Hi all,
I've come across the same problem with 2 distinct networks, each with an
OpenBSD server behind a Cisco 1800 series device. ASCII diagrams follow:
Network 1 | Network 2
|
Internet | LAN 1
| | |
C 1800 router | Firewall
| | |
Cisco switch | --------/ Internet /---- C 1800 router
| | |
OpenBSD 3.8 | OpenBSD 3.8
| | |
LAN | LAN 2
The problem is that network connectivity is gradually lost, traffic
grinds to a halt in about 3 minutes and the only thing I found to fix it
was rebooting. Network 2 also has a VPN tunnel between LAN 1 & 2 which
is problematic, but I'm focusing on the basic issue here.
I had the option of removing the Cisco 1800 from Network 1, this seems
to solve the problem, but it's not possible for Network 2.
Network 2 has a Symantec Enterprise Firewall box that I want to replace
with OpenBSD, that box works OK.
Unfortunately, the company that Network 2 belongs to makes it very
difficult for me to go in there and tinker with stuff, so all I have for
now is just some preliminary ping stats: the really weird thing is that
W2K machines in LAN 2 can ping LAN 1 Firewall's public IP fine, while
the OpenBSD box has 15-20% packet loss. I may have some time to do
tcpdumps next week, I perfectly understand this info is less than
enough, I post now because someone might suggest other stuff to do that
helps.
Neither of the OBSD machines are running any routing service, just your
basic pf, NAT-ting and mail service stuff.
I know this is [email protected], so the question is: how can I make
OpenBSD talk to these fine routers without them choking?
thx
