I've been using NetBSD/sparc as a router/firewall for a long time. My ADSL service provider uses DHCP for address assignment. When I first started using ADSL, I was using ISC 'dhclient' and it worked quite well in exchange for having to do some fiddly bits in the "/etc/ifconfig.xxx" file.
In the netbsd-6 era, with 'dhcpcd' being the default mechanism for a simple "dhcp" configuration line, I figured I'd give it a try for handling the upstream connection to my ISP. It has required even more fiddly business to make it work than its alternative. At present, using netbsd-7, the most vexing problem is as follows: Following an update and a reboot, 'dhcpcd' ignores the "/20" netmask presented by the ISP's DHCP server and instead installs the address with a "/8" netmask instead (the address assigned by the DHCP server would otherwise be a Class A were it not for the "/20" netmask). This, naturally, cuts off vast swaths of T3h Intarw3bz (most notably Google) since my router then assumes they are on the same network and expects to get a response via ARP. Using '/etc/rc.d/network restart' gets things working again, but it's still not right. The ISP's DHCP server again issues a "/20" netmask, but this time, 'dhcpcd' installs a "/24" netmask instead. It installs a route to the "/20" network along with the nearest "/24" network. My ISP's upstream router is operating as a DHCP relay as the DHCP server is on an entirely different network from that presented by the upstream router. Perhaps this causes confusion? My ISP seems to suffer prolonged outages of its upstream router, so when the lease expires, an IPv4LL/APIPA address is assigned and this also frequently has the wrong netmask (usually /24 instead of /16). I don't know if this is architecture-dependent or not. Perhaps I'll copy my firewall rules over to one of my Soekris net4501s and see how it behaves on an i386 system in place of the sparc system. (I have a local patch to work around kern/49124 for -7/-current.) -- |/"\ John D. Baker, KN5UKS NetBSD Darwin/MacOS X |\ / jdbaker[snail]mylinuxisp[flyspeck]com OpenBSD FreeBSD | X No HTML/proprietary data in email. BSD just sits there and works! |/ \ GPGkeyID: D703 4A7E 479F 63F8 D3F4 BD99 9572 8F23 E4AD 1645
