From owner-freebsd-questions@FreeBSD.ORG Mon Nov 20 17:37:52 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2895916A53E for ; Mon, 20 Nov 2006 17:37:52 +0000 (UTC) (envelope-from ml@proficuous.com) Received: from mail.proficuous.com (www.proficuous.com [209.240.79.128]) by mx1.FreeBSD.org (Postfix) with ESMTP id B39834447D for ; Mon, 20 Nov 2006 17:29:43 +0000 (GMT) (envelope-from ml@proficuous.com) Received: from [192.168.3.68] (unknown [192.168.3.68]) by mail.proficuous.com (Postfix) with ESMTP id 1C006A8ACFB; Mon, 20 Nov 2006 11:29:41 -0600 (CST) Message-ID: <4561E608.1040903@proficuous.com> Date: Mon, 20 Nov 2006 11:29:44 -0600 From: Aaron Martinez User-Agent: Thunderbird 1.5.0.8 (X11/20061112) MIME-Version: 1.0 To: Lane References: <4561D4A6.10702@proficuous.com> <200611201049.36275.lane@joeandlane.com> In-Reply-To: <200611201049.36275.lane@joeandlane.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: ping send to problem, what am i missing X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Nov 2006 17:37:52 -0000 Lane wrote: > On Monday 20 November 2006 10:15, Aaron Martinez wrote: > >> I'm trying to get some routing working from my freebsd 6.1 machine that >> i thought should be extremely easy, but not having any luck. When >> trying to ping the destination address (192.168.5.6) i get : "ping: >> sendto: Invalid argument" >> >> the net goes like so: freebsd6.1----linux router-----another linux >> router---openbsd machine (running openvpn) >> >> the corresponding routing tables are as such: >> >> freebsd6.1: >> Internet: >> Destination Gateway Flags Refs Use Netif Expire >> default 192.168.3.94 UGS 1 121441 fxp0 >> 127.0.0.1 127.0.0.1 UH 0 0 lo0 >> 192.168.3.64/27 link#1 UC 0 0 fxp0 >> 192.168.3.94 00:40:f4:76:3d:d3 UHLW 2 106622 fxp0 1154 >> 192.168.4.1/32 192.168.4.5 UGS 0 2042 tun0 >> 192.168.4.5 192.168.4.6 UH 1 0 tun0 >> 192.168.5 192.168.0.66 UGS 0 154 fxp0 >> >> >> I manually added the 192.168.5 route using the following command (please >> correct me if i did it incorrectly >> >> route -n add 192.168.5/24 192.168.0.66 >> >> >> first linux router: >> Kernel IP routing table >> Destination Gateway Genmask Flags MSS Window irtt >> Iface >> 192.168.3.32 0.0.0.0 255.255.255.224 U 40 0 0 >> eth0 >> 192.168.3.96 0.0.0.0 255.255.255.224 U 40 0 0 >> eth2 >> 192.168.3.64 0.0.0.0 255.255.255.224 U 40 0 0 >> eth1 >> 192.168.3.160 0.0.0.0 255.255.255.224 U 40 0 0 >> eth4 >> 192.168.3.128 0.0.0.0 255.255.255.224 U 40 0 0 >> eth3 >> 0.0.0.0 192.168.3.62 0.0.0.0 UG 40 0 0 >> eth0 >> >> >> second linux router: >> Kernel IP routing table >> Destination Gateway Genmask Flags MSS Window irtt >> Iface >> 192.168.3.32 0.0.0.0 255.255.255.224 U 40 0 0 >> eth3 >> 192.168.3.96 192.168.3.34 255.255.255.224 UG 40 0 0 >> eth3 >> 192.168.3.64 192.168.3.34 255.255.255.224 UG 40 0 0 >> eth3 >> 192.168.3.160 192.168.3.34 255.255.255.224 UG 40 0 0 >> eth3 >> 192.168.3.128 192.168.3.34 255.255.255.224 UG 40 0 0 >> eth3 >> 192.168.2.0 0.0.0.0 255.255.255.0 U 40 0 0 >> eth2 >> 192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0 >> eth1 >> 192.168.0.0 0.0.0.0 255.255.255.0 U 40 0 0 >> eth0 >> 0.0.0.0 0.0.0.0 0.0.0.0 U 40 0 0 >> dsl1 >> >> >> openbsd machine: >> Routing tables >> >> Internet: >> Destination Gateway Flags Refs Use Mtu >> Interface >> default 192.168.0.254 UGS 5 516934 - rl0 >> 127/8 127.0.0.1 UGRS 0 0 33224 lo0 >> 127.0.0.1 127.0.0.1 UH 1 125 33224 lo0 >> 192.168.0/24 link#1 UC 2 0 - rl0 >> 192.168.0.2 00:d0:b7:8f:51:41 UHLc 0 5 - rl0 >> 192.168.0.254 00:e0:18:90:17:f1 UHLc 1 0 - rl0 >> 192.168.4/24 192.168.4.2 UGS 0 2042 - tun0 >> 192.168.4.2 192.168.4.1 UH 1 0 - tun0 >> 192.168.5/24 192.168.5.2 UGS 0 3411 - tun1 >> 192.168.5.2 192.168.5.1 UH 1 5 - tun1 >> 224/4 127.0.0.1 URS 0 0 33224 lo0 >> >> >> i can successfully ping the 192.168.0.66 host with no problems, so i'm >> guessing that most of my routes are fine, i am a little suspect however >> about the route i manually put in. I can also ping the 192.168.5.6 >> address FROM the openbsd machine. All firewalls between these machines >> ARE disabled. i DO have ip forwarding enabled on the OPENBSD machine: >> # sysctl -a | grep >> forward >> >> net.inet.ip.forwarding=1 >> >> I can't figure what's going on here any help would be terribly >> appreciated. Any more info that is needed just ask. >> >> thanks in advance, >> >> Aaron >> >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" >> > > Aaron, > > It looks like the FreeBSD and the OpenBSD machines are vpn tunnelling through > the linux routers, right? > Not exactly. I have one openvpn tunnel from my freebsd6.1 machine to the openbsd machine via the 192.168.4.0 interface. There is another vpn from a window's machine on a network connected to first linux router in the above mentioned netowrk. what i'm trying to do is connect (not through the vpn connection i have from my freebsed ---> openbsd machine, but from the standard fxp0 on my freebsd machine to the openbsd box, at which time the openbsd machine should route me through to the 192.168.5.x network. As i said previously i CAN ping directly to the 192.168.0.66 machine but for some reason not to the 192.168.5.x network. Since i am getting no information from the openbsd machine about the 192.168.5.x network, i need to manually add the route. Essentially it's safe to forget at the 192.168.4.x network.. that's seperate. > If that is the case then you really shouldn't have to mess around with manual > routing tables, at all. You should be looking at the OpenVPN configuration. > > If I was working on this problem, I'd first shut down openvpn and verify that > FreeBSD and OpenBSD can talk along their default routes (it looks like they > each have only one nic, so the default routes will be used). > > Next, after I am able to verify clear communication from both sides, I'd start > working on the OpenVPN configuration. When configured correctly the openvpn > server will push an appropriate route to the client, and presto! VPN. > > lane > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > One very important piece of information that i think is the key here, I set up tcpdump on all of the linux and openbsd machines looking for icmp from my host as such: tcpdump -i ethx host 192.168.3.68 and icmp I get no packets at all on any of the machines when pinging the 192.168.5.6 address but when i ping 192.168.0.66 i see them clearly: tcpdump: listening on eth1 11:19:08.166549 192.168.3.68 > 192.168.0.66: icmp: echo request 11:19:08.166968 192.168.0.66 > 192.168.3.68: icmp: echo reply 11:19:09.167387 192.168.3.68 > 192.168.0.66: icmp: echo request 11:19:09.167794 192.168.0.66 > 192.168.3.68: icmp: echo reply 11:19:10.168507 192.168.3.68 > 192.168.0.66: icmp: echo request 11:19:10.168904 192.168.0.66 > 192.168.3.68: icmp: echo reply 11:19:11.169615 192.168.3.68 > 192.168.0.66: icmp: echo request 11:19:11.170013 192.168.0.66 > 192.168.3.68: icmp: echo reply This leads me back to the manual route that i put in. It seems that something is amiss with that as there are no packets heading for the 192.168.0.66 machine when i try to ping 192.168.5.6.. ideas???/ thanks, Aaron