Fabian Holler wrote:
Hello,
I have an strange routing problem. I can't connect to some hosts in the
internet till I add an explicit route for this hosts with my default gw
as gateway.
There aren't any other routes that could match the destination IP for
"non-working hosts". So the connection should also without an explicit
route for this Hosts use the default gw.
My Setup:
FreeBSD 7.2-RELEASE
mppd to make an PPPOE connection to my internet service
provider.
PF as firewall
To isolate the problem I used an minimal pf.conf:
---
"inetif=ng0
lanif=vr0
scrub all max-mss 1492
pass quick on lo0 all
pass out on $inetif proto { tcp udp icmp } all keep state"
pass on $lanif from any to any
---
I also tried pppd instead of mppd(dont helps).
Hosts that I can't connect to, are ie spiegel.de, tagesschau.de, freebsd.org
southparkstudios.com
I.e
TCP connections to Port 80 of southparkstudios.com dont work.
If I add an explicit route:
"route add southparkstudios.com 213.191.84.199"
Besides netstat -rn, you can use "route get southparkstudios.com"
to check a route for a destination.
Connections with nc to port 80 works
(the connections tests are made from the router, the iface MTUs are correct)
You cannot test MTU settings using nc, since initial packets, that
is, small packets, are always smaller than your MTU. You can test
MTU using fetch or ftp or nc + "GET /some.big.file".
Anybody have an idea what could be wrong?
I have no idea anymore
(its also not an provider problem, when i made the pppoe connection from
windows I can connect to alls hosts)
thanks for any hints:)
best regards
Fabian
-------------------------------------
My routing table:
"
# netstat -ra
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default lo1.br04.weham.de. UGS 0 15505 ng0
1.1.1.1&0x1010101 link#1 UC 0 0 rl0
What is this ^^^^???
It looks like not-contiguous netmask?
exxx45031.adsl.al lo0 UHS 0 0 lo0
localhost localhost UH 0 433 lo0
192.168.113.0 link#2 UC 0 0 vr0
xyz 00:30:18:ad:26:88 UHLW 1 24005 lo0
mail.xyz.ath.cx 00:30:18:ad:26:88 UHLW 1 86400 lo0
http.xyz.ath.cx 00:30:18:ad:26:88 UHLW 1 770 lo0
192.168.113.255 ff:ff:ff:ff:ff:ff UHLWb 1 3228 vr0
lo1.br04.weham.de. e176145031.adsl.al UH 1 0 ng0
[... ipv6 stuff]
"
Interface infos:
"
# netstat -ira
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
rl0 1492 <Link#1> 00:02:2a:b0:4a:e0 26128479 0 19855993 0 0
01:00:5e:00:00:01 0 0
rl0 1492 1.1.1.1&0x101 1.1.1.1 0 - 2653 - -
ALL-SYSTEMS.MCAST
vr0 1500 <Link#2> 00:30:18:ad:26:88 12662831 0 17678949 0 0
01:00:5e:00:00:01 2038 0
vr0 1500 192.168.113.0 xyz 9745471 - 13639692 - -
ALL-SYSTEMS.MCAST
vr0 1500 192.168.113.0 mail.xyz.a 291626 - 86404 - -
ALL-SYSTEMS.MCAST
vr0 1500 192.168.113.0 http.xyz.a 6814 - 770 - -
ALL-SYSTEMS.MCAST
lo0 16384 <Link#3> 113929 0 113929 0 0
lo0 16384 fe80:3::1 fe80:3::1 0 - 0 - -
ff01:3::1 (refs: 1)
ff02:3::2:a61d:93b4(refs: 1)
ff02:3::1 (refs: 1)
ff02:3::1:ff00:1 (refs: 1)
lo0 16384 localhost ::1 0 - 0 - -
ff01:3::1 (refs: 1)
ff02:3::2:a61d:93b4(refs: 1)
ff02:3::1 (refs: 1)
ff02:3::1:ff00:1 (refs: 1)
lo0 16384 your-net localhost 433 - 2433 - -
ALL-SYSTEMS.MCAST
pflog 33204 <Link#4> 0 0 80567 0 0
tun0* 1500 <Link#5> 78331 0 76381 0 0
tun99 1500 <Link#6> 353 0 375 0 0
ng0 1492 <Link#7> 17114096 0 13449463 0 0
ng0 1492 85.176.145.31 e176145031.adsl.a 12398 - 17011 - -
ALL-SYSTEMS.MCAST
"
mpd.conf:
"
default:
load PPPoE
PPPoE:
new -i ng0 PPPoE PPPoE
set iface addrs 1.1.1.1 2.2.2.2
Maybe you should delete the above line as
well. I dont remembere what "iface addrs" does,
but you'll get the IP addresses via IPCP,
so it's surely redundant.
set iface route default
set iface enable on-demand
set iface idle 0
set bundle disable multilink
set bundle authname "xxy"
set iface disable tcpmssfix
set link no acfcomp protocomp
set link disable pap chap
set link accept chap
set link mtu 1492
set link mru 1492
this is also wrong, don't try to set MTU
or MRU. There are negotiated during PPP.
set link keep-alive 10 60
set ipcp yes vjcomp
set iface enable tcpmssfix#I know pf also do this in my setup, but Iam
despaired:)
set ipcp ranges 0.0.0.0/0 0.0.0.0/0
set nat disable
log +link
open iface
"
mpd.links:
"PPPoE:
set link type pppoe
set pppoe iface rl0
set pppoe disable incoming
set pppoe enable originate
"
What is really strange is that netmask, maybe
that's the source of the problem...
HTH, Nikos
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"