Re: Openbsd Routing/NAT Internet Issues
Hi, Can see you are allowing packets 'out' of your internal interfaces, but what about packets getting into your internal interfaces? pass quick on ath0/rl0 keep state Also, if you have a private IP address on your modem (it will be doing NAT), and you are trying to NAT on your OpenBSD box, you are double NATing which is bad.. Either put the modem into bridged mode to allow placing the ISPs public IP addres onto the external interface of the OpenBSD box (recomended), or don't NAT on the OpenBSD box. Cheers, A On Wed 26 Mar 2014 03:28:59 GMT, Wong Peter wrote: Hello to all, I had try to set up openbsd as home router but eventually it fail to function properly. External Interface (vr0) 192.168.1.2 255.255.255.0 none Internal Interface (rl0) 172.16.10.1 255.255.255.0 none Wireless Interface (ath0) 192.168.5.1 255.255.255.0 none External interface connects to a modem with ip address of 192.168.1.254. *Routing Table* (route show | more) Destination Gateway Flags Interface default 175.13.8.127.254 UGS tun0 175.130.127.254 175.135.116.213 (PPPOE IP address) UH tun0 loopback loopback UGRS lo0 loopback loopback UH lo0 172.16.10/24 link#2 UC rl0 172.16.10.3 inet6 UHLC rl0 192.168.1/24 link#1 UC vr0 192.168.5/24 link#3 UC ath0 My wireless interface light is keep on blinking rather stay on stable mode. *Packet Filter Rules* (pfcrt -sr) nat on vr0 from !(vr0) to any - (vr0) round-robin scrub on vr0 all no-df fragment reassemble scrub on vr0 all reassemble tcp block drop in log on vr0 all pass out quick on ath0/rl0 keep state. Problem: I can ping Google DNS(8.8.8.8) from openbsd machine. or browsing internet. I cannot ping Google DNS(8.8.8.8) from LAN PC. I can ping my external modem(192.168.1.254) which return echo reply. I have no idea why ping the modem does reply but ping external network with no reply. Please help.
Re: Openbsd Routing/NAT Internet Issues
On 26-03-2014 03:28, Wong Peter wrote: Problem: I can ping Google DNS(8.8.8.8) from openbsd machine. or browsing internet. I cannot ping Google DNS(8.8.8.8) from LAN PC. I can ping my external modem(192.168.1.254) which return echo reply. I have no idea why ping the modem does reply but ping external network with no reply. Please help. Are you forwarding packets between interfaces? $ sysctl net.inet.ip.forwarding
Re: Openbsd Routing/NAT Internet Issues
On Wed, Mar 26, 2014 at 4:28 AM, Wong Peter peterap...@gmail.com wrote: Hi *Routing Table* (route show | more) Destination Gateway Flags Interface default 175.13.8.127.254 UGS tun0 175.130.127.254 175.135.116.213 (PPPOE IP address) UH tun0 should'n be your default gateway your external modem, 192.168.1.254? What is this pppoe?
Re: Openbsd Routing/NAT Internet Issues
On Wed, Mar 26, 2014 at 12:10 PM, Zé Loff zel...@zeloff.org wrote: Are you forwarding packets between interfaces? $ sysctl net.inet.ip.forwarding modem is responding (to internal LAN, I suppose), so it must enabled, -- Cris, member of G.U.F.I Italian FreeBSD User Group http://www.gufi.org/
Re: Openbsd Routing/NAT Internet Issues
On 26-03-2014 11:13, Cristiano Deana wrote: On Wed, Mar 26, 2014 at 4:28 AM, Wong Peter peterap...@gmail.com wrote: Hi *Routing Table* (route show | more) Destination Gateway Flags Interface default 175.13.8.127.254 UGS tun0 175.130.127.254 175.135.116.213 (PPPOE IP address) UH tun0 should'n be your default gateway your external modem, 192.168.1.254? What is this pppoe? No, you can have an address on the ethernet interface (vr0 in his case) and then have PPPoE over that interface. I have (approximately) the same configuration on my DSL modem, which is on bridge mode but still listens on 192.168.1.254. The default gateway is the pppoe0 link, but there's a route to 192.168.1/24 on the ethernet interface which I use to access the modem's web UI.
Re: Openbsd Routing/NAT Internet Issues
Hi, Le 26/03/2014 12:13, Cristiano Deana a écrit : On Wed, Mar 26, 2014 at 4:28 AM, Wong Peter peterap...@gmail.com wrote: Hi *Routing Table* (route show | more) Destination Gateway Flags Interface default 175.13.8.127.254 UGS tun0 175.130.127.254 175.135.116.213 (PPPOE IP address) UH tun0 should'n be your default gateway your external modem, 192.168.1.254? What is this pppoe? I agree this, In this case, I think the NAT rule should be : nat on tun0 from !(tun0) to any - (tun0) (also seems to be old syntax) Regards, Christophe.
Openbsd Routing/NAT Internet Issues
Hello to all, I had try to set up openbsd as home router but eventually it fail to function properly. External Interface (vr0) 192.168.1.2 255.255.255.0 none Internal Interface (rl0) 172.16.10.1 255.255.255.0 none Wireless Interface (ath0) 192.168.5.1 255.255.255.0 none External interface connects to a modem with ip address of 192.168.1.254. *Routing Table* (route show | more) Destination Gateway Flags Interface default 175.13.8.127.254 UGS tun0 175.130.127.254 175.135.116.213 (PPPOE IP address) UH tun0 loopback loopback UGRS lo0 loopback loopback UH lo0 172.16.10/24 link#2 UC rl0 172.16.10.3 inet6 UHLC rl0 192.168.1/24 link#1 UC vr0 192.168.5/24 link#3 UC ath0 My wireless interface light is keep on blinking rather stay on stable mode. *Packet Filter Rules* (pfcrt -sr) nat on vr0 from !(vr0) to any - (vr0) round-robin scrub on vr0 all no-df fragment reassemble scrub on vr0 all reassemble tcp block drop in log on vr0 all pass out quick on ath0/rl0 keep state. Problem: I can ping Google DNS(8.8.8.8) from openbsd machine. or browsing internet. I cannot ping Google DNS(8.8.8.8) from LAN PC. I can ping my external modem(192.168.1.254) which return echo reply. I have no idea why ping the modem does reply but ping external network with no reply. Please help. -- Linux
