Re: OpenBSD as Wireless access point
D-Link DWA-520 (it is Atheros-based wireless) works more or less OK. One issue - WPA2 is not working yet :( -- BR, Sergey Khentov 2009/4/23 Parvinder Bhasin parvinder.bha...@gmail.com: All, Can someone suggest me a good WORKING wireless PCI or USB card (PCI preferred) that I could use for setting up machine as Wireless access point? I have tried 3-4 cards already and learnt that they were not supported for the AP mode. Thanks
Re: route: network is unreachable
It is dhclient, definitely. I've configured rl1 to use static IP, removed new task from root's crontab, and, at least for this time (about 3 hours) the route stays on his place. Thanks everyone for your help! PS Vadim, I'll be glad to test new dhclient-script. 2009/2/28 Sergey Khentov sergey.khen...@gmail.com: By the way, I've checked dhclient.leases.rl1 and it seems that renewal interval for rl1 is 30 minutes (as you may remember I've discovered that routes disappear in 30 minutes interval). It seems you're right, it's dhclient. -- BR, Sergey Khentov
route: network is unreachable
at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 2 (ICH_) acpicpu0 at acpi0: C3, C2 acpibtn0 at acpi0: SLPB bios0: ROM list: 0xc/0x1 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82815 Host rev 0x04 ppb0 at pci0 dev 1 function 0 Intel 82815 AGP rev 0x04 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 NVIDIA Vanta rev 0x15 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) agp0 at vga1: aperture at 0xe800, size 0x240 drm at vga1 unsupported ppb1 at pci0 dev 30 function 0 Intel 82801AA Hub-to-PCI rev 0x02 pci2 at ppb1 bus 2 ath0 at pci2 dev 10 function 0 Atheros AR5212 rev 0x01: irq 9 ath0: AR2414 7.9 phy 4.5 rf2413 5.6, ETSI4W, address 00:1e:58:ad:74:d3 rl0 at pci2 dev 11 function 0 Realtek 8139 rev 0x10: irq 11, address 00:e0:4c:e9:c5:dc rlphy0 at rl0 phy 0: RTL internal PHY rl1 at pci2 dev 13 function 0 Realtek 8139 rev 0x10: irq 12, address 00:11:6b:3f:16:02 rlphy1 at rl1 phy 0: RTL internal PHY rl2 at pci2 dev 15 function 0 Realtek 8139 rev 0x10: irq 10, address 00:11:6b:96:70:48 rlphy2 at rl2 phy 0: RTL internal PHY ichpcib0 at pci0 dev 31 function 0 Intel 82801AA LPC rev 0x02 pciide0 at pci0 dev 31 function 1 Intel 82801AA IDE rev 0x02: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: ST360021A wd0: 16-sector PIO, LBA, 57241MB, 117231408 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets, initiator 7 cd0 at scsibus0 targ 0 lun 0: ATAPI-CD, ROM-DRIVE-52MAX, 52CA ATAPI 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 uhci0 at pci0 dev 31 function 2 Intel 82801AA USB rev 0x02: irq 10 ichiic0 at pci0 dev 31 function 3 Intel 82801AA SMBus rev 0x02: irq 11 iic0 at ichiic0 spdmem0 at iic0 addr 0x51: 256MB SDRAM non-parity PC133CL3 auich0 at pci0 dev 31 function 5 Intel 82801AA AC97 rev 0x02: irq 11, ICH AC97 ac97: codec id 0x41445360 (Analog Devices AD1885) ac97: codec features headphone, Analog Devices Phat Stereo audio0 at auich0 isa0 at ichpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 it0 at isa0 port 0x2e/2: IT8712F rev 0x04, EC port 0x290 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec usb0 at uhci0: USB revision 1.0 uhub0 at usb0 Intel UHCI root hub rev 1.00/1.00 addr 1 biomask ed65 netmask ff65 ttymask mtrr: Pentium Pro MTRR support softraid0 at root root on wd0a swap on wd0b dump on wd0b -- BR, Sergey Khentov
Re: route: network is unreachable
# cat /etc/hostname.pppoe0 inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev rl2 \ authproto pap authname szt authkey szt up !/sbin/route add default 0.0.0.1 Looks like you messed up ifconfig(8) and hostname.if(5) syntax. You need something like: inet 0.0.0.0 255.255.255.255 NONE pppoedev rl2 authproto pap authname szt authkey szt dest 0.0.0.1 up !/sbin/route add default 0.0.0.1 Thanks a lot! At least sh -x /ets/netstart pppoe0 now works OK. I've configured pppoe according to the manual for 4.2 (got it ftom http://www.openbsdsupport.org), it seems that the manual is a little bit incorrect. I'll try to contact with the author. -- BR, Sergey Khentov
Re: route: network is unreachable
Oops, it seems that the problem with disappearings of default route was not fixed. 30 minutes I was away from my PC - and route has disappeared. dmesg says nothing. Any ideas? # cat /etc/hostname.pppoe0 inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev rl2 \ authproto pap authname szt authkey szt up !/sbin/route add default 0.0.0.1 Looks like you messed up ifconfig(8) and hostname.if(5) syntax. You need something like: inet 0.0.0.0 255.255.255.255 NONE pppoedev rl2 authproto pap authname szt authkey szt dest 0.0.0.1 up !/sbin/route add default 0.0.0.1 -- BR, Sergey Khentov
Re: route: network is unreachable
I've made a simple cron task */4 * * * * (route show -inet | grep ^default /dev/null) || route add default 78.36.32.1 I think it is not very good solution, but it'll work (at least for some time). Maybe someone knows a better was? 2009/2/27 Sergey Khentov sergey.khen...@gmail.com: Oops, it seems that the problem with disappearings of default route was not fixed. 30 minutes I was away from my PC - and route has disappeared. dmesg says nothing. Any ideas? -- BR, Sergey Khentov
Re: route: network is unreachable
1) What daemons do you run? Show your /etc/rc.local script. Also, did you modify your root's crontab? If yes, please show it too. No local daemons. Almost no changes to root's crontab. # cat /etc/rc.local # $OpenBSD: rc.local,v 1.39 2006/07/28 20:19:46 sturm Exp $ # Site-specific startup actions, daemons, and other things which # can be done AFTER your system goes into securemode. For actions # which should be done BEFORE your system has gone into securemode # please see /etc/rc.securelevel. echo -n 'starting local daemons:' # Add your local startup actions here. echo '.' # cat /etc/rc.conf.local named_flags= ntpd_flags= # enabled during install dhcpd_flags=ath0 rl0 ftpproxy_flags= sendmail_flags=NO pf=YES inetd=NO check_quotas=NO ftpd_flags=-DllUSA # crontab -l -u root Password: # SHELL=/bin/sh PATH=/bin:/sbin:/usr/bin:/usr/sbin HOME=/var/log # #minute hourmdaymonth wdaycommand # # sendmail clientmqueue runner # */30 * * * * /usr/sbin/sendmail -L sm-msp-queue -Ac -q # # rotate log files every hour, if necessary 0 * * * * /usr/bin/newsyslog # send log file notifications, if necessary #1-59 * * * * /usr/bin/newsyslog -m # # do daily/weekly/monthly maintenance 30 1 * * * umask 077; /bin/sh /etc/daily 21 | tee /var/log/daily.out | mail -s `/bin/hostname` daily output root 30 3 * * 6 umask 077; /bin/sh /etc/weekly 21 | tee /var/log/weekly.out | mail -s `/bin/hostname` weekly output root 30 5 1 * * umask 077; /bin/sh /etc/monthly 21 | tee /var/log/monthly.out | mail -s `/bin/hostname` monthly output root #0 * * * * /usr/libexec/spamd-setup # # User definitions # # update database for locate * * */2 * * /bin/sh /usr/libexec/locate.updatedb # check the status of connection */12* * * * (route show -inet | grep ^default /dev/null) || route add default 78.36.32.1 2) Try to set up connection thorough pppoe(8), this'll give you a lot of information you could use for debugging, especially possible reconnection logs. It is a little bit late here, I'll play with pppoe(8) tomorrow. Of course, I'll send the results in mail list. -- BR, Sergey Khentov
Re: OpenBSD on home router - error requesting several URLs
Hello everyone, scrub out on $adsl_if all max-mss 1352 scrub out on pppoe0 max-mss 1440 thanks a lot, the solution works :) Both values (1440 1352) are OK, I've left 1440. This is pretty weird to me - I thought MTU can be set with ifconfig - and that is what I have done. And yes, it looks like I've missed some parts of man 4 pppoe :) It looks like I'll have to read it through once more - just in case :) -- BR, Sergey Khentov
OpenBSD on home router - error requesting several URLs
Hello there,
I have a very little experience in OpenBSD and network configuration /
troubleshooting, so any advice / keyword to google / etc is welcome.
Description:
I have installed and configured OpenBSD 4.4-release to be used as a
gateway to Internet (via ADSL modem).
ser...@gate:~ uname -a
OpenBSD gate.home.net 4.4 GENERIC#1021 i386
At the moment most of configuration work has been done: I can browse
Internet from my home network. But some sites are not accessible: when I
try to open an URL my browser thinks a lot of time (about 30 minutes -
after that I have stopped URL loading) and does not shows anything at
all! But when I try to open the same URL with lynx on OpenBSD - it opens
without any errors / delays / etc. The one example of the web-site -
battle.net. The other example - youtube.com. I have tried to open those
from Desktop PC with Windows XP and from Nokia N810, and the result is
the same, so I think it is OpenBSD-configuration error. Moreover,
traceroute from home network to e.g. battle.net reaches some Internet
servers. I have tried to search google and have asked this question on
one of *NIX-related forums and haven't get any solution of my problem.
Well, maybe you have any ideas?
Here comes OpenBSD configuration:
PC has 4 network cards: ath0 (this is also a wireless access-point),
rl0, rl1, rl2. rl0 is connected to home network, rl1 looks into local
area network (there are some common resources), rl2 is connected to
ADSL-modem (bridge mode).
ser...@gate:~ ifconfig
lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33204
groups: lo
inet 127.0.0.1 netmask 0xff00
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
ath0: flags=8863UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST mtu
1500
lladdr 00:1e:58:ad:74:d3
groups: wlan
media: IEEE802.11 autoselect hostap
status: active
ieee80211: nwid homenet chan 1 bssid 00:1e:58:ad:74:d3 nwkey not
displayed
inet 192.168.2.254 netmask 0xff00 broadcast 192.168.2.255
inet6 fe80::21e:58ff:fead:74d3%ath0 prefixlen 64 scopeid 0x1
rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:e0:4c:e9:c5:dc
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.1.254 netmask 0xff00 broadcast 192.168.1.255
inet6 fe80::2e0:4cff:fee9:c5dc%rl0 prefixlen 64 scopeid 0x2
rl1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:11:6b:3f:16:02
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::211:6bff:fe3f:1602%rl1 prefixlen 64 scopeid 0x3
inet 10.0.55.43 netmask 0xff00 broadcast 10.0.55.255
rl2: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1400
lladdr 00:11:6b:96:70:48
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::211:6bff:fe96:7048%rl2 prefixlen 64 scopeid 0x4
enc0: flags=0 mtu 1536
pppoe0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1392
dev: rl2 state: session
sid: 0x2d27 PADI retries: 5 PADR retries: 0 time: 09:20:19
sppp: phase network authproto pap
groups: pppoe egress
inet6 fe80::21e:58ff:fead:74d3%pppoe0 - prefixlen 64 scopeid 0x7
inet 78.37.41.134 -- 78.36.32.1 netmask 0x
pflog0: flags=141UP,RUNNING,PROMISC mtu 33204
groups: pflog
ser...@gate:~ cat /etc/pf.conf
# comments were stripped :)
cl_if=rl1
adsl_if=pppoe0
int_if=rl0
wifi_if=ath0
nets_priv = { 127.0.0.0/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 }
set block-policy drop
set loginterface $adsl_if
# scrub in all
nat on $cl_if from $int_if:network to 10.0.11.0/24 - ($cl_if)
nat on $cl_if from $wifi_if:network to 10.0.11.0/24 - ($cl_if)
nat on $adsl_if from $int_if:network to any - ($adsl_if)
nat on $adsl_if from $wifi_if:network to any - ($adsl_if)
ser...@gate:~ route show -inet
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu Prio Iface
default 0.0.0.1 UGS 5 169770 - 48 pppoe0
10.0.1/24 core.drevlanka.ru UGS 0 5799 - 48 rl1
10.0.10/24 core.drevlanka.ru UGS 0 4 - 48 rl1
10.0.11/24 core.drevlanka.ru UGS 0 8951 - 48 rl1
10.0.55/24 link#3 UC 1 0 - 48 rl1
cerber.drevlanka.r localhost UGHS 0 0 33204 48 lo0
core.drevlanka.ru 00:13:21:c6:15:c7 UHLc 4 230 - 48 rl1
ip78-36-32-1.onego ip78-37-41-134.one UH 0 0 - 48 pppoe0
loopback localhost UGRS 0 0 33204 48 lo0
localhost localhost UH 2 8 33204 48 lo0
192.168.1/24 link#2 UC 1 0 - 48 rl0
192.168.1.1 00:20:ed:6b:0e:77 UHLc 2 8 - 48 rl0
192.168.2/24 link#1 UC 1 0 - 48 ath0
192.168.2.1 link#1 UHLc 2 2918 - 48 ath0
BASE-ADDRESS.MCAST localhost URS 0 0 33204 48 lo0
I don't know if it will help, but dmesg comes below my signature.
--
BR,
Sergey Khentov
# I have removed lines 'pckbcintr: no dev for slot 1' from dmesg - they
# repeat 432 times
ser...@gate:~ dmesg
ev for slot 1
pckbcintr: no dev for slot 1
syncing disks... done
rebooting...
OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium III (GenuineIntel
Re: OpenBSD on home router - error requesting several URLs
Hello, 2009/1/5 Jorge Valbuena jorg...@gmx.net: 1. Why so many NAT rules ? LAN accessable from rl1 has some common web servers that must be accessed only from its internal network. Those servers has IPs 10.0.11.0/24. I can connect only one device to that internal network, so I can obtain only one IP address. This is some kind of a network policy of that LAN - to use NAT. These are 2 rules (to NAT both home interfaces: rl0 ath0). 2 other NAT rules are for Internet. 2. Your BSD Server only for home router and firewall device ? At the moment - yes. Later I'll install squid, samba, configure FTP install some torrent client. 3. You should read OpenBSD FAQ and PF FAQ already done :) forgot to say so. 4. type man afterboot, from the command line. the same :) BSD FAQ: http://www.openbsd.org/faq/index.html PF FAQ: http://www.openbsd.org/faq/pf/index.html After reading this, you should have a clear vision of your configuration. Well, at the moment the configuration is quite clear to me, remember, I have configured network by myself :) But I have never configured network on OpenBSD (and on any router at all), and have never tried to troubleshoot any network errors. -- BR, Sergey Khentov
