoft.tic.ab.ca [198.161.220.180]) by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id NAA28735 ; Wed, 1 Nov 1995 13:40:57 -0800 Received: (from philw@localhost) by megasoft.tic.ab.ca (8.6.12/8.6.9) id OAA00524; Wed, 1 Nov 1995 14:39:23 -0700 Date: Wed, 1 Nov 1995 14:39:16 -0700 (MST) From: Phillip White To: questions@freebsd.org cc: hackers@freebsd.org Subject: 2 Ethernets & 1 IP Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-hackers@freebsd.org Precedence: bulk Hi! I need help in a very bad way here.. This is the situation: DX4/100 - 32megs RAM - 6 gigs SCSI - Boca 6 port card - 2 NE2000 compat cards I have one IP that is being broadcasted to the net. 198.161.220.180. This IP comes from an ISP that we are connected to via ethernet on ed0. Our internal network that runs TCP/IP and NetBeui is on the second ethernet, ed1 and has been given an IP of 204.209.57.10, an IP that is part of class C block but is not broadcasted/routed. I use parts of the same 204.209.57 block for the rest of our internel network.I have built a DNS server on 204.209.57.10 which works perfectly. I run `gated' as apposed to `routed' because I was told it would be better. Copy of my /etc/sysconfig: (sorry about including everything but I need help bad and if someone could point out *anything* I should change I would appreciate!) #!/bin/sh # # This is sysconfig - a file full of useful variables that you can set # to change the default startup behavior of your system. # # $Id: sysconfig,v 1.14 1995/05/17 04:46:57 rgrimes Exp $ ######################### Start Of Syscons Section ####################### keymap=NO keyrate="fast" keychange=NO cursor=NO scrnmap=NO font8x16=NO font8x14=NO font8x8=NO blanktime="off" saver=NO hostname="megasoft.tic.ab.ca" defaultdomainname=NO tcp_extensions=YES network_interfaces="ed1 ed0 lo0" ifconfig_ed0="inet 198.161.220.180 netmask 0xffffff00" ifconfig_ed1="inet 204.209.57.10 netmask 0xffffff00" ifconfig_lo0="inet localhost" static_routes="multicast loopback" route_multicast="204.209.57.10 -netmask 0xf0000000 -interface ${hostname}" route_loopback="${hostname} localhost" defaultrouter="198.161.220.127" ## timedflags=NO xntpdflags="NO" tickadjflags="-Aq" ntpdate="NO" rwhod=YES sendmail_flags="-bd -q30m" amdflags="NO" nfs_client="NO" nfs_server="NO" nis_clientflags="NO" nis_serverflags="NO" yppasswddflags="NO" namedflags="-b /etc/namedb/named.boot" xtend=NO savecore=NO kerberos_server=NO gateway=YES gated=YES check_quotas=YES accounting=YES ibcs2=NO And here is a copy of my kernel config: machine "i386" cpu "I486_CPU" ident MEGASOFT maxusers 64 options INET #InterNETworking options FFS #Berkeley Fast Filesystem options NFS #Network Filesystem options MFS #Memory Mapped Filesystem options PROCFS #Process filesystem options "COMPAT_43" #Compatible with BSD 4.3 options "SCSI_DELAY=5" #Be pessimistic about Joe SCSI device options BOUNCE_BUFFERS #include support for DMA bounce buffers options UCONSOLE #Allow users to grab the console options LKM options USER_LDT options QUOTA options GATEWAY options IPFIREWALL options IPACCT options PROXYALL options SYSVSHM options "SHMMAXPGS=64" options COM_MULTIPORT options SYSVSEM options SYSVMSG options COMPAT_LINUX config kernel root on sd0 controller isa0 controller fdc0 at isa? port "IO_FD1" bio irq 6 drq 2 vector fdintr disk fd0 at fdc0 drive 0 disk fd1 at fdc0 drive 1 controller aic0 at isa? port 0x340 bio irq 11 vector aicintr controller scbus0 device sd0 device sc0 at isa? port "IO_KBD" tty irq 1 vector scintr options XSERVER # include code for XFree86 device npx0 at isa? port "IO_NPX" irq 13 vector npxintr device sio0 at isa? port 0x3f8 tty flags 0x505 device sio1 at isa? port 0x2f8 tty flags 0x505 device sio2 at isa? port 0x3e8 tty flags 0x505 device sio3 at isa? port 0x3e0 tty flags 0x505 device sio4 at isa? port 0x2e8 tty flags 0x505 device sio5 at isa? port 0x2e0 tty flags 0x505 irq 5 vector siointr device lpt0 at isa? port? tty irq 7 vector lptintr device pca0 at isa? port "IO_TIMER1" tty device ed0 at isa? port 0x300 net irq 10 iomem 0xd8000 vector edintr device ed1 at isa? port 0x320 net irq 15 iomem 0xd8000 vector edintr pseudo-device snp 11 pseudo-device speaker pseudo-device loop pseudo-device ether pseudo-device log pseudo-device sl 6 pseudo-device tun 6 pseudo-device bpfilter 2 pseudo-device pty 64 pseudo-device gzip # Exec gzipped a.out's What I am trying to do is use SLIRP to provide CSlip/PPP on the FreeBSD box and also allow the internal network to get on the net from the 204.209.57 net. (noteing that it is routed by uplink). I have TIS's firewall tool/servers installed but am finding it hard to figure out how to install them properly to get full functionality out of them. My most frustrating problem is routing/gating/gateway. How should the interfaces ed0, ed1 and lo0 be setup as far as routing/gatewaying. Should I be IP forwarding? Is my kernel config close to be right and how about my sysconfig? Any example configs or any other help would be appreciated! Now I think it's time to head of to bed after 72 hours of this;( Thanks! Phil..