From owner-freebsd-net@FreeBSD.ORG Fri Dec 14 10:20:34 2007 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E0A1116A469 for ; Fri, 14 Dec 2007 10:20:34 +0000 (UTC) (envelope-from vermaden@interia.pl) Received: from smtp4.poczta.interia.pl (smtp35.poczta.interia.pl [80.48.65.35]) by mx1.freebsd.org (Postfix) with ESMTP id 6CE0E13C467 for ; Fri, 14 Dec 2007 10:20:34 +0000 (UTC) (envelope-from vermaden@interia.pl) Received: by smtp4.poczta.interia.pl (INTERIA.PL, from userid 502) id 68AC12835E2; Fri, 14 Dec 2007 11:20:33 +0100 (CET) Received: from f16.poczta.interia.pl (f16.poczta.interia.pl [10.217.2.16]) by smtp4.poczta.interia.pl (INTERIA.PL) with ESMTP id AEB002835C5; Fri, 14 Dec 2007 11:20:32 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by f16.poczta.interia.pl (Postfix) with ESMTP id 51D6D259A3A; Fri, 14 Dec 2007 11:20:32 +0100 (CET) Date: 14 Dec 2007 11:20:32 +0100 From: vermaden To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: TEXT/plain; CHARSET=ISO-8859-2 Content-Transfer-Encoding: QUOTED-PRINTABLE X-ORIGINATE-IP: 217.76.112.72 X-Mailer: PSE Message-Id: <20071214102032.51D6D259A3A@f16.poczta.interia.pl> X-EMID: 53f40acc Cc: Subject: default route X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Dec 2007 10:20:35 -0000 > Good day. >=20 > Fri, Dec 14, 2007 at 10:11:24AM +0100, vermaden wrote: > > network 10.0.0.0/24 is put on rl0 and 192.168.0.0/16 > > is on rl1, default router is set to 10.0.0.1 on /etc/rc.conf as > > defaultrouter=3D"10.0.0.1", the problem: > >=20 > > When I ping some box from 10.0.0.0 network, it responds, when some box > from > > 10.0.0.0 network ping my box, my box responds, when I ping someone from > > 192.168.0.0 network, he responds, when someone from 192.168.0.0 network > > pings me my box does not response, propably packets are coming IN by > rl1 > > and going out by defaultgateway 10.0.0.1 so thru rl0, >=20 > 1. You can inspect where the system will send the packet for the > host in 192.168/16 by doing 'route get 192.168.X.Y'. In normal > (or simple) conditions this should give you rl1, since 192.168 > sits on that interface (provided that you didn't played with > routing table manually). >=20 > 2. When someone from 192.168 pings you, you can spawn two tcpdump > instances: 'tcpdump -lvvni rl0 icmp' and 'tcpdump -lvvni rl1 icmp' > and watch for the ICMP packets and interfaces on which they are > coming in/going out. >=20 > 3. Check your firewall: may be it is blocking ICMP replies to the > 192.168/16. Or may be some external firewall blocks ping > attempts from 192.168/16. Tcpdump should show you the overall > picture. > --=20 > Eygene Thanks for reply Just to clarify, I do not use any firewalls there currently, not even compi= led in kernel. Here are the results: zenek# netstat -rnfinet Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 10.0.0.1 UGS 0 708337 rl0 10/24 link#1 UC 0 0 rl0 10.0.0.1 00:90:27:5d:f7:3b UHLW 2 18728 rl0 1102 10.0.0.7 00:e0:18:0d:d3:3d UHLW 1 1108731 rl0 1186 10.0.0.107 00:90:27:77:fd:98 UHLW 1 126428 rl0 685 127.0.0.1 127.0.0.1 UH 0 14 lo0 192.168/16 link#2 UC 0 0 rl1 192.168.1.23 00:02:b3:d0:bd:f0 UHLW 1 2 rl1 192.168.1.24 00:06:29:99:02:9d UHLW 1 71 rl1 730 192.168.1.44 00:90:cc:b6:18:1f UHLW 1 1 rl1 1042 192.168.1.45 00:90:cc:c4:21:25 UHLW 1 1 rl1 1199 zenek# ifconfig rl0 rl0: flags=3D8843 mtu 1500 =09options=3D8 =09inet 10.0.0.71 netmask 0xffffff00 broadcast 10.0.0.255 =09ether 00:90:cc:de:5e:0c =09media: Ethernet autoselect (100baseTX ) =09status: active zenek# ifconfig rl1 rl1: flags=3D8843 mtu 1500 =09options=3D8 =09inet 192.168.1.171 netmask 0xffff0000 broadcast 192.168.255.255 =09ether 00:02:44:51:ae:80 =09media: Ethernet autoselect (100baseTX ) =09status: active zenek# route get 192.168.1.171 route to: 192.168.1.171 destination: 192.168.0.0 mask: 255.255.0.0 interface: rl1 flags: recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu ex= pire 0 0 0 0 0 0 1500 -3= 663=20 zenek# route get 192.168.1.24 route to: 192.168.1.24 destination: 192.168.1.24 interface: rl1 flags: recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu ex= pire 0 0 0 0 0 0 1500 = 671=20 I already used tcpdump, if ICMP packet goes in thru 192.168/16 on rl1 the response goes out on 10/24 on rl0. I did not modifies routing table by hand, I just want FreeBSD to reply on r= l1 interface for packets that income from rl1 interface, currently it responses thru rl0= interface when packet comes from rl1. Regards vermaden ---------------------------------------------------------------------- Wejdz do swiata wojny wampirow! http://link.interia.pl/f1cb4