Date: Wed, 1 Mar 2000 00:26:31 -0500 From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: Bhishan Hemrajani <bhishan@cytosine.dhs.org> Cc: Yves Berthiaume <yves@radicaux-libres.qc.ca>, freebsd-questions@FreeBSD.ORG Subject: Re: Problem with IP aliasing Message-ID: <20000301002630.B35016@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <200003010408.UAA13503@cytosine.dhs.org>; from bhishan@cytosine.dhs.org on Tue, Feb 29, 2000 at 08:08:07PM -0800 References: <v02130507b4e2298c5eef@[192.168.0.3]> <200003010408.UAA13503@cytosine.dhs.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 29, 2000 at 08:08:07PM -0800, Bhishan Hemrajani wrote:
>
[Attribution lost by previous poster. Recovered:]
> On Tue, 29 Feb 2000 21:48:00, yves@radicaux-libres.qc.ca (Yves Berthiaume) wrote,
> > Hi all
> >
> > I've searched the mail archive but could'nt find exactly what I needed.
> >
> > Here it goes:
> >
> > System config:
> > FreeBSD 3.3-STABLE
> > 2 networks cards :3COM XL EtherExpress 905b
> > NATD for firewall(simple)
> > Stronghold web server
> >
> >
> > I've got *some* Linux experience, but very little with FreeBSD.
> >
> > I've been trying to ad an IP address to my external card. So I cant use
> > that IP for a Virtual Host on Stronghold. Here's the exact syntax used in
> > rc.conf for both cards:
> >
> > ifconfig_xl0="inet 192.168.1.1 netmask 255.255.255.0"
> > ifconfig_xl1="inet 207.236.242.12 netmask 255.255.255.240"
> > ifconfig_xl1_alias0="inet 207.236.242.5 netmask 0xffffffff0"
> >
> > It seem to be ok, when I do "ifconfig xl1" I get:
> >
> > xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> > inet 207.236.242.12 netmask 0xfffffff0 broadcast 207.236.242.15
> > inet 207.236.242.5 netmask 0xfffffff0 broadcast 207.236.242.15
> > ether 00:50:04:e1:a2:1e
> > media: 100baseTX <half-duplex>
> > supported media: autoselect 100baseTX <full-duplex> 100baseTX
> > <half-duplex> 100baseTX
> > 10baseT/UTP <full-duplex> 10baseT/UTP <half-duplex> 10baseT/UTP
> >
> > When i do a "netstat -rn -finet" I get:
> >
> > Routing tables
> >
> > Internet:
> > Destination Gateway Flags Refs Use Netif Expire
> > default 207.236.242.1 UGSc 6 43242 xl1
> > 127.0.0.1 127.0.0.1 UH 0 0 lo0
> > 192.168.1 link#1 UC 0 0 xl0
> > 192.168.1.22 0:60:97:b5:97:30 UHLW 1 224 xl0 971
> > 207.236.242/28 link#2 UC 0 0 xl1
> > 207.236.242.1 0:10:7b:b3:cf:5b UHLW 7 0 xl1 183
> > 207.236.242.8 0:50:e4:90:87:48 UHLW 0 430 xl1 1073
> > 207.236.242.12 0:50:4:e1:a2:1e UHLW 0 20 lo0
> >
> > But this is the first time I'm looking at routing tables....
> >
> > When I ping the IP's locally I get no answer from my alias IP. But I do get
> > one when I ping it from inside my network. Which makes me think that it may
> > be a NATD problem. Do I have to declare my IP alias?
> > If so what is the syntax?
> >
> > Here's a snipet from my rc.firewall
> >
> > oif="xl1"
> > onet="207.236.242.0"
> > omask="255.255.255.240"
> > oip="207.236.242.12"
>
> First of all, that stuff you have in your rc.firewall is wrong.
> Your rc.firewall should look like this:
> $fwcmd -f flush
> $fwcmd add 10 divert natd all from any to any via de1
> $fwcmd add 65000 allow all from any to any
>
> Also, you should be starting natd like this:
> natd -n xl1
If he is using the stock rc.firewall, he is fine if he has,
natd_enable="YES"
natd_interface="xl1"
Set in his rc.conf.
However, his configuration of xl1 is definately wrong,
ifconfig_xl1="inet 207.236.242.12 netmask 255.255.255.240"
ifconfig_xl1_alias0="inet 207.236.242.5 netmask 0xffffffff0"
^^^^^^^^^^^
You've got a eight-and-a-half byte number there? :) It should read,
0xffffffff (or 255.255.255.255).
Please post _complete_ rc.conf and rc.firewall.
--
Crist J. Clark cjclark@home.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000301002630.B35016>