Hi,
I upgraded an OpenBSD server from 3.0 to 3.7-current. I am trying to
switch the pppoe from the user land pppoe to the kernel pppoe. The user
land one works 100% on 3.7, so I know it's not a physical problem.
Outgoing connections with the kernel pppoe are working 100%. HOWEVER,
with the kernel PPPOE, none of the incoming connections are working.
This server has send mail & httpd ( & ssh) configured, and it is not
accepting incoming connections for any of them :-( I can see packets
coming in the interface, (using tcpdump), but nothing happens!
Again, it works 100% with the userland pppoe.
I have reduced my pf.conf down to the most simple possible:
/etc/pf.conf ( for kernel pppoe) :
ext_if="pppoe0"
nat on $ext_if inet -> ($ext_if)
pass all
and it still does not work :-(
Does anyone see anything obvious? Or not so obvious?? need more
information? I have tried to include everything that could possibly be
relevant.
Thanks,
Steve Williams
---------------------------------------------------------------------------------
The userland:
/etc/ppp.conf:
dsl:
set device "!/usr/sbin/pppoe -i em0 -v -v"
set mtu max 1492
set mru max 1492
set cd 5
set speed sync
disable acfcomp protocomp
deny acfcomp
set authname SOME_AUTHNAME
set authkey MY_PASSWORD
enable mssfixup
set timeout 0
add default hisaddr
/etc/rc.local
/usr/sbin/ppp -nat -ddial dsl
---------------------------------------------------------------------------------
userland pppoe:
**** EM0 is the Internet NIC ****
# ifconfig -a
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33224
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:12:3f:ed:0f:8a
description: Internet Connection
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::212:3fff:feed:f8a%em0 prefixlen 64 scopeid 0x1
em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:12:3f:ed:0f:8b
description: Local Oshawa Network
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.11.20 netmask 0xffffff00 broadcast 192.168.11.255
inet6 fe80::212:3fff:feed:f8b%em1 prefixlen 64 scopeid 0x2
em2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:04:23:b9:ef:44
description: Lakeridge Health
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.7.1 netmask 0xffffff00 broadcast 192.168.7.255
inet6 fe80::204:23ff:feb9:ef44%em2 prefixlen 64 scopeid 0x3
em3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:04:23:b9:ef:45
description: SSHA Circuit
media: Ethernet autoselect (10baseT half-duplex)
status: active
inet 10.2.60.28 netmask 0xffffffe0 broadcast 10.2.60.31
inet6 fe80::204:23ff:feb9:ef45%em3 prefixlen 64 scopeid 0x4
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33224
pfsync0: flags=0<> mtu 2020
enc0: flags=0<> mtu 1536
tun0: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1492
inet 70.50.238.137 --> 64.230.199.2 netmask 0xffffffff
---------------------------------------------------------------------------------
USERLAND
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu
Interface
default 64.230.199.2 UGS 0 28801 - tun0
10.2.60.0/27 link#4 UC 1 0 - em3
64.230.199.2 70.50.238.137 UH 1 0 1492 tun0
127/8 127.0.0.1 UGRS 0 0 33224 lo0
127.0.0.1 127.0.0.1 UH 1 123 33224 lo0
142.145.61.130 10.2.60.1 UGHS 0 14 - em3
172.17.20.15 192.168.7.10 UGHS 0 0 - em2
172.17.20.44 192.168.7.10 UGHS 0 0 - em2
192.168.7/24 link#3 UC 1 0 - em2
192.168.11/24 link#2 UC 70 0 - em1
192.168.12/24 192.168.11.2 UGS 0 42 - em1
198.235.130/24 192.168.7.10 UGS 0 17201 - em2
224/4 127.0.0.1 URS 0 0 33224 lo0
---------------------------------------------------------------------------------
The kernel:
/etc/hostname.pppoe0
pppoedev em0
!/sbin/ifconfig em0 mtu 1492 up media autoselect \
description "Internet Connection"
!/usr/sbin/spppcontrol \$if myauthproto=pap \
myauthname=SOME_AUTHNAME myauthkey=MY_PASSWORD
!/sbin/ifconfig \$if inet 0.0.0.0 0.0.0.1 netmask 0xffffffff
!/sbin/route add default 0.0.0.1
up
---------------------------------------------------------------------------------
**** EM0 is the Internet NIC ****
# ifconfig -a
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33224
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1492
address: 00:12:3f:ed:0f:8a
description: Internet Connection
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::212:3fff:feed:f8a%em0 prefixlen 64 scopeid 0x1
em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:12:3f:ed:0f:8b
description: Local Oshawa Network
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.11.20 netmask 0xffffff00 broadcast 192.168.11.255
inet6 fe80::212:3fff:feed:f8b%em1 prefixlen 64 scopeid 0x2
em2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:04:23:b9:ef:44
description: Lakeridge Health
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.7.1 netmask 0xffffff00 broadcast 192.168.7.255
inet6 fe80::204:23ff:feb9:ef44%em2 prefixlen 64 scopeid 0x3
em3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:04:23:b9:ef:45
description: SSHA Circuit
media: Ethernet autoselect (10baseT half-duplex)
status: active
inet 10.2.60.28 netmask 0xffffffe0 broadcast 10.2.60.31
inet6 fe80::204:23ff:feb9:ef45%em3 prefixlen 64 scopeid 0x4
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33224
pfsync0: flags=0<> mtu 2020
enc0: flags=0<> mtu 1536
pppoe0: flags=8851<UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST> mtu 1492
dev: em0 state: session
sid: 0x16c5 PADI retries: 0 PADR retries: 0 time: 11:35:10
inet 70.50.238.137 --> 0.0.0.1 netmask 0xffffffff
inet6 fe80::212:3fff:feed:f8a%pppoe0 -> prefixlen 64 scopeid 0x9
---------------------------------------------------------------------------------
netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu
Interface
default 0.0.0.1 UGS 1 26002 - pppoe0
0.0.0.1 0.0.0.0 UH 1 0 - pppoe0
10.2.60.0/27 link#4 UC 1 0 - em3
127/8 127.0.0.1 UGRS 0 0 33224 lo0
127.0.0.1 127.0.0.1 UH 1 123 33224 lo0
142.145.61.130 10.2.60.1 UGHS 0 14 - em3
172.17.20.15 192.168.7.10 UGHS 0 0 - em2
172.17.20.44 192.168.7.10 UGHS 0 0 - em2
192.168.7/24 link#3 UC 1 0 - em2
192.168.11/24 link#2 UC 75 0 - em1
192.168.12/24 192.168.11.2 UGS 0 42 - em1
198.235.130/24 192.168.7.10 UGS 0 16816 - em2
224/4 127.0.0.1 URS 0 0 33224 lo0
---------------------------------------------------------------------------------
# lsof | grep TCP
sendmail 211 root 4u IPv4 0xd66d1770 0t0 TCP *:smtp
(LISTEN)
sendmail 211 root 5u IPv6 0xd66d1be4 0t0 TCP *:smtp
(LISTEN)
sendmail 211 root 6u IPv4 0xd66d1a68 0t0 TCP
*:submission (LISTEN)
sendmail 211 root 7u IPv6 0xd66d1d60 0t0 TCP
*:submission (LISTEN)
sshd 4190 root 5u IPv4 0xd665578c 0t0 TCP
firewall.oshawaclinic.com:ssh->192.168.11.50:4378 (ESTABLISHED)
httpd 9149 www 16u IPv4 0xd66e25f0 0t0 TCP *:www
(LISTEN)
spamd 10779 _spamd 4u IPv4 0xd66d1478 0t0 TCP *:spamd
(LISTEN)
spamd 10779 _spamd 5u IPv4 0xd66d15f4 0t0 TCP
localhost.oshawaclinic.com:spamd-cfg (LISTEN)
squid 12286 _squid 12u IPv4 0xd66d18ec 0t0 TCP *:3128
(LISTEN)
httpd 14067 www 16u IPv4 0xd66e25f0 0t0 TCP *:www
(LISTEN)
inetd 14361 root 4u IPv4 0xd66e276c 0t0 TCP *:auth
(LISTEN)
inetd 14361 root 5u IPv6 0xd66e28e8 0t0 TCP *:auth
(LISTEN)
inetd 14361 root 8u IPv4 0xd66e2a64 0t0 TCP
*:daytime (LISTEN)
inetd 14361 root 9u IPv6 0xd66e2be0 0t0 TCP
*:daytime (LISTEN)
inetd 14361 root 10u IPv4 0xd66e2d5c 0t0 TCP *:time
(LISTEN)
inetd 14361 root 11u IPv6 0xd66d1004 0t0 TCP *:time
(LISTEN)
httpd 16388 www 16u IPv4 0xd66e25f0 0t0 TCP *:www
(LISTEN)
spamd 17670 _spamd 4u IPv4 0xd66d1478 0t0 TCP *:spamd
(LISTEN)
spamd 17670 _spamd 5u IPv4 0xd66d15f4 0t0 TCP
localhost.oshawaclinic.com:spamd-cfg (LISTEN)
httpd 21289 www 16u IPv4 0xd66e25f0 0t0 TCP *:www
(LISTEN)
spamd 23980 _spamd 4u IPv4 0xd66d1478 0t0 TCP *:spamd
(LISTEN)
spamd 23980 _spamd 5u IPv4 0xd66d15f4 0t0 TCP
localhost.oshawaclinic.com:spamd-cfg (LISTEN)
httpd 29523 www 16u IPv4 0xd66e25f0 0t0 TCP *:www
(LISTEN)
httpd 30143 www 16u IPv4 0xd66e25f0 0t0 TCP *:www
(LISTEN)
sshd 32141 root 4u IPv6 0xd66d1180 0t0 TCP *:ssh
(LISTEN)
sshd 32141 root 5u IPv4 0xd66d12fc 0t0 TCP *:ssh
(LISTEN)
#
---------------------------------------------------------------------------------
From a remote system:
$ telnet mail.oshawaclinic.com smtp
Trying 70.50.238.137...
and on mail.oshawaclinic.com:
# tcpdump -i pppoe0 host 66.18.200.188 and port 25
tcpdump: listening on pppoe0, link-type PPP_ETHER
11:18:47.439262 66.18.200.188.28434 > 70.50.238.137.smtp: S
2633635552:2633635552(0) win 16384 <mss 1460,nop,nop,sackOK,nop,wscale
0,nop,nop,timestamp 1132675826 0> (DF)
11:18:53.436250 66.18.200.188.28434 > 70.50.238.137.smtp: S
2633635552:2633635552(0) win 16384 <mss 1460,nop,nop,sackOK,nop,wscale
0,nop,nop,timestamp 1132675838 0> (DF)
11:19:05.437722 66.18.200.188.28434 > 70.50.238.137.smtp: S
2633635552:2633635552(0) win 16384 <mss 1460,nop,nop,sackOK,nop,wscale
0,nop,nop,timestamp 1132675862 0> (DF)
^C
38 packets received by filter
0 packets dropped by kernel
------------------------------------------------------------
OpenBSD 3.7-stable (GENERIC) #0: Thu Jul 21 07:28:52 EDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) 4 CPU 2.80GHz ("GenuineIntel" 686-class) 2.80 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,PNI,MWAIT,CNXT-ID
real mem = 536195072 (523628K)
avail mem = 482476032 (471168K)
using 4278 buffers containing 26910720 bytes (26280K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 02/16/05, BIOS32 rev. 0 @ 0xffe90
pcibios0 at bios0: rev 2.1 @ 0xf0000/0x10000
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc570/144 (7 entries)
pcibios0: no compatible PCI ICU found: ICU vendor 0x8086 product 0x25a1
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #3 is the last bus
bios0: ROM list: 0xc0000/0x8000 0xc8000/0x1000 0xc9000/0x2600
0xcb800/0x1000 0xec000/0x4000!
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82875P Host" rev 0x02
ppb0 at pci0 dev 3 function 0 "Intel 82875P PCI-CSA" rev 0x02
pci1 at ppb0 bus 1
em0 at pci1 dev 1 function 0 "Intel PRO/1000CT (82547EI)" rev 0x00: irq
3, address: 00:12:3f:ed:0f:8a
ppb1 at pci0 dev 28 function 0 "Intel 6300ESB PCIX" rev 0x02
pci2 at ppb1 bus 2
ami0 at pci2 dev 1 function 0 "Symbios Logic MegaRAID" rev 0x01: irq 11
Dell 520/64b/lhc
ami0: FW 351S, BIOS v1.10, 64MB RAM
ami0: 1 channels, 0 FC loops, 1 logical drives
scsibus0 at ami0: 40 targets
sd0 at scsibus0 targ 0 lun 0: <AMI, Host drive #00, > SCSI2 0/direct fixed
sd0: 69880MB, 8908 cyl, 255 head, 63 sec, 512 bytes/sec, 143114240 sec total
uhci0 at pci0 dev 29 function 0 "Intel 6300ESB USB" rev 0x02: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 "Intel 5300ESB USB" rev 0x02: irq 10
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
"Intel 6300ESB WDT" rev 0x02 at pci0 dev 29 function 4 not configured
"Intel 6300ESB APIC" rev 0x02 at pci0 dev 29 function 5 not configured
ehci0 at pci0 dev 29 function 7 "Intel 6300ESB USB" rev 0x02: irq 7
ehci0: EHCI version 1.0
ehci0: companion controllers, 2 ports each: uhci0 uhci1
usb2 at ehci0: USB revision 2.0
uhub2 at usb2
uhub2: Intel EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
uhub2: single transaction translator
uhub2: 4 ports with 4 removable, self powered
ppb2 at pci0 dev 30 function 0 "Intel 82801BA AGP" rev 0x0a
pci3 at ppb2 bus 3
em1 at pci3 dev 2 function 0 "Intel PRO/1000MT (82541EI)" rev 0x00: irq
10, address: 00:12:3f:ed:0f:8b
em2 at pci3 dev 3 function 0 "Intel PRO/1000MT DP (82546EB)" rev 0x01:
irq 11, address: 00:04:23:b9:ef:44
em3 at pci3 dev 3 function 1 "Intel PRO/1000MT DP (82546EB)" rev 0x01:
irq 10, address: 00:04:23:b9:ef:45
vga1 at pci3 dev 14 function 0 "ATI Rage XL" rev 0x27
wsdisplay0 at vga1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ichpcib0 at pci0 dev 31 function 0 "Intel 6300ESB LPC" rev 0x02
pciide0 at pci0 dev 31 function 2 "Intel 6300ESB SATA" rev 0x02: DMA,
channel 0 configured to compatibility, channel 1 configured to compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0: <HL-DT-ST, CDRW/DVD GCC4244, B101> SCSI0
5/cdrom removable
cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 ignored (disabled)
"Intel 6300ESB SMBus" rev 0x02 at pci0 dev 31 function 3 not configured
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard, using
wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: <PC speaker>
sysbeep0 at pcppi0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask efe5 netmask efed ttymask ffef
pctr: user-level cycle counter enabled
dkcsum: sd0 matched BIOS disk 80
root on sd0a
rootdev=0x400 rrootdev=0xd00 rawdev=0xd02
---------------------------------------------------------------------------------
