From owner-freebsd-net@FreeBSD.ORG Sun Feb 12 12:51:34 2006 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1A2F816A420 for ; Sun, 12 Feb 2006 12:51:34 +0000 (GMT) (envelope-from b.candler@pobox.com) Received: from thorn.pobox.com (thorn.pobox.com [208.210.124.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id CBBF143D70 for ; Sun, 12 Feb 2006 12:51:28 +0000 (GMT) (envelope-from b.candler@pobox.com) Received: from thorn (localhost [127.0.0.1]) by thorn.pobox.com (Postfix) with ESMTP id 90331D9; Sun, 12 Feb 2006 07:51:49 -0500 (EST) Received: from mappit.local.linnet.org (212-74-113-67.static.dsl.as9105.com [212.74.113.67]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by thorn.sasl.smtp.pobox.com (Postfix) with ESMTP id 30E8CCE42; Sun, 12 Feb 2006 07:51:48 -0500 (EST) Received: from lists by mappit.local.linnet.org with local (Exim 4.60 (FreeBSD)) (envelope-from ) id 1F8GhI-0005J6-VM; Sun, 12 Feb 2006 12:51:24 +0000 Date: Sun, 12 Feb 2006 12:51:24 +0000 From: Brian Candler To: GiZmen Message-ID: <20060212125124.GA20369@uk.tiscali.com> References: <20060211163533.GA87353@blurp.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060211163533.GA87353@blurp.pl> User-Agent: Mutt/1.4.2.1i Cc: net@freebsd.org Subject: Re: fastforward problem X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 12 Feb 2006 12:51:34 -0000 On Sat, Feb 11, 2006 at 05:35:33PM +0100, GiZmen wrote: > I would like to use fastforward option on my freebsd 6.0-stable > box. But i have strange problem with it. My box is a router for LAN > with IP visible to internet. I am managinc C class network. > When i turn on fastforward option any of the computers in my network > can't open google.com page. This option is quite good because i have > quite a lot interrupts and this option lower this about half. > Could anyone tell me why i can't open google.com page ? > I have tested different pages and i don't have such problem only with > google. Just saying "I can't see google.com" is not a good diagnosis of the problem. If it's your job to manage a router, then you need to be able to do lower- level tests to isolate the problem. Check each of the components in turn: (1) can my client resolve google.com in the DNS? If the client is some sort of Unix then try $ nslookup google.com You should see a response such as: Non-authoritative answer: Name: google.com Address: 72.14.207.99 Name: google.com Address: 64.233.187.99 Name: google.com Address: 64.233.167.99 (2) can my client ping these addresses? That is, is there layer 3 network reachability between my network and theirs? $ ping 72.14.207.99 PING 72.14.207.99 (72.14.207.99): 56 data bytes 64 bytes from 72.14.207.99: icmp_seq=1 ttl=238 time=133.730 ms 64 bytes from 72.14.207.99: icmp_seq=2 ttl=237 time=133.179 ms 64 bytes from 72.14.207.99: icmp_seq=3 ttl=238 time=133.316 ms 64 bytes from 72.14.207.99: icmp_seq=4 ttl=237 time=133.396 ms ^C --- 72.14.207.99 ping statistics --- 5 packets transmitted, 4 packets received, 20% packet loss round-trip min/avg/max/stddev = 133.179/133.405/133.730/0.203 ms (3) what happens when I open a TCP/IP connection to port 80, and manually fetch a HTTP page? $ telnet 72.14.207.99 80 Trying 72.14.207.99... Connected to 72.14.207.99. Escape character is '^]'. GET / HTTP/1.0 Host: google.com <<<<< end with a blank line HTTP/1.0 301 Moved Permanently Location: http://www.google.com/ Set-Cookie: PREF=ID=f811e9355f349c08:TM=1139748428:LM=1139748428:S=UhZOEU98p2mnw_H0; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.google.com Content-Type: text/html Server: GWS/2.1 Content-Length: 219 Date: Sun, 12 Feb 2006 12:47:08 GMT Connection: Keep-Alive 301 Moved

301 Moved

The document has moved here. Connection closed by foreign host. OK, that's fine. google.com has redirected me to www.google.com. So try the whole process again with www.google.com instead of google.com Brian.