From owner-freebsd-newbies Sun Sep 19 7:11:38 1999 Delivered-To: freebsd-newbies@freebsd.org Received: from pau-amma.whistle.com (pau-amma.whistle.com [207.76.205.64]) by hub.freebsd.org (Postfix) with ESMTP id E620B150F6 for ; Sun, 19 Sep 1999 07:11:36 -0700 (PDT) (envelope-from dhw@whistle.com) Received: (from dhw@localhost) by pau-amma.whistle.com (8.9.2/8.9.2) id HAA23279; Sun, 19 Sep 1999 07:11:36 -0700 (PDT) Date: Sun, 19 Sep 1999 07:11:36 -0700 (PDT) From: David Wolfskill Message-Id: <199909191411.HAA23279@pau-amma.whistle.com> To: freebsd-newbies@FreeBSD.ORG, jorgandar@yahoo.com Subject: Re: IP Masquerading In-Reply-To: <19990919111103.21629.rocketmail@web606.mail.yahoo.com> Sender: owner-freebsd-newbies@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Date: Sun, 19 Sep 1999 04:11:03 -0700 (PDT) >From: jorgandar blackmoon >I have a LAN in my apartement, i'm running freeBSD, my room mates are >running virus95 and MacOS 8.something-rather. I'm trying to set up ip >masquerading, my computer (of course) being the gateway. I think i've >doen everything as correctly as the documentation specifies One thing that could help someone help you figure out what's wrong here is to mention *which* documentation you used as a guide. >and i'm >getting this problem: If i give my room mates an IP address outside of >our LAN, they can ping it just fine, but they cant use http or telnet >or any other protocol to connect to the outside world. I'm pretty sure >they aren't connectiong to our ISP's DNS...but i have no idea why or >how to fix the problem. Let me know if there's something that i should >take another look at or if someone has an idea of how i can more >accurately isolate what might be causing the problem? thankx Once the above ("which documentation?") query is addressed, this would seem to be fairly classic freebsd-questions material, and as such, I will, at this point, merely suggest that looking in the archives of -questions (via the search engine at http://www.freebsd.org/) is likely to be useful. Well, OK; I can't completely resist pointing out that yes: if a service is available via IP address, but not by using the host name, there is likely a problem in either gaining access to or using DNS. Now, if the perusal of the archives doesn't point out the problem, other things that will likely be useful include such things as output of "netstat -nr" on your machine, what natd (if any) configuration you're using, any firewall rules you have in place, and, though it's hardly the first thing to try, see what happens if you run tcpdump watching for traffic on you machine's external connection when the only activity on your LAN is one of the (failing) requests is made. (tcpdump is not intended as a tool for novices. The good news is that you're fairly unlikely to destroy your machine with it. The bad news is that understanding how to use it well is something that requires a fair amount of in-depth knowledge of TCP/IP.) And the configuration of your rommates' machines, as far as which nameserver those machines are trying to use, will likely play a role. One thing that can be useful, if you are sufficiently familiar with the procedures (or are willing to learn), is to set up your own nameserver that the "internal" machines can use. Now, if the reason you're on -newbies is that you're not familiar with UNIX in general, that's probably not the ideal course of action immediately. But there are some of us on -newbies who are familiar with UNIX in general, but not FreeBSD, or who continue to encounter Strange and Bizarre events when trying to make constructive use of what is sold as PC hardware. And sometimes it's not quite clear when something is a hardware issue, or firmware (BIOS, for example), FreeBSD, or general UNIX weirdness. (And yes; there are some of those.) Cheers, david -- David Wolfskill dhw@whistle.com UNIX System Administrator voice: (650) 577-7158 pager: (888) 347-0197 FAX: (650) 372-5915 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-newbies" in the body of the message