Re: Problems with routing
On Thu, 15 Feb 2007 01:08:28 +, Jamie Penman-Smithson wrote: >On 15/02/07, Stuart Henderson <[EMAIL PROTECTED]> wrote: >> > I'm attempting to setup openbsd 4.0 as a router, the system has two >> > interfaces, rl0 and rl1. It looks something like this (apologies if >> > this looks really odd): >> > >> > router [x.x.58.129] --- router2: rl0 [x.x.58.130] >> >router2: rl1 [x.x.58.140] --- >> >> Not so much odd as lacking information. Post ifconfig output instead. >> Presumably the OpenBSD box is 'router2', though you don't actually say. > >Yes, router2 is the OpenBSD box. > That ain't gonna work. Your configuration of the two nics on router2 is wrong. My guess is that you have a routed subnet supplied by your ISP and that you have taken the first usable one (xx.xx.58.129) and used it on the LAN i/f of your (ADSL?) modem. Router 2 now gets .130 on its rl0 and that's fine but you have applied .140 to rl1 and both interfaces are in the same network: xx.xx.58.128/28. You cannot do that and expect routing to work in r2. 2 ways (maybe more possible but I don't have all day 8-) ) to get around it. 1> alias ALL of your IPs except .129 onto rl0 and then use RFC1918 addrs on rl1 and its attached hosts. You can then rdr or binat them to the correct addresses on rl0. 2> You can use a pair of RFC1918 IPs on the modem and rl0, static route the /28 to rl0, configure rl1 to use .129 and hang all (up to 13) hosts on a LAN there. Case 2 requires tricky NATting and pf rules but I have done it several times and it just works but your original post makes me think you'd need a few more clues first. So go with #1 for an easier life. Any replies/questions on list please. Offlist replies >/dev/null Rod/ >From the land "down under": Australia. Do we look from up over?
Re: Problems with routing
On 15/02/07, Stuart Henderson <[EMAIL PROTECTED]> wrote: > I'm attempting to setup openbsd 4.0 as a router, the system has two > interfaces, rl0 and rl1. It looks something like this (apologies if > this looks really odd): > > router [x.x.58.129] --- router2: rl0 [x.x.58.130] >router2: rl1 [x.x.58.140] --- Not so much odd as lacking information. Post ifconfig output instead. Presumably the OpenBSD box is 'router2', though you don't actually say. Yes, router2 is the OpenBSD box. rl0: flags=8843 mtu 1500 lladdr 00:50:fc:a0:c9:ae groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet 82.133.58.130 netmask 0xfff0 broadcast 82.133.58.143 inet6 fe80::250:fcff:fea0:c9ae%rl0 prefixlen 64 scopeid 0x2 rl1: flags=8843 mtu 1500 lladdr 00:50:fc:a0:c9:b0 media: Ethernet autoselect (100baseTX full-duplex) status: active inet 82.133.58.140 netmask 0xfff0 broadcast 82.133.58.143 inet6 fe80::250:fcff:fea0:c9b0%rl1 prefixlen 64 scopeid 0x3 If I had to guess, I'd say you're probably trying to overlap networks and not doing it right, but you won't get good answers if you make people guess. Which box are you talking about anyway? (I'd guess router2, but you don't actually say). router2 Thanks, -- -Jamie L. Penman-Smithson <[EMAIL PROTECTED]>
Re: Problems with routing
> I'm attempting to setup openbsd 4.0 as a router, the system has two > interfaces, rl0 and rl1. It looks something like this (apologies if > this looks really odd): > > router [x.x.58.129] --- router2: rl0 [x.x.58.130] >router2: rl1 [x.x.58.140] --- Not so much odd as lacking information. Post ifconfig output instead. Presumably the OpenBSD box is 'router2', though you don't actually say. If I had to guess, I'd say you're probably trying to overlap networks and not doing it right, but you won't get good answers if you make people guess. Which box are you talking about anyway? (I'd guess router2, but you don't actually say). > DMZ subnet x.x.58/28 I don't see any x.x.58.0 networks in your diagram, is that what you actually meant to write? > route add -net x.x.58.128 -netmask 255.255.255.240 -iface x.x.58.140 > route add -host x.x.58.129 -iface x.x.58.130 Directly connected networks already appear in the routing table, you don't add static routes for them. > Under Linux I just had: ... irrelevant, this is not Linux.
Re: Problems with routing
On 14/02/07, Martin Schrvder <[EMAIL PROTECTED]> wrote: 2007/2/14, Jamie Penman-Smithson <[EMAIL PROTECTED]>: > I read afterboot(8) but I didn't see anything related to the issue > that I'm experiencing. If you wish to route packets between interfaces, add one or both of the following directives (depending on whether IPv4 or IPv6 routing is re- quired) to /etc/sysctl.conf: net.inet.ip.forwarding=1 net.inet6.ip6.forwarding=1 I already did this, to no effect. -- -Jamie L. Penman-Smithson <[EMAIL PROTECTED]>
Re: Problems with routing
2007/2/14, Jamie Penman-Smithson <[EMAIL PROTECTED]>: I read afterboot(8) but I didn't see anything related to the issue that I'm experiencing. -- If you wish to route packets between interfaces, add one or both of the following directives (depending on whether IPv4 or IPv6 routing is re- quired) to /etc/sysctl.conf: net.inet.ip.forwarding=1 net.inet6.ip6.forwarding=1 Packets are not forwarded by default, due to RFC requirements. -- Time to go back to Linux I suppose.. We won't miss you. Best Martin
Re: Problems with routing
On 13/02/07, Martin Schrvder <[EMAIL PROTECTED]> wrote: 2007/2/14, Jamie Penman-Smithson <[EMAIL PROTECTED]>: > Any hints? afterboot(8) has a section on routing. Best Martin I read afterboot(8) but I didn't see anything related to the issue that I'm experiencing. Time to go back to Linux I suppose.. -- -Jamie L. Penman-Smithson <[EMAIL PROTECTED]>
Re: Problems with routing
2007/2/14, Jamie Penman-Smithson <[EMAIL PROTECTED]>: Any hints? afterboot(8) has a section on routing. Best Martin