Hello,
maybe you could help me in resolving a weired problem. I am so close to
subsitute my linux box with openbsd, but I seem to misunderstand something:
My gateway/firewall has three interfaces:
em0 172.16.3.253
em1 130.60.230.187
fxp0 10.1.1.1
Additionally, three carp devices are set up which bind to one of the
above interfaces each:
carp0 172.16.3.254 (em0) == LAN
carp1 130.60.230.188 (em1) == DMZ
carp3 130.60.5.218 (fxp0) == Internet
I have ip.forward turned on, no pf rules are loaded and my default
gateway is properly configured. My local test client is 172.16.3.99. The
test client's default gateway is 172.16.3.254.
Ping tests:
Firewall -> Gateway = ok
Firewall -> DMZ = ok
Firewall -> Internet = ok
Firewall -> Test Client = ok
Test Client -> Firewall = ok
Test Client -> DMZ = ok
Test Client -> Gateway = _not_ ok
Test Client -> Internet = _not_ ok
So, ipforward does work in general, but not for fxp0 interface ... My
first thought was, the problem is related to having fxp0 and carp3 in
different segements, but reconfiguring fxp0 to have carp3's IP didn't
help either.
This is such a simple thing, but I can't think of anything I could have
missed. Any help is appreciated.
Thanks,
--
Stephan A. Rickauer
----------------------------
Institut f|r Neuroinformatik
Universitdt / ETH Z|rich
Winterthurerstriasse 190
CH-8057 Z|rich
Tel: +41 44 635 30 50
Sek: +41 44 635 30 52
Fax: +41 44 635 30 53
http://www.ini.ethz.ch
----------------------------
