From owner-freebsd-stable Wed Sep 26 10: 6: 2 2001 Delivered-To: freebsd-stable@freebsd.org Received: from lists.blarg.net (lists.blarg.net [206.124.128.17]) by hub.freebsd.org (Postfix) with ESMTP id 6AA4537B401 for ; Wed, 26 Sep 2001 10:05:56 -0700 (PDT) Received: from thig.blarg.net (thig.blarg.net [206.124.128.18]) by lists.blarg.net (Postfix) with ESMTP id D66E5BCA3; Wed, 26 Sep 2001 10:05:55 -0700 (PDT) Received: from localhost.localdomain ([206.124.139.115]) by thig.blarg.net (8.9.3/8.9.3) with ESMTP id KAA08991; Wed, 26 Sep 2001 10:05:55 -0700 Received: (from jojo@localhost) by localhost.localdomain (8.11.3/8.11.3) id f8QH4RX59613; Wed, 26 Sep 2001 10:04:27 -0700 (PDT) (envelope-from swear@blarg.net) To: Joe Abley , Jamie Norwood , David Wolfskill Cc: freebsd-stable@FreeBSD.ORG Subject: Re: 127/8 continued References: <20010924094048.X5906-100000@coredump.scriptkiddie.org> <3BB0A0A2.6CCC454B@chrisland.net> <20010926103827.S37693@buffoon.automagic.org> From: swear@blarg.net (Gary W. Swearingen) Date: 26 Sep 2001 10:04:26 -0700 In-Reply-To: <20010926103827.S37693@buffoon.automagic.org> Message-ID: Lines: 60 User-Agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.1 (Cuyahoga Valley) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Thanks for your responses, David, Jamie, and Joe. Sorry for the whining; I had intended to withhold it until I had my story better organized. But I'm just frustrated, after reading several networking books, many articles, and man pages repeatedly, having a three-sigma IQ and over 20 years of computing , yet still have to resort to experimental methods to get a working network of only 3 computers. And the network I've got isn't what I intended nor what I still think I could eventually achieve if I have enough persistence to reverse-engineer the software or learn from the mailing lists what I haven't learned from the poor documentation. I'd really rather be helping work on FreeBSD documentation (which is what I want to do with my recreational computing time). (As much as I hate M$, I have no doubt why the future of Unix (of which I'm a 12-year user), sadly, dim.) Joe wrote: > Are you sure you're just not setting your interface netmask incorrectly? I'm sure that it's incorrect by some definitions. It's correct in the sense that it works, if awkwardly. AFAIK, I don't have enough IP addresses (/29 subnet) to make it correct by standard definitions. My complaint is that it is, AKAIK, an unnecessary design restriction. (Maybe if I knew "bridging" better it would be a non-issue for me.) > If you configure the interface with a netmask of 255.255.255.255 there > should be no connected subnet route to add. I've tried configuring with a CIDR /32 address and using the point-to-point scheme and have never been able to get a packet past my gateway/route when the netmask is 255.255.255.255. I've managed to get something working by using /31 so there's a default route to my firewall and a route on addr/31 out the interface. My biggest problems have been with the inscrutable "route" command. I add a route to the firewall and it sets the gateway localhost's interface to the firewall (so it pings itself). Why? I use one command (I forget right now) with "-interface xl0" and it sets the gateway to "xl0something", apparently a bug. I configure the interface point-to-point and try adding a default route to the other end and it says it can't find the other end. I could go on, but I'd rather do it when I get things stable under 4.4 and can discuss problems one at a time with logs, etc. What I've got here is a firewall connected via crossover cables to a DSL router, a DMZ server, and a workstation. Most people do this with NAT but I haven't been convinced that that is the optimum scheme (though I know I wouldn't have had the problems I've had) as long as your firewall is well configured. I started trying to use network 10.x addresses on all NICs and alias a couple public addresses for the server and workstation, but I couldn't get that to work and have resorted to public address on all NICs. With a /29 subnet, I don't have enough to have three sub-subnets for my three network segments, but have managed to get it to work in what I think is a non-standard scheme with a router between the three segments of one subnet. I've thought about trying the "bridging" setup, but that's so under-documented, that I've been discouraged to try that so far. Geeze, I do go on and on. You deserve a medal if you've read all that. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message