Re: Routing issue?
ff02::%lo0/32 fe80::1%lo0 U lo0 ifconfig_em0=inet 70.89.123.5 netmask 255.255.255.248 ifconfig_em1=inet 70.89.123.4 netmask 255.255.255.248 defaultrouter=70.89.123.6 hostname=se**.somehtingelse.biz I tried to add the gateway for link2 but it's not taking since it already exists, and I've run multiple IP'd servers before without issue. I'm really lost.___ you can't have 2 gateways. but you may configure ipfw firewall and use it's fwd function to define exactly what is routed through what, whatever your wish is. not that long ago i had 7 links to my server doing ISP business, as there was no way to get single large link that place. no problems ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Routing issue?
As mentioned before, this is already solved. On Nov 12, 2010, at 3:08 AM, Wojciech Puchar wrote: ff02::%lo0/32 fe80::1%lo0 U lo0 ifconfig_em0=inet 70.89.123.5 netmask 255.255.255.248 ifconfig_em1=inet 70.89.123.4 netmask 255.255.255.248 defaultrouter=70.89.123.6 hostname=se**.somehtingelse.biz I tried to add the gateway for link2 but it's not taking since it already exists, and I've run multiple IP'd servers before without issue. I'm really lost.___ you can't have 2 gateways. but you may configure ipfw firewall and use it's fwd function to define exactly what is routed through what, whatever your wish is. not that long ago i had 7 links to my server doing ISP business, as there was no way to get single large link that place. no problems ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Routing issue?
I'm trying to get the other half of my business up on my second IP. It's not routing. This is not a multi-homed system, but two IPs in the same subnet. [r...@server /usr/home/ryan]# netstat -nr Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire default70.89.123.6UGS 7 1090em0 70.89.123.0/29 link#1 U 2 837em0 70.89.123.4link#2 UHS 0 25lo0 70.89.123.5link#1 UHS 00lo0 127.0.0.1 link#5 UH 0 863lo0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UH lo0 fe80::%lo0/64 link#5U lo0 fe80::1%lo0 link#5UHS lo0 ff01:5::/32 fe80::1%lo0 U lo0 ff02::%lo0/32 fe80::1%lo0 U lo0 ifconfig_em0=inet 70.89.123.5 netmask 255.255.255.248 ifconfig_em1=inet 70.89.123.4 netmask 255.255.255.248 defaultrouter=70.89.123.6 hostname=se**.somehtingelse.biz I tried to add the gateway for link2 but it's not taking since it already exists, and I've run multiple IP'd servers before without issue. I'm really lost.___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Routing issue?
What exactly isn't working? You don't have two L3 nets, but two ips on the same net - nothing to route, except the default. - Original Message - From: owner-freebsd-questi...@freebsd.org owner-freebsd-questi...@freebsd.org To: Free BSD Questions list freebsd-questions@freebsd.org Sent: Thu Nov 11 21:41:40 2010 Subject: Routing issue? I'm trying to get the other half of my business up on my second IP. It's not routing. This is not a multi-homed system, but two IPs in the same subnet. [r...@server /usr/home/ryan]# netstat -nr Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire default70.89.123.6UGS 7 1090em0 70.89.123.0/29 link#1 U 2 837em0 70.89.123.4link#2 UHS 0 25lo0 70.89.123.5link#1 UHS 00lo0 127.0.0.1 link#5 UH 0 863lo0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UH lo0 fe80::%lo0/64 link#5U lo0 fe80::1%lo0 link#5UHS lo0 ff01:5::/32 fe80::1%lo0 U lo0 ff02::%lo0/32 fe80::1%lo0 U lo0 ifconfig_em0=inet 70.89.123.5 netmask 255.255.255.248 ifconfig_em1=inet 70.89.123.4 netmask 255.255.255.248 defaultrouter=70.89.123.6 hostname=se**.somehtingelse.biz I tried to add the gateway for link2 but it's not taking since it already exists, and I've run multiple IP'd servers before without issue. I'm really lost.___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org font size=1 div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in' /div This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system. /font ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
{Solved} Re: Routing issue?
It didn't work until I bridged the connections. [r...@server /usr/home/ryan]# ifconfig bridge create bridge0 [r...@server /usr/home/ryan]# ifconfig bridge0 bridge0: flags=8802BROADCAST,SIMPLEX,MULTICAST metric 0 mtu 1500 ether 0a:df:a2:b3:3e:96 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200 root id 00:00:00:00:00:00 priority 0 ifcost 0 port 0 [r...@server /usr/home/ryan]# ifconfig bridge0 addm em0 addm em1 up On Nov 11, 2010, at 10:00 PM, Gary Gatten wrote: What exactly isn't working? You don't have two L3 nets, but two ips on the same net - nothing to route, except the default. - Original Message - From: owner-freebsd-questi...@freebsd.org owner-freebsd-questi...@freebsd.org To: Free BSD Questions list freebsd-questions@freebsd.org Sent: Thu Nov 11 21:41:40 2010 Subject: Routing issue? I'm trying to get the other half of my business up on my second IP. It's not routing. This is not a multi-homed system, but two IPs in the same subnet. [r...@server /usr/home/ryan]# netstat -nr Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire default70.89.123.6UGS 7 1090em0 70.89.123.0/29 link#1 U 2 837em0 70.89.123.4link#2 UHS 0 25lo0 70.89.123.5link#1 UHS 00lo0 127.0.0.1 link#5 UH 0 863lo0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UH lo0 fe80::%lo0/64 link#5U lo0 fe80::1%lo0 link#5UHS lo0 ff01:5::/32 fe80::1%lo0 U lo0 ff02::%lo0/32 fe80::1%lo0 U lo0 ifconfig_em0=inet 70.89.123.5 netmask 255.255.255.248 ifconfig_em1=inet 70.89.123.4 netmask 255.255.255.248 defaultrouter=70.89.123.6 hostname=se**.somehtingelse.biz I tried to add the gateway for link2 but it's not taking since it already exists, and I've run multiple IP'd servers before without issue. I'm really lost.___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org font size=1 div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in' /div This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system. /font ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Odd routing issue...
Running: FreeBSD caduceus.wingfoot.org 8.0-RELEASE-p2 FreeBSD 8.0-RELEASE-p2 #42: Fri May 7 19:22:48 EDT 2010 r...@caduceus.wingfoot.org:/usr/obj/usr/src/sys/SANDALS amd64 I'm getting a route added upon reboot with the hostname of the box, going to lo0. It's preventing things like, pinging itself. I can manually delete the route, but.. where is it being set to begin with?! Internet: DestinationGatewayFlagsRefs Use Netif Expire defaultip-66-80-251-65.ny UGS17 50 nfe0 66.80.251.64/26link#1 U 00 nfe0 caduceus link#1 UHS 07lo0 (much snippage) localhost link#2 UH 00lo0 Nothing's changed in my /etc/rc.conf from when I was running 7.2-RELEASE... This behavior didn't happen with 7.2. And, I don't see anything in /usr/src/UPDATING that seems relevant (unless, naturally, I'm missing something). My google-fu keeps bringing me to the handbook, but I don't see anything useful in there that might apply. If I restart netif, the mysterious caduceus route pops up again. If someone can point me in the right direction, I'd really appreciate it. Thanks in advance! Best, --Glenn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Odd routing issue...
On Wednesday 12 of May 2010 06:07, Glenn Sieb wrote: I'm getting a route added upon reboot with the hostname of the box, going to lo0. It's preventing things like, pinging itself. I can manually delete the route, but.. where is it being set to begin with?! well, that behaviour is what i would expect. After all, the machine knows that to ping its own ip, it has to use the lo0 interface. It just resolves your ip with the hostname of the machine. So as far as i see, this is the intended behaviour. (You can use netstat -rn to see the actual ip and not hostnames.) If you can't ping localhost, i'd say that the problem lies elsewere. (firewalls probably) You can check with tcpdump to see what happens and your pings don't get a reply. -- Real programmers don't document. If it was hard to write, it should be hard to understand. signature.asc Description: This is a digitally signed message part.
Routing Issue?
Hello Everyone, I have a FreeBSD 6.1-RELEASE box that has two network cards (Dual Homed?). Each card is on a different network, as following (from /etc/rc.conf): ifconfig_fxp0=inet 192.168.20.36 netmask 255.255.255.0 ifconfig_rl0=inet 192.168.210.6 netmask 255.255.255.0 defaultrouter=192.168.210.1 route_servers=-net 192.168.2.0 192.168.20.1 static_routes=net1 net2 route_net1=-net 172.20.68.0 192.168.20.1 255.255.254.0 route_net2=-net 192.168.2.0 192.168.20.1 The fxp0 is connected to the outside world while the rl0 is connected to the internal networks. I noticed whenever I ssh or try to telnet to port 25 on this box from 192.168.2.x for example, it delays the response by something like 10 seconds, I even have a tcpdump of that! Can someone explain what is wrong with my setup? Should I have routed running? (I personally don't feel it is needed) Thanks in advance for your help and guidance. P.S. I got the above setup based on my understanding of the handbook, so forgive me if I didn't understand it correctly :) -- -- Yousef Raffah The Savola Group -- http://yousef.raffah.com signature.asc Description: This is a digitally signed message part
Re: Routing Issue?
Yousef Adnan Raffah wrote: Hello Everyone, I have a FreeBSD 6.1-RELEASE box that has two network cards (Dual Homed?). Each card is on a different network, as following (from /etc/rc.conf): ifconfig_fxp0=inet 192.168.20.36 netmask 255.255.255.0 ifconfig_rl0=inet 192.168.210.6 netmask 255.255.255.0 defaultrouter=192.168.210.1 route_servers=-net 192.168.2.0 192.168.20.1 static_routes=net1 net2 route_net1=-net 172.20.68.0 192.168.20.1 255.255.254.0 route_net2=-net 192.168.2.0 192.168.20.1 The fxp0 is connected to the outside world while the rl0 is connected to the internal networks. I noticed whenever I ssh or try to telnet to port 25 on this box from 192.168.2.x for example, it delays the response by something like 10 seconds, I even have a tcpdump of that! Can someone explain what is wrong with my setup? Should I have routed running? (I personally don't feel it is needed) Thanks in advance for your help and guidance. P.S. I got the above setup based on my understanding of the handbook, so forgive me if I didn't understand it correctly :) I believe the actual fault is that you don't understand how networks are done, based on the /etc/rc.conf entries you've listed above. I suggest that you pick up Computer Networks: A System Approach by Peterson and Davie to pick up a basic idea of how networking and routing works, and maybe consult http://en.wikipedia.org/wiki/Classful_network as a basis for planning out how things will be done, in particular with network addresses. Providing netstat -nr output would be beneficial as well when troubleshooting issues with routing, as well as any firewall rules you have in place. -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
routing issue of mpd
Hi: I got mpd working and logined into pptp server through internet. From my pc, I can ping internal interface of the pptp server, 192.168.128.1 (my pc address is 192.168.128.10). the problem is that I can't ping anything beyond that, such as 192.168.128.2 (it actually is an interface of a router, on the same subnet). From cmd of windows, with command ipconfig: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 254.254.254.100 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 254.254.254.1 PPP adapter test: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 192.168.128.10 Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : So how could I change the length of the masking of the ppp adapter? once I can change the length of the masking bits, then I can route my traffic into the rfc1918 networks that behind of the vpn server. the manual page of: http://www.bretterklieber.com/mpd/doc3/mpd22.html don't seem to be matter though. here is the mpd.conf: default: load pptp0 pptp0: new -i ng0 pptp0 pptp0 set ipcp ranges 192.168.128.1/21 192.168.128.10/21 load common common: set iface disable on-demand set iface enable proxy-arp set iface idle 1800 set iface enable tcpmssfix set bundle disable multilink set bundle enable compression set bundle yes crypt-reqd set link no pap chap set link enable chap-msv2 set link keep-alive 10 60 set link enable acfcomp protocomp set ipcp yes vjcomp set ipcp dns 192.168.64.96 set ccp yes mppc set ccp yes mpp-e128 BTW, mpd4 seems to be not very stable; I switched back to 3.18 and it works fine. TIA __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [Mpd-users] routing issue of mpd
On 1/31/06, gahn [EMAIL PROTECTED] wrote: Hi: I got mpd working and logined into pptp server through internet. From my pc, I can ping internal interface of the pptp server, 192.168.128.1 (my pc address is 192.168.128.10). the problem is that I can't ping anything beyond that, such as 192.168.128.2 (it actually is an interface of a router, on the same subnet). From cmd of windows, with command ipconfig: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 254.254.254.100 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 254.254.254.1 PPP adapter test: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 192.168.128.10 Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : So how could I change the length of the masking of the ppp adapter? once I can change the length of the masking bits, then I can route my traffic into the rfc1918 networks that behind of the vpn server. the manual page of: http://www.bretterklieber.com/mpd/doc3/mpd22.html don't seem to be matter though. here is the mpd.conf: default: load pptp0 pptp0: new -i ng0 pptp0 pptp0 set ipcp ranges 192.168.128.1/21 192.168.128.10/21 load common common: set iface disable on-demand set iface enable proxy-arp set iface idle 1800 set iface enable tcpmssfix set bundle disable multilink set bundle enable compression set bundle yes crypt-reqd set link no pap chap set link enable chap-msv2 set link keep-alive 10 60 set link enable acfcomp protocomp set ipcp yes vjcomp set ipcp dns 192.168.64.96 set ccp yes mppc set ccp yes mpp-e128 BTW, mpd4 seems to be not very stable; I switched back to 3.18 and it works fine. TIA __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ Mpd-users mailing list Mpd-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/mpd-users It would be strange if a ppp connection had a different subnet mask. You really should get into some reading on basic TCP/IP. What you need is to setup a route, something like this: route add 192.168.128/21 192.168.128.1 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Routing issue
I just installed a secondary internet connection at my office, and I'm having a bizarre issue... I have a network card - dc0 That network card has a config roughly like ifconfig_dc0 inet 1.2.3.4 netmask 255.255.255.248 ifconfig_dc0_alias0 inet 2.3.4.5 netmask 255.255.255.248 defaultrouter=1.2.3.1 When I have the network set up in this manner (packets coming in via two external lines plugged into the same switch), I can only access the network that is on the same network as the default router. In the example above, I can access the server by 1.2.3.4, but not by 2.3.4.5. If I change the defaultrouter to 2.3.4.1, I can access the server by 2.3.4.5 but not 1.2.3.4. The ultimate goal of this, obviously, is to enable both interfaces to work from the outside world. Traffic needs to be able to come in either/or, and leave by the external device of my choosing. Is there something I should be checking, or something that I'm overlooking? Any help you could give would be *greatly* appreciated. Thanks! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Routing issue
On Mon, 2004-07-19 at 11:12, Web Walrus (Robert Wall) wrote: I just installed a secondary internet connection at my office, and I'm having a bizarre issue... I have a network card - dc0 That network card has a config roughly like ifconfig_dc0 inet 1.2.3.4 netmask 255.255.255.248 ifconfig_dc0_alias0 inet 2.3.4.5 netmask 255.255.255.248 defaultrouter=1.2.3.1 Read this page regarding adding aliases: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/configtuning-virtual-hosts.html You need to change your netmask for the alias to 255.255.255.255 if it's on the same network. Regards, -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc Unix IS user friendly.. It's just selective about who its friends are. signature.asc Description: This is a digitally signed message part
Re: Routing issue
ifconfig_dc0 inet 1.2.3.4 netmask 255.255.255.248 ifconfig_dc0_alias0 inet 2.3.4.5 netmask 255.255.255.248 defaultrouter=1.2.3.1 You need to change your netmask for the alias to 255.255.255.255 if it's on the same network. It's not on the same network; that's the problem. Two complete separate networks, same interface card. The issue is that one of the networks works, and the other doesn't, depending on what network the default router happens to be on. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Routing issue
On Jul 19, 2004, at 02:12, Web Walrus (Robert Wall) wrote: That network card has a config roughly like ifconfig_dc0 inet 1.2.3.4 netmask 255.255.255.248 ifconfig_dc0_alias0 inet 2.3.4.5 netmask 255.255.255.248 defaultrouter=1.2.3.1 Excuse me why I interject that it's a royal PITA when people post obfuscated IP information while asking IP-related questions. It inevitably introduces confusion. Ok, I feel better now... When I have the network set up in this manner (packets coming in via two external lines plugged into the same switch), I can only access the network that is on the same network as the default router. In the example above, I can access the server by 1.2.3.4, but not by 2.3.4.5. If I change the defaultrouter to 2.3.4.1, I can access the server by 2.3.4.5 but not 1.2.3.4. Access the server from where? Let me test my understanding. You have a server with one NIC and two addresses, plugged into a single switched network along with two ethernet connections to external ISPs, and you're trying to connect to the server from a remote network via the different addresses? If both addresses can reach the network you are connecting from, it should work via either address. Note that the RESPONSE may come to you from a different address, and if that confuses your application THAT may break. For example, if you come in on 2.3.4.5, the reply will still return via 1.2.3.4 - your server can only have one default gateway, and if that's how it knows to reach you, that's where it will go. If your two networks can't both reach your source network, then yes, it will break. There are workarounds, most involve either a dynamic routing protocol that can assign priorites to the different paths, or introducing an external device (firewall, router) that basically does the same thing. Essentially you need more elaborate routing that takes availability into account. KeS ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Routing issue
On Mon, Jul 19, 2004 at 04:31:36AM -0500, Web Walrus (Robert Wall) wrote: ifconfig_dc0 inet 1.2.3.4 netmask 255.255.255.248 ifconfig_dc0_alias0 inet 2.3.4.5 netmask 255.255.255.248 defaultrouter=1.2.3.1 You need to change your netmask for the alias to 255.255.255.255 if it's on the same network. It's not on the same network; that's the problem. Two complete separate networks, same interface card. The issue is that one of the networks works, and the other doesn't, depending on what network the default router happens to be on. Yes -- the OP's configuration is correct as far as it goes. However the problem he's facing is rather more intractable than it first appears. In general, you're going to need a mechanism for dynamically routing packets in order to make this sort of setup work. For most setups, you'ld need the co-operation of your ISP to make things work as well. There's two areas where you can use this dual setup profitably. The first is failover -- should one of the connections go down, you'll automatically switch to using the other. About the simplest way of doing something like that is to run a script periodically (say once every 5 minutes) that sends a ping down the active channel, and if there's no response, it switches the default route to the other channel. This means that normally all your traffic will go down one of the connections, and there won't be any bandwidth advantages but you will get increased resilience. The second is 'policy based routing' -- which is a good term to google for. Under FreeBSD this is implemented using the ipfw(8) 'fwd' command which lets you dynamically redirect packets down one channel or the other. That means you can do things like select out HTTP traffic and send it via one channel, leaving all of the other traffic to go by the other. That lets you share out your bandwidth between available channels, but doesn't give you any advantages in terms of resilience. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpbVdI29YXTM.pgp Description: PGP signature
Re: Routing issue
ifconfig_dc0 inet 1.2.3.4 netmask 255.255.255.248 ifconfig_dc0_alias0 inet 2.3.4.5 netmask 255.255.255.248 defaultrouter=1.2.3.1 It's not on the same network; that's the problem. Two complete separate networks, same interface card. The issue is that one of the networks works, and the other doesn't, depending on what network the default router happens to be on. In general, you're going to need a mechanism for dynamically routing packets in order to make this sort of setup work. For most setups, you'ld need the co-operation of your ISP to make things work as well. The situation is this - there are 4 servers that are on one network. I'm trying to switch them over to another network, but I need to do it without downtime. Therefore, I need to have both IPs completely active and functional simultaneously. Would the situation be any easier if I put one of the networks on a separate NIC? Is there any way to determine what IP/interface a connection came in on, and continue to use that IP/interface for the outbound packets? Maybe with static routes or something of that nature? The thing is, I used this exact setup (albeit on two different network cards) on a FreeBSD 2.x box quite a ways back, for the same purpose (switching networks), and it was working fine. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Routing issue
On Mon, Jul 19, 2004 at 12:55:45PM -0500, Web Walrus (Robert Wall) wrote: ifconfig_dc0 inet 1.2.3.4 netmask 255.255.255.248 ifconfig_dc0_alias0 inet 2.3.4.5 netmask 255.255.255.248 defaultrouter=1.2.3.1 It's not on the same network; that's the problem. Two complete separate networks, same interface card. The issue is that one of the networks works, and the other doesn't, depending on what network the default router happens to be on. In general, you're going to need a mechanism for dynamically routing packets in order to make this sort of setup work. For most setups, you'ld need the co-operation of your ISP to make things work as well. The situation is this - there are 4 servers that are on one network. I'm trying to switch them over to another network, but I need to do it without downtime. Therefore, I need to have both IPs completely active and functional simultaneously. Right -- in which case, you've actually done everything right, Is there any way to determine what IP/interface a connection came in on, and continue to use that IP/interface for the outbound packets? Maybe with static routes or something of that nature? That should happen automatically whenever anyone connects to one or other of those addresses. It's setting the origin address on outgoing connections that's usually the difficult bit, but in this case, that shouldn't be a problem. Really all you need to do is at some point change the default route to point to the new gateway, and then wait until any traffic to the old addressess dies away. Then edit /etc/rc.conf to make the new ip address the only one configured on the interface and whatever else needs fiddling with similarly, a quick reboot and you're done. Cheers Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgprKTSAyFxbr.pgp Description: PGP signature
Help with a routing issue
I have a freebsd 4.7 box at a client. The box has an ip of 192.168.254.22 The default gateway is 192.168.254.1 which is the inside interface of the gateway. The outside interface of the gateway is 196.25.37.18 and it also has an alias of 196.25.37.19. When i ping 196.25.37.18 from the clients box (192.168.254.22) i get this. mmrserver# ping 196.25.37.18 PING 196.25.37.18 (196.25.37.18): 56 data bytes 36 bytes from brandford.trusc.net (192.168.254.24): Redirect Host(New addr: 192.168.254.1) Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 08f4 0 40 01 c9ca 192.168.254.22 196.25.37.18 64 bytes from 196.25.37.18: icmp_seq=0 ttl=63 time=66.616 ms 36 bytes from brandford.trusc.net (192.168.254.24): Redirect Host(New addr: 192.168.254.1) Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 08f8 0 40 01 c9c6 192.168.254.22 196.25.37.18 When i ping 196.25.37.19 i get this. mmrserver# ping 196.25.37.19 PING 196.25.37.19 (196.25.37.19): 56 data bytes 64 bytes from 196.25.37.19: icmp_seq=0 ttl=64 time=5.445 ms 64 bytes from 196.25.37.19: icmp_seq=1 ttl=64 time=4.630 ms 64 bytes from 196.25.37.19: icmp_seq=2 ttl=64 time=5.226 ms That is correct the way it should be. My routes on the clients box look as follows: mmrserver# netstat -rn Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire default192.168.254.1 UGSc7 1952dc0 127.0.0.1 127.0.0.1 UH 00lo0 192.168.60 link#2 UC 110rl0 192.168.60.1 00:10:dc:f5:9c:9d UHLW0 10rl0972 192.168.60.11 00:0d:61:1b:f0:fc UHLW1 418rl0442 192.168.60.12 00:00:21:e2:8d:e1 UHLW02rl0642 192.168.60.15 00:90:f5:08:32:cb UHLW0 435rl0256 192.168.60.16 00:50:22:8c:ee:51 UHLW01rl0790 192.168.60.18 00:50:bf:97:e8:8a UHLW0 371rl0 1022 192.168.60.21 00:0c:76:25:74:fc UHLW1 1422rl0858 192.168.60.22 00:50:bf:ec:27:a3 UHLW1 10rl0 1032 192.168.60.33 00:0d:61:4d:5b:9e UHLW3 17rl0873 192.168.60.133 00:50:22:8d:ed:86 UHLW1 10rl0 1122 192.168.60.255 ff:ff:ff:ff:ff:ff UHLWb 2 49rl0 192.168.254link#1 UC 20dc0 192.168.254.1 00:02:6f:32:24:90 UHLW8 268dc0 1149 192.168.254.255ff:ff:ff:ff:ff:ff UHLWb 2 94dc0 Can anyone help me with why the 196.25.37.18 ip is being redirected via 192.168.254.24? PLEASE ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Help with a routing issue
On Wed, 26 May 2004, Leon Botes wrote: I have a freebsd 4.7 box at a client. The box has an ip of 192.168.254.22 The default gateway is 192.168.254.1 which is the inside interface of the gateway. The outside interface of the gateway is 196.25.37.18 and it also has an alias of 196.25.37.19. When i ping 196.25.37.18 from the clients box (192.168.254.22) i get this. mmrserver# ping 196.25.37.18 PING 196.25.37.18 (196.25.37.18): 56 data bytes 36 bytes from brandford.trusc.net (192.168.254.24): Redirect Host(New addr: 192.168.254.1) Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 08f4 0 40 01 c9ca 192.168.254.22 196.25.37.18 64 bytes from 196.25.37.18: icmp_seq=0 ttl=63 time=66.616 ms 36 bytes from brandford.trusc.net (192.168.254.24): Redirect Host(New addr: 192.168.254.1) Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 08f8 0 40 01 c9c6 192.168.254.22 196.25.37.18 When i ping 196.25.37.19 i get this. mmrserver# ping 196.25.37.19 PING 196.25.37.19 (196.25.37.19): 56 data bytes 64 bytes from 196.25.37.19: icmp_seq=0 ttl=64 time=5.445 ms 64 bytes from 196.25.37.19: icmp_seq=1 ttl=64 time=4.630 ms 64 bytes from 196.25.37.19: icmp_seq=2 ttl=64 time=5.226 ms That is correct the way it should be. Could you provide the output of ifconfig -a of the gateway box? Should shed some more light about the issues, also the parts of /etc/rc.conf, where the cards are configured, could be interesting. Olaf -- Olaf Hoyer[EMAIL PROTECTED] Fuerchterliche Erlebniss geben zu raten, ob der, welcher sie erlebt, nicht etwas Fuerchterliches ist. (Nietzsche, Jenseits von Gut und Boese) ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Help with a routing issue
Could you provide the output of ifconfig -a of the gateway box? Should shed some more light about the issues, also the parts of /etc/rc.conf, where the cards are configured, could be interesting. Olaf -- Olaf Hoyer[EMAIL PROTECTED] Fuerchterliche Erlebniss geben zu raten, ob der, welcher sie erlebt, nicht etwas Fuerchterliches ist. (Nietzsche, Jenseits von Gut und Boese) FROM THE GATEWAY: ifconfig fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 196.25.37.18 netmask 0xfff8 broadcast 196.25.37.23 inet 196.25.37.19 netmask 0x broadcast 196.25.37.19 ether 00:20:ed:11:00:e8 media: Ethernet autoselect (100baseTX full-duplex) status: active fxp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.254.1 netmask 0xff00 broadcast 192.168.254.255 ether 00:20:ed:11:00:e9 media: Ethernet autoselect (100baseTX full-duplex) status: active rc.conf ifconfig_fxp0=inet 196.25.37.18 netmask 255.255.255.248 ifconfig_fxp0_alias0=inet 196.25.37.19 netmask 255.255.255.255 ifconfig_fxp1=inet 192.168.254.1 netmask 255.255.255.0 natd_enable=YES natd_interface=fxp0 natd_flags= gateway_enable=YES defaultrouter=196.25.37.17 Ipfw show 00300 22467 1425741 fwd 196.25.37.20 tcp from any to any 80 out xmit fxp0 01000 64432 13724943 divert 8668 ip from any to any via fxp0 01100 11754 6690334 allow ip from any to any via lo0 01200 00 deny ip from any to 127.0.0.0/8 01300 00 deny ip from 127.0.0.0/8 to any 01400 5223 533128 fwd 196.25.37.22 tcp from any to any 443 out xmit fxp0 01500 00 fwd 196.25.37.22 tcp from any to any 3306 out xmit fxp0 0160050027082 fwd 196.25.37.22 tcp from any to any 22 out xmit fxp0 01700193 9455 fwd 196.25.37.22 tcp from any to any 110 out xmit fxp0 01800 00 fwd 196.25.37.22 tcp from any to any 119 out xmit fxp0 01900 00 deny log logamount 2 tcp from any to any 445,2556,9996,5554 in recv fxp1 65000 171424 31989301 allow ip from any to any 65535 00 deny ip from any to any FROM THE CLIENT BOX: Ifconfig dc0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.254.22 netmask 0xff00 broadcast 192.168.254.255 ether 00:50:bf:97:e8:83 media: Ethernet autoselect (10baseT/UTP) status: active rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.60.2 netmask 0xff00 broadcast 192.168.60.255 ether 00:50:bf:43:37:c1 media: Ethernet autoselect (100baseTX full-duplex) status: active rc.conf ifconfig_rl0=inet 192.168.60.2 netmask 255.255.255.0 ifconfig_dc0=inet 192.168.254.22 netmask 255.255.255.0 gateway_enable=YES defaultrouter=192.168.254.1 nfs_client_enable=YES firewall_enable=YES firewall_type=open natd_enable=YES natd_interface=dc0 natd_flags= Ipfw show 00050 8360 3676585 divert 8668 ip from any to any via dc0 00100 00 allow ip from any to any via lo0 00200 00 deny ip from any to 127.0.0.0/8 00300 00 deny ip from 127.0.0.0/8 to any 65000 44744 16464427 allow ip from any to any 65535 00 deny ip from any to any ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Help with a routing issue
Can you show us the routing on the server please rather than the client ? What is the subnet mask of the alias 196.25.37.19 ? It should have a subnet of 255.255.255.255 as it's on the same network as 196.25.37.18. Cheers, -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc Unix IS user friendly.. It's just selective about who its friends are. The below is only sections of the output. Most of the individual hosts have been removed. Just a few examples left. 10.5/16192.168.254.29 UGSc0 11 fxp1 10.6/16192.168.254.12 UGSc00 fxp1 10.7/16192.168.254.12 UGSc00 fxp1 10.8/16192.168.254.12 UGSc00 fxp1 10.9/16192.168.254.27 UGSc00 fxp1 10.11/16 192.168.254.28 UGSc00 fxp1 10.12/16 192.168.254.33 UGSc00 fxp1 10.13/16 192.168.254.34 UGSc00 fxp1 10.14/16 192.168.252.23 UGSc00 fxp1 127.0.0.1 127.0.0.1 UH 0 2214lo0 192.168.0 192.168.254.23 UGSc00 fxp1 192.168.2 192.168.254.24 UGSc00 fxp1 192.168.7 192.168.254.31 UGSc00 fxp1 192.168.60 192.168.254.22 UGSc00 fxp1 192.168.252192.168.254.12 UGSc8 161 fxp1 192.168.253192.168.254.12 UGSc 13 212 fxp1 192.168.254link#2 UC 340 fxp1 192.168.254.1 00:20:ed:11:00:e9 UHLW2 1425lo0 192.168.254.22 00:02:6f:32:27:6b UHLW1 1032 fxp1116 192.168.254.23 00:50:bf:97:e4:9d UHLW1 2292 fxp1777 192.168.254.24 00:50:bf:43:2c:16 UHLW3 3476 fxp1421 192.168.254.25 00:a0:cc:db:03:75 UHLW1 836 fxp1 1117 192.168.254.27 00:02:6f:07:86:5b UHLW1 224 fxp1878 192.168.254.28 link#2 UHLW10 fxp1 192.168.254.29 00:02:6f:07:86:57 UHLW1 139 fxp1924 192.168.254.30 00:02:6f:07:86:6a UHLW0 779 fxp1741 192.168.254.31 00:02:6f:08:9f:a6 UHLW1 161 fxp1936 192.168.254.32 00:02:6f:04:7a:1e UHLW0 165 fxp1 59 192.168.254.33 link#2 UHLW1 92 fxp1 192.168.255192.168.254.21 UGSc337107 fxp1 196.25.37.16/29link#1 UC 40 fxp0 196.25.37.17 00:e0:fc:0c:be:d9 UHLW 29 230 fxp0790 196.25.37.18 00:20:ed:11:00:e8 UHLW1 2127lo0 196.25.37.19 00:20:ed:11:00:e8 UHLW1 370lo0 = 196.25.37.19/32link#1 UC 10 fxp0 196.25.37.20 00:0c:f1:ae:c6:99 UHLW144305 fxp0908 196.25.37.22 00:09:5b:3f:2f:63 UHLW111942 fxp0910 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Help with a routing issue
On Wed, 2004-05-26 at 12:28, Leon Botes wrote: The below is only sections of the output. Most of the individual hosts have been removed. Just a few examples left. 10.5/16192.168.254.29 UGSc0 11 fxp1 10.6/16192.168.254.12 UGSc00 fxp1 10.7/16192.168.254.12 UGSc00 fxp1 10.8/16192.168.254.12 UGSc00 fxp1 10.9/16192.168.254.27 UGSc00 fxp1 10.11/16 192.168.254.28 UGSc00 fxp1 10.12/16 192.168.254.33 UGSc00 fxp1 10.13/16 192.168.254.34 UGSc00 fxp1 10.14/16 192.168.252.23 UGSc00 fxp1 127.0.0.1 127.0.0.1 UH 0 2214lo0 192.168.0 192.168.254.23 UGSc00 fxp1 192.168.2 192.168.254.24 UGSc00 fxp1 192.168.7 192.168.254.31 UGSc00 fxp1 192.168.60 192.168.254.22 UGSc00 fxp1 192.168.252192.168.254.12 UGSc8 161 fxp1 192.168.253192.168.254.12 UGSc 13 212 fxp1 192.168.254link#2 UC 340 fxp1 192.168.254.1 00:20:ed:11:00:e9 UHLW2 1425lo0 192.168.254.22 00:02:6f:32:27:6b UHLW1 1032 fxp1116 192.168.254.23 00:50:bf:97:e4:9d UHLW1 2292 fxp1777 192.168.254.24 00:50:bf:43:2c:16 UHLW3 3476 fxp1421 192.168.254.25 00:a0:cc:db:03:75 UHLW1 836 fxp1 1117 192.168.254.27 00:02:6f:07:86:5b UHLW1 224 fxp1878 192.168.254.28 link#2 UHLW10 fxp1 192.168.254.29 00:02:6f:07:86:57 UHLW1 139 fxp1924 192.168.254.30 00:02:6f:07:86:6a UHLW0 779 fxp1741 192.168.254.31 00:02:6f:08:9f:a6 UHLW1 161 fxp1936 192.168.254.32 00:02:6f:04:7a:1e UHLW0 165 fxp1 59 192.168.254.33 link#2 UHLW1 92 fxp1 192.168.255192.168.254.21 UGSc337107 fxp1 196.25.37.16/29link#1 UC 40 fxp0 196.25.37.17 00:e0:fc:0c:be:d9 UHLW 29 230 fxp0790 196.25.37.18 00:20:ed:11:00:e8 UHLW1 2127lo0 196.25.37.19 00:20:ed:11:00:e8 UHLW1 370lo0 = 196.25.37.19/32link#1 UC 10 fxp0 196.25.37.20 00:0c:f1:ae:c6:99 UHLW144305 fxp0908 196.25.37.22 00:09:5b:3f:2f:63 UHLW111942 fxp0910 Can't see any peculiarities. Try adding the following route on the client machine: route add -host 196.25.37.18 192.168.254.1 255.255.255.255 See if that helps. -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc Unix IS user friendly.. It's just selective about who its friends are. signature.asc Description: This is a digitally signed message part
RE: Help with a routing issue
Set it to zero mmrserver# sysctl net | grep direct net.inet.ip.redirect: 0 net.inet.icmp.drop_redirect: 0 net.inet.icmp.log_redirect: 0 Results are the same. Also tried adding a fixed route as such: Route add -host 196.25.37.18 192.168.254.1 No luck. -Original Message- From: Nelis Lamprecht [mailto:[EMAIL PROTECTED] Sent: 26 May 2004 13:55 To: [EMAIL PROTECTED] Subject: RE: Help with a routing issue One other thing you can try. There is a sysctl variable net.inet.ip.redirect: 1 Try turning that off by setting it to 0 on the client machine. What happens ? Nelis On Wed, 2004-05-26 at 13:08, Leon Botes wrote: Tried that already - no luck. -Original Message- From: Nelis Lamprecht [mailto:[EMAIL PROTECTED] Sent: 26 May 2004 13:01 To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: Help with a routing issue On Wed, 2004-05-26 at 12:28, Leon Botes wrote: The below is only sections of the output. Most of the individual hosts have been removed. Just a few examples left. 10.5/16192.168.254.29 UGSc0 11 fxp1 10.6/16192.168.254.12 UGSc00 fxp1 10.7/16192.168.254.12 UGSc00 fxp1 10.8/16192.168.254.12 UGSc00 fxp1 10.9/16192.168.254.27 UGSc00 fxp1 10.11/16 192.168.254.28 UGSc00 fxp1 10.12/16 192.168.254.33 UGSc00 fxp1 10.13/16 192.168.254.34 UGSc00 fxp1 10.14/16 192.168.252.23 UGSc00 fxp1 127.0.0.1 127.0.0.1 UH 0 2214lo0 192.168.0 192.168.254.23 UGSc00 fxp1 192.168.2 192.168.254.24 UGSc00 fxp1 192.168.7 192.168.254.31 UGSc00 fxp1 192.168.60 192.168.254.22 UGSc00 fxp1 192.168.252192.168.254.12 UGSc8 161 fxp1 192.168.253192.168.254.12 UGSc 13 212 fxp1 192.168.254link#2 UC 340 fxp1 192.168.254.1 00:20:ed:11:00:e9 UHLW2 1425lo0 192.168.254.22 00:02:6f:32:27:6b UHLW1 1032 fxp1 116 192.168.254.23 00:50:bf:97:e4:9d UHLW1 2292 fxp1 777 192.168.254.24 00:50:bf:43:2c:16 UHLW3 3476 fxp1 421 192.168.254.25 00:a0:cc:db:03:75 UHLW1 836 fxp1 1117 192.168.254.27 00:02:6f:07:86:5b UHLW1 224 fxp1 878 192.168.254.28 link#2 UHLW10 fxp1 192.168.254.29 00:02:6f:07:86:57 UHLW1 139 fxp1 924 192.168.254.30 00:02:6f:07:86:6a UHLW0 779 fxp1 741 192.168.254.31 00:02:6f:08:9f:a6 UHLW1 161 fxp1 936 192.168.254.32 00:02:6f:04:7a:1e UHLW0 165 fxp1 59 192.168.254.33 link#2 UHLW1 92 fxp1 192.168.255192.168.254.21 UGSc337107 fxp1 196.25.37.16/29link#1 UC 40 fxp0 196.25.37.17 00:e0:fc:0c:be:d9 UHLW 29 230 fxp0 790 196.25.37.18 00:20:ed:11:00:e8 UHLW1 2127lo0 196.25.37.19 00:20:ed:11:00:e8 UHLW1 370lo0 = 196.25.37.19/32link#1 UC 10 fxp0 196.25.37.20 00:0c:f1:ae:c6:99 UHLW144305 fxp0 908 196.25.37.22 00:09:5b:3f:2f:63 UHLW111942 fxp0 910 Can't see any peculiarities. Try adding the following route on the client machine: route add -host 196.25.37.18 192.168.254.1 255.255.255.255 See if that helps. -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc Unix IS user friendly.. It's just selective about who its friends are. -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc Unix IS user friendly.. It's just selective about who its friends are. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Help with a routing issue
On Wednesday 26 May 2004 18:25, Leon Botes wrote: I have a freebsd 4.7 box at a client. The box has an ip of 192.168.254.22 The default gateway is 192.168.254.1 which is the inside interface of the gateway. The outside interface of the gateway is 196.25.37.18 and it also has an alias of 196.25.37.19. When i ping 196.25.37.18 from the clients box (192.168.254.22) i get this. mmrserver# ping 196.25.37.18 PING 196.25.37.18 (196.25.37.18): 56 data bytes 36 bytes from brandford.trusc.net (192.168.254.24): Redirect Host(New addr: 192.168.254.1) I don't know whether it has any relevance to your problem; but I find the symbolic address 'brandford.trusc.net' is being reported on the public network: beta:209 host brandford.trusc.net brandford.trusc.net has address 192.168.254.24 Which I don't believe should be the case. A misconfigured DNS ? Malcolm ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
VPN(touch-ID)/gif0/Dynamic Routing Issue
Hello, I have few questions regarding the Dynamic Rouitng (i.e. routed) and gif0 interface. I go through the following documents: http://www.freebsd.org/handbook/ipsec.html http://asherah.dyndns.org/~josh/ipsec-howto.txt and follow the following steps: 1. Configure the gif0 interface using the www.freebsd.org/handbook/ipsec.html diagram as reference, it work fine (tested by ping) 2. Configure IPSec in Transport mode (since I am interested in forwarding dynamic routing information over point-2-point VPN) using draft-touch-ipsec- vpn approach, i.e: IPSec policy spdadd A.B.C.D W.X.Y.Z any -P out ipsec esp/transport//use; spdadd W.X.Y.Z A.B.C.D any -P in ipsec esp/transport//use; It works fine (ping test). 3. Now I start routed with -s options, It never saw any routing information flow through the VPN (tcpdump). 4. So, I disabled the IPSec and try again but I still saw no routing information over VPN (tcpdump). 5. So, I disabled the gif0 interface as well, I saw the RIP packets exchanges between two freeBSD machine. Summary: 1. routed works fine without gif0 interface. 2. VPN works fine without routed. Question: Now my questions are 1. There is any in-compatibility (or known bug) between routed and gif0 interface (I am using freeBSD 4.8 Release). 2. Is there any freeBSD document which describe how to configure gif0 and routed together. Thanks, Amin _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/viruspgmarket=en-caRU=http%3a%2f%2fjoin.msn.com%2f%3fpage%3dmisc%2fspecialoffers%26pgmarket%3den-ca ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
VPN(touch-ID)/gif0/Dynamic Routing Issue [freeBSD 4.8 Release]
Hello, I have few questions regarding the Dynamic Rouitng (i.e. routed) and gif0 interface. Questions: 1. There is any in-compatibility or known bug, if we use routed and gif0 interface together (I am using freeBSD 4.8 Release). 2. If there is no known bug then any one tested the above mention combination (routed and gif0 interface) 3. Is there any freeBSD document which describe how to configure gif0 and routed together. Details: I go through the following documents: http://www.freebsd.org/handbook/ipsec.html http://asherah.dyndns.org/~josh/ipsec-howto.txt and follow the following steps: 1. I am using the www.freebsd.org/handbook/ipsec.html diagram as my reference network 2. Configure the gif0 interface , it work fine (tested by ping and tcpdump) 3. Configure IPSec in Transport mode (since I am interested in forwarding dynamic routing information over point-2-point VPN) using draft-touch-ipsec- vpn approach, i.e: IPSec policy On Network 1: spdadd A.B.C.D W.X.Y.Z any -P out ipsec esp/transport//use; spdadd W.X.Y.Z A.B.C.D any -P in ipsec esp/transport//use; On Network 2: spdadd W.X.Y.Z A.B.C.D any -P out ipsec esp/transport//use; spdadd A.B.C.D W.X.Y.Z any -P in ipsec esp/transport//use; It works fine (ping and tcpdump). 3. Now I start routed with -s options, It never saw any routing information flow through the VPN (tcpdump). But I saw some ERROR message (IP_ADD_MEMBERSHIP RIP) during system REBOOT 4. So, I disabled the IPSec and try again but I still saw no routing information over VPN (tcpdump). But I saw some ERROR message (IP_ADD_MEMBERSHIP RIP) during system REBOOT 5. So, I disabled the gif0 interface as well, I saw the RIP packets exchanges between two freeBSD machine. Summary: 1. routed works fine without gif0 interface. 2. VPN works fine without routed. Thanks, Amin _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=dept/bcommpgmarket=en-caRU=http%3a%2f%2fjoin.msn.com%2f%3fpage%3dmisc%2fspecialoffers%26pgmarket%3den-ca ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
newbie cluele re routing issue
ok, i know that i am a newbie, but perhaps what i am trying to do is impossible. goal: host 2 domains locally equipment: linksys wireless router (4 ethernet connections--wireless not running yet), freebsd 4.7 on dedicated p166, and several boxes/os's connected dhcp. i assigned router 1 static address (68.114.63.14), server lan address (192.168.1.110). domain1.com is working. i wish to alias second static address (68.114.63.34) on server for domain2.com. try as i might, i cannot make this work. is it even possible? linksys says: place hub between modem and router, connect server to hub (placing server outside lan). that scenario renders server incapable of communicating with isp's router (68.114.63.1). i am beginning to wonder whether i can even accomplish this. it seems simple enough, however; i just can't make it work any suggestions? tia stephen d. kingrea To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: newbie cluele re routing issue
yes, it is cable/dsl. that would explain the lack of connectivity under the linksys scenario. i will try this again and report back. thank you for the clue stephen d. kingrea On 10 Jan 2003, Matt Smith wrote: Regarding your ISP -- is this a DSL connection? If so, your DMZ server (connected to the Hub) probably needs to run PPPoE. Is it? Anything behind the linksys device does not, because the linksys device takes care of PPPoE for everything behind it. -Matt On Fri, 2003-01-10 at 14:20, Stephen D. Kingrea wrote: ok, i know that i am a newbie, but perhaps what i am trying to do is impossible. goal: host 2 domains locally equipment: linksys wireless router (4 ethernet connections--wireless not running yet), freebsd 4.7 on dedicated p166, and several boxes/os's connected dhcp. i assigned router 1 static address (68.114.63.14), server lan address (192.168.1.110). domain1.com is working. i wish to alias second static address (68.114.63.34) on server for domain2.com. try as i might, i cannot make this work. is it even possible? linksys says: place hub between modem and router, connect server to hub (placing server outside lan). that scenario renders server incapable of communicating with isp's router (68.114.63.1). i am beginning to wonder whether i can even accomplish this. it seems simple enough, however; i just can't make it work any suggestions? tia stephen d. kingrea To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- Matt Smith [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message