On Sat, 31 Mar 2007 11:01:30 -0400, Lowell Gilbert wrote:
> David Benfell <[EMAIL PROTECTED]> writes:
> 
> > Another in my mysterious problems list...
> >
> > pf.conf is set up to allow icmp anywhere.  And dhcpd offers a
> > plausible IP address and gateway that the client (tested under
> > both Linux and Windows) accepts.
> >
> > The client doesn't get the DNS resolver information and can't
> > ping anywhere, even by raw IP address, even to the router.  The
> > router also fails to ping the client.

> Yeah, offhand it looks like it *should* work. 
> Fairly complicated setup; make sure you really need those
> shared-networks if you're using them.
> Have you tried putting the domain-name-servers entries
> at the subnet or global scope?

It *is* a fairly complicated setup.  I noticed some kernel
arp messages claiming the client wasn't on the network, so I've
just gotten back from checking that I had things wired up right.

I *think* I do.  ifconfig reports that all the interfaces that
are supposed to have connections do and the ones that aren't
don't.  And I've checked all the other networks recently enough
to know that they're correctly connected.

But there is this one aggravating message that doesn't make any
sense to me.  In order to explain it, I have to reveal a bit of
the network setup.  (ifconfig -a output attached)

66.93.170.241 is the LAN address on the T1 router from my ISP.
It *is* on interface xl0.  I know this (I think) because I can
access the outside world without difficulty on this system.  The
network bits for this seem properly arranged.

sf1 is the interface I use to my VOIP box, which has a web
interface, and that's all I use that interface for.  The VOIP
box is just that, something I got from my ISP (Speakeasy).  I'm
getting arp messages that say 66.93.170.241 is on xl0 but got a
reply from (some MAC address) on sf1.

For whatever reason, I wasn't getting these messages when this
was an OpenBSD box.

Meanwhile sf0 is the network that has this public DHCP interface
and I have other interfaces available (including one that OpenBSD
didn't support--Thanks FreeBSD!) for if I ever need to plug the
community I live in and share my T1 with back into *my* local
router again.

Now, in response to your suggestions, I am trying getting rid of
the 192.168.17.x DHCP range in the configuration.  This is not
currently in use (and I think I actually meant to have that on a
different interface anyway).  I have also copied the declarations
you suggested into the subnet setup; this got the correct
DNS resolver information onto the client.

But I'm still not able to ping (in either direction) and DNS
resolution doesn't work on the client.

Thanks!
-- 
David Benfell, LCP
[EMAIL PROTECTED]
---
Resume available at http://www.parts-unknown.org/
NOTE: I sign all messages with GnuPG (0DD1D1E3).
sf0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 192.168.17.1 netmask 0xffffff00 broadcast 192.168.17.255
        inet 192.168.20.1 netmask 0xffffffff broadcast 192.168.20.1
        inet 192.168.17.242 netmask 0xffffffff broadcast 192.168.17.242
        inet 192.168.17.249 netmask 0xffffffff broadcast 192.168.17.249
        ether 00:00:d1:f0:24:2d
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
sf1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 192.168.102.2 netmask 0xffffff00 broadcast 192.168.102.255
        ether 00:00:d1:f0:24:2e
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
sf2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
        ether 00:00:d1:f0:24:2f
        media: Ethernet autoselect (none)
        status: no carrier
sf3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 192.168.19.1 netmask 0xffffff00 broadcast 192.168.19.255
        inet 192.168.19.30 netmask 0xffffffff broadcast 192.168.19.30
        inet 192.168.19.31 netmask 0xffffffff broadcast 192.168.19.31
        inet 192.168.19.32 netmask 0xffffffff broadcast 192.168.19.32
        inet 192.168.19.60 netmask 0xffffffff broadcast 192.168.19.60
        inet 192.168.19.61 netmask 0xffffffff broadcast 192.168.19.61
        inet 192.168.19.62 netmask 0xffffffff broadcast 192.168.19.62
        inet 192.168.19.242 netmask 0xffffffff broadcast 192.168.19.242
        ether 00:00:d1:f0:24:30
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=8<VLAN_MTU>
        inet 192.168.18.1 netmask 0xffffff00 broadcast 192.168.18.255
        inet 192.168.18.30 netmask 0xffffffff broadcast 192.168.18.30
        inet 192.168.18.31 netmask 0xffffffff broadcast 192.168.18.31
        inet 192.168.18.32 netmask 0xffffffff broadcast 192.168.18.32
        ether 00:a0:cc:65:ba:d0
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=8<VLAN_MTU>
        inet 66.93.170.242 netmask 0xfffffff0 broadcast 66.93.170.255
        inet 66.93.170.244 netmask 0xffffffff broadcast 66.93.170.244
        inet 66.93.170.245 netmask 0xffffffff broadcast 66.93.170.245
        inet 66.93.170.246 netmask 0xffffffff broadcast 66.93.170.246
        inet 66.93.170.247 netmask 0xffffffff broadcast 66.93.170.247
        inet 66.93.170.248 netmask 0xffffffff broadcast 66.93.170.248
        inet 66.93.170.249 netmask 0xffffffff broadcast 66.93.170.249
        inet 66.93.170.250 netmask 0xffffffff broadcast 66.93.170.250
        inet 66.93.170.251 netmask 0xffffffff broadcast 66.93.170.251
        inet 66.93.170.252 netmask 0xffffffff broadcast 66.93.170.252
        ether 00:60:97:58:f4:49
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
vr0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
        ether 00:40:63:c3:80:0e
        media: Ethernet autoselect (none)
        status: no carrier
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8 
        inet6 ::1 prefixlen 128 
        inet 127.0.0.1 netmask 0xff000000 
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33208
#       $OpenBSD: dhcpd.conf,v 1.1 1998/08/19 04:25:45 form Exp $
#
# DHCP server options.
# See dhcpd.conf(5) and dhcpd(8) for more information.
#

# Network:              192.168.20.0/255.255.255.0
# Domain name:          cybernude.org
# Name servers:         192.168.19.4
# Default router:       192.168.17.1
# Addresses:            192.168.20.2 - 192.168.20.254
#
shared-network LOCAL-NET {
        option  domain-name "cybernude.org";
        option  domain-name-servers 192.168.18.31, 192.168.19.130, 64.81.79.2, 
216.231.41.2;

        #subnet 192.168.17.0 netmask 255.255.255.0 {
                #option routers 192.168.17.1;
        #}
        subnet 192.168.20.0 netmask 255.255.255.0 {
                option  domain-name "cybernude.org";
                option  domain-name-servers 192.168.18.31, 192.168.19.130, 
64.81.79.2, 216.231.41.2;
                option routers 192.168.20.1;
                range 192.168.20.2 192.168.20.254;
        }
}

#domain cybernude.org
#nameserver 192.168.19.130
#nameserver 192.168.18.31
#nameserver 64.81.79.2
#nameserver 216.231.41.2

#shared-network LUPIN {
        #option  domain-name "cybernude.org";
        #option  domain-name-servers 192.168.18.31;

        #subnet 192.168.100.0 netmask 255.255.255.0 {
                #option routers 192.168.100.1;
                #range 192.168.100.100 192.168.100.200;
        #}
#}
ddns-update-style ad-hoc;

Attachment: pgpcEH2acvjZL.pgp
Description: PGP signature

Reply via email to