On 10/27/07, Tony Sarendal <[EMAIL PROTECTED]> wrote: > On 10/27/07, Tony Sarendal <[EMAIL PROTECTED]> wrote: > > > > On 10/27/07, Jake Conk <[EMAIL PROTECTED]> wrote: > > > > > Hello, > > > > > > I have my OpenBSD machine setup as a router and when I moved my > > > network from my office to my new datacenter I was no longer able to > > > connect to the internet from machines behind the obsd router. When I > > > try to ping a domain such as google.com from any of the machines > > > behind the router I get the ip adress of the domain or host back BUT I > > > do not get any successful replies back. > > > > > > I do have ipforwarding setup and my openbsd router machine has named > > > setup also but as a forwarder to nameservers I have located elsewhere. > > > > > > The only thing that changed when moving from network a (the office) to > > > network b (the datacenter) was the ip. It use to have a private ip and > > > now has a public ip attached to one of the ports. All the internal ips > > > with and behind the router remain the same. > > > > > > The router has actually 2 public ips, one that is carped and another > > > ip address that is just configured as a public ip. > > > > > > I don't know what else the problem could be. I've updated my default > > > gateway and ip addresses on my openbsd router, what else am I missing > > > here? Is there something probably cached that is sending requests from > > > my machines behind the router to its old ip that used to be configured > > > on the server? > > > > > > Please help! > > > > > > Do your upstream routers know how to find the networks behind your > > openbsd router ? > > > > I should not send emails before drinking coffee... > You use private addresses on the inside. > > Use tcpdump to see that packets going out the firewall are nat'ed correctly, > and the responses come back. > > /Tony > > Tony,
First of all what are you referring to as my upstream router? Secondly about nat, well that's the weird thing, the machines behind the router get the public domain's ip when ping'ing but just don't get any return reply packets which is really weird to me. I have ip forwarding in sysctl and my pf is configured to nat. Did I miss something? Thanks, - Jake
