Routed(8) resurrecting deleted aliases
I've got a gateway machine running routed. If I use ifconfig to temporarily add a /32 alias to an interface to give it an alternate identity on that interface's network, and then delete the alias, it reappears in the routing table shortly after. Use route delete to clear it and it reappears again. Automate the process and it reappears every 30 seconds, corresponding to routed's cycle time. The only way to permanently clear it is to restart routed. This is at 9.1-RELEASE-p3 on amd64. I can't find any PR that matches this behaviour or anything via Google except for one comment on the forums that's less than helpful(*). Anybody know anything about this, or should I file a PR? (*) The comment consists of That's because you are running routed with no explanation or suggestions. -- In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a new race of servants. Called Uruk-Oh-Hai in the Black Speech, they were cruel and delighted in torturing spelling and grammar. _Lord of the Rings 2.0, the Web Edition_ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Bug in routed?
I'm posting this in questions because 1) I'm not sure if it's really a defect, and 2) I'm not sure what other list might be more appropriate. I've been experimenting with modifications to the i386 platform in STABLE-8 to support 64-bit time_t values. After changing sys/i386/include/_types.h so that __time_t is defined as __int64_t, I received a warning when compiling sbin/routed/if.c that complained about passing a time_t for %ld. The following patch illustrates the change I made to fix this: --- orig/if.c 2011-03-05 14:25:47.0 -0800 +++ new/if.c2011-03-05 14:26:01.0 -0800 @@ -950,8 +950,8 @@ trace_act(interface %s has been off %ld seconds; forget it, ifp-int_name, - (long)now.tv_sec- - ifp-int_data.ts); + (long)(now.tv_sec- + ifp-int_data.ts)); ifdel(ifp); } continue; I'm guessing the original intent here was for the result of the subtraction to be passed as a long to trace_act(), but in actuality it's passed as a time_t. The original code compiles just fine if time_t and long are the same size. Additional note, this particular code fragment does not seem to exist in -current, so the issue appears limited to -stable. - Milo Hyson Chief Scientist CyberLife Labs, Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
routed corrupting arp table with multiple ip aliases ?
Hi all, I stumbled on this while trying to track down an mbuf leak on a new server. It seems that routed corrupts the arp table on FreeBSD 6.2 when there are more than one ip alias on an interface. The behaviour differs depending on whether routed is enable in rc.d or manually started after boot. How to repeat: configure multiple aliases on an interface if routed is not enabled in rc.d ping all aliases arp -a shows that each alias has the nics mac eg lnat.ips.gov.au (192.168.1.100) at 00:30:1b:ba:bb:01 on bge0 [permanent] knat.ips.gov.au (192.168.1.101) at 00:30:1b:ba:bb:01 on bge0 [permanent] run routed and wait a few seconds run arp -a again, the mac address for all aliases (except the last) will have changed to a 0 or 128 hex numbers seperated by :'s eg lnat.ips.gov.au (192.168.1.100) at 0 [permanent] knat.ips.gov.au (192.168.1.101) at 00:30:1b:ba:bb:01 on bge0 [permanent] All aliases are still pingable A netstat -r shows something like the following for the aliases 192.168.1.100 192.168.1.100 UHLW1 30 lo0 = 192.168.1.100/32 link#1 UC 0 0 bge0 192.168.1.101 00:30:1b:ba:bb:01 UHLW 1 16 lo0 = 192.168.1.101/32 link#1 UC 0 0 bge0 If routed is enabled in rc.d and the system rebooted only the last alias shows with arp -a . A netstat -r shows something like the following for the aliases 192.168.1.100 192.168.1.100 UH 1 30 bge0 = 192.168.1.100/32 link#1 UC 0 0 bge0 192.168.1.101 00:30:1b:ba:bb:01 UHLW 1 16 lo0 = 192.168.1.101/32 link#1 UC 0 0 bge0 Only the primary ip and the last alias are pingable. I have tried this on several machines running 6.2- stable with similar results. Can anyone confirm this behaviour. Cheers Colin -- -- Colin Yuile ([EMAIL PROTECTED]) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Routed and netmask...
On Saturday 03 February 2007 22:08, Thiago Esteves de Oliveira wrote: Hi, I'm using FreeBSD 6.2 Stable with routed to connect networks(gateway) THE INTERNET | | | eee.eee.eee.0/26 | | | eee.eee.eee.11/26 ROUTER iii.iii.iii.1 | | | iii.iii.iii.0/24 | My Network The problem... The system is routing, but only to iii.iii.iii.0/26 . Look... my rc.conf ifconfig_em0=inet iii.iii.iii.1 netmask 255.255.255.0 ifconfig_sk0=inet eee.eee.eee.11 netmask 255.255.255.192 defaultrouter=eee.eee.eee.1 router_enable=YES router_flags=-s gateway_enable=YES router=/sbin/routed routed uses by default ripv1, which is clasful. That means that your net/26 surely won't work. I doubt your other_net/24 is a C class network, (from 192.0.0.0/24 to 223.255.255.0/24). Use explicitly ripv2(-P ripv2) and see what's going on. You can use rtquery to query routed. Check the neighbour routeds as well. Be sure to check the in-kernel routing table using netstat -r. Hope this helps, Nikos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Routed and netmask...
Hi, I'm using FreeBSD 6.2 Stable with routed to connect networks(gateway) THE INTERNET | | | eee.eee.eee.0/26 | | | eee.eee.eee.11/26 ROUTER iii.iii.iii.1 | | | iii.iii.iii.0/24 | My Network The problem... The system is routing, but only to iii.iii.iii.0/26 . Look... my rc.conf ifconfig_em0=inet iii.iii.iii.1 netmask 255.255.255.0 ifconfig_sk0=inet eee.eee.eee.11 netmask 255.255.255.192 defaultrouter=eee.eee.eee.1 router_enable=YES router_flags=-s gateway_enable=YES router=/sbin/routed ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Routed and netmask...
If eee.eee.eee.0/26 is a separate network (wich i guess it is) there needs to be a routing device there too. How can a packet find its way to the internet? The router sees only eee.eee.eee.o network on its port (not mentioning the iii.iii.iii.0 network from wich the packet travels) It is also possible that im missing something. Your network visualization is kinda weird... The top interface address is wrong. It cant be eee.eee.eee.11 with /26 mask. The lowest address with this mask is 193. What actually is this eee network? How did you connect your eee network to the internet? For me it makes little sense... Sorry if im wrong. Please explain more! Cheers, greg Hi, I'm using FreeBSD 6.2 Stable with routed to connect networks(gateway) THE INTERNET | | | eee.eee.eee.0/26 | | | eee.eee.eee.11/26 ROUTER iii.iii.iii.1 | | | iii.iii.iii.0/24 | My Network The problem... The system is routing, but only to iii.iii.iii.0/26 . Look... my rc.conf ifconfig_em0=inet iii.iii.iii.1 netmask 255.255.255.0 ifconfig_sk0=inet eee.eee.eee.11 netmask 255.255.255.192 defaultrouter=eee.eee.eee.1 router_enable=YES router_flags=-s gateway_enable=YES router=/sbin/routed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Routed and netmask...
The top interface address is wrong. It cant be eee.eee.eee.11 with /26 mask. The lowest address with this mask is 193. Ops... I'm wrong here ofcourse... The address is correct ;] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
outlook express be routed through sendmail
Hi, I want to to implement mails sent from my network from outlook express be routed through sendmail to their destined address. Come pointers please! Thanks in advance. __ Yahoo! India Answers: Share what you know. Learn something new. http://in.answers.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: outlook express be routed through sendmail
dharam paul wrote: Hi, I want to to implement mails sent from my network from outlook express be routed through sendmail to their destined address. Come pointers please! Thanks in advance. Well, how are they being routed at the present time? Sendmail is an SMTP server (MTA-Mail Transport Agent). Outlook Express is a personal email client (MUA-Mail User Agent). By setting the Outlook Express parameters to point to the Sendmail server as the SMTP server (IIRC, OE says outgoing server or something similar), you *would* be routing through Sendmail. Or have I somehow misunderstood your question? HTH, Kevin Kinsey -- New Year's Eve is the time of year when a man most feels his age, and his wife most often reminds him to act it. -- Webster's Unafraid Dictionary ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
routed vpn between two freebsd machines
Hello, My apologies if this is a repost i didn't see it go through. I'm trying to set up a routed vpn between two freebsd 5.4 machines. Currently they're on the same physical subnet, 192.168.0.x to make testing easier and for vpn they're using 10.8.0.x. My first problem, although both server and client start, i can only ping the client's ip address 10.8.0.6, not the server's of 10.8.0.5, and an IP of 10.8.0.1 is also showing up. Eventually i'd like to add windows boxes accessing the vpn via samba and remote clients from beyound the firewall, but i'd like to know if my basic configuration looks good. Any help appreciated. Thanks. Dave. client: openvpn.conf: client dev tun proto udp remote 192.168.0.3 1194 resolv-retry infinite nobind user nobody group nobody persist-key persist-tun mute-replay-warnings ca keys/ca.crt cert keys/client1.crt key keys/client1.key ns-cert-type server tls-auth keys/ta.key 1 comp-lzo status openvpn-status.log log openvpn.log verb 3 mute 20 server: openvpn.conf: local 192.168.0.3 port 1194 proto udp dev tun ca keys/ca.crt cert keys/vpn.crt dh keys/dh2048.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push route 192.168.2.0 255.255.255.0 client-to-client keepalive 10 120 comp-lzo max-clients 100 user nobody group nobody persist-key persist-tun status openvpn-status.log log openvpn.log verb 3 mute 20 server: OpenVPN CLIENT LIST Updated,Fri Sep 16 11:09:42 2005 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since client1,192.168.0.4:53537,75321,75571,Fri Sep 16 08:18:50 2005 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref 10.8.0.6,client1,192.168.0.4:53537,Fri Sep 16 10:34:37 2005 GLOBAL STATS Max bcast/mcast queue length,0 END server: Fri Sep 16 00:10:50 2005 OpenVPN 2.0.2 i386-portbld-freebsd5.4 [SSL] [LZO] built on Aug 30 2005 Fri Sep 16 00:10:50 2005 Diffie-Hellman initialized with 2048 bit key Fri Sep 16 00:10:50 2005 Control Channel Authentication: using 'keys/ta.key' as a OpenVPN static key file Fri Sep 16 00:10:50 2005 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Sep 16 00:10:50 2005 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Sep 16 00:10:50 2005 TLS-Auth MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ] Fri Sep 16 00:10:50 2005 gw 192.168.0.254 Fri Sep 16 00:10:50 2005 TUN/TAP device /dev/tun0 opened Fri Sep 16 00:10:50 2005 /sbin/ifconfig tun0 10.8.0.1 10.8.0.2 mtu 1500 netmask 255.255.255.255 up Fri Sep 16 00:10:50 2005 /sbin/route add -net 10.8.0.0 10.8.0.2 255.255.255.0 add net 10.8.0.0: gateway 10.8.0.2 Fri Sep 16 00:10:50 2005 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Fri Sep 16 00:10:50 2005 GID set to nobody Fri Sep 16 00:10:50 2005 UID set to nobody Fri Sep 16 00:10:50 2005 UDPv4 link local (bound): 192.168.0.3:1194 Fri Sep 16 00:10:50 2005 UDPv4 link remote: [undef] Fri Sep 16 00:10:50 2005 MULTI: multi_init called, r=256 v=256 Fri Sep 16 00:10:50 2005 IFCONFIG POOL: base=10.8.0.4 size=62 Fri Sep 16 00:10:50 2005 IFCONFIG POOL LIST Fri Sep 16 00:10:50 2005 Initialization Sequence Completed Fri Sep 16 08:18:50 2005 MULTI: multi_create_instance called Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Re-using SSL/TLS context Fri Sep 16 08:18:50 2005 192.168.0.4:53537 LZO compression initialized Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ] Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Local Options hash (VER=V4): '14168603' Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Expected Remote Options hash (VER=V4): '504e774e' Fri Sep 16 08:18:50 2005 192.168.0.4:53537 TLS: Initial packet from 192.168.0.4:53537, sid=c06f4d68 1e59a37e Fri Sep 16 08:18:51 2005 192.168.0.4:53537 VERIFY OK: depth=1, /C=US/ST=OH/L=ENGLEWOOD/O=davemehler.com_OpenVPN/CN=OpenVPN-CA/emailAddress= [EMAIL PROTECTED] Fri Sep 16 08:18:51 2005 192.168.0.4:53537 VERIFY OK: depth=0, /C=US/ST=OH/O=davemehler.com_OpenVPN/CN=client1/[EMAIL PROTECTED] ehler.com Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA Fri Sep 16 08:18:51 2005 192.168.0.4:53537 [client1] Peer Connection Initiated with 192.168.0.4:53537 Fri Sep 16 08:18:51 2005 client1/192.168.0.4:53537 MULTI: Learn: 10.8.0.6 - client1/192.168.0.4:53537
Re: routed vpn between two freebsd machines
10.8.0.1 is your servers IP! According to the manpage the parameter server 10.8.0.0 255.255.255.0 sets therouter to 10.8.0.1. Why do you push a route to 192.168.2.0/24 ??? Do you have such a subnet? Greetz, Ice dave schrieb: Hello, My apologies if this is a repost i didn't see it go through. I'm trying to set up a routed vpn between two freebsd 5.4 machines. Currently they're on the same physical subnet, 192.168.0.x to make testing easier and for vpn they're using 10.8.0.x. My first problem, although both server and client start, i can only ping the client's ip address 10.8.0.6, not the server's of 10.8.0.5, and an IP of 10.8.0.1 is also showing up. Eventually i'd like to add windows boxes accessing the vpn via samba and remote clients from beyound the firewall, but i'd like to know if my basic configuration looks good. Any help appreciated. Thanks. Dave. client: openvpn.conf: client dev tun proto udp remote 192.168.0.3 1194 resolv-retry infinite nobind user nobody group nobody persist-key persist-tun mute-replay-warnings ca keys/ca.crt cert keys/client1.crt key keys/client1.key ns-cert-type server tls-auth keys/ta.key 1 comp-lzo status openvpn-status.log log openvpn.log verb 3 mute 20 server: openvpn.conf: local 192.168.0.3 port 1194 proto udp dev tun ca keys/ca.crt cert keys/vpn.crt dh keys/dh2048.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push route 192.168.2.0 255.255.255.0 client-to-client keepalive 10 120 comp-lzo max-clients 100 user nobody group nobody persist-key persist-tun status openvpn-status.log log openvpn.log verb 3 mute 20 server: OpenVPN CLIENT LIST Updated,Fri Sep 16 11:09:42 2005 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since client1,192.168.0.4:53537,75321,75571,Fri Sep 16 08:18:50 2005 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref 10.8.0.6,client1,192.168.0.4:53537,Fri Sep 16 10:34:37 2005 GLOBAL STATS Max bcast/mcast queue length,0 END server: Fri Sep 16 00:10:50 2005 OpenVPN 2.0.2 i386-portbld-freebsd5.4 [SSL] [LZO] built on Aug 30 2005 Fri Sep 16 00:10:50 2005 Diffie-Hellman initialized with 2048 bit key Fri Sep 16 00:10:50 2005 Control Channel Authentication: using 'keys/ta.key' as a OpenVPN static key file Fri Sep 16 00:10:50 2005 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Sep 16 00:10:50 2005 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Sep 16 00:10:50 2005 TLS-Auth MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ] Fri Sep 16 00:10:50 2005 gw 192.168.0.254 Fri Sep 16 00:10:50 2005 TUN/TAP device /dev/tun0 opened Fri Sep 16 00:10:50 2005 /sbin/ifconfig tun0 10.8.0.1 10.8.0.2 mtu 1500 netmask 255.255.255.255 up Fri Sep 16 00:10:50 2005 /sbin/route add -net 10.8.0.0 10.8.0.2 255.255.255.0 add net 10.8.0.0: gateway 10.8.0.2 Fri Sep 16 00:10:50 2005 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Fri Sep 16 00:10:50 2005 GID set to nobody Fri Sep 16 00:10:50 2005 UID set to nobody Fri Sep 16 00:10:50 2005 UDPv4 link local (bound): 192.168.0.3:1194 Fri Sep 16 00:10:50 2005 UDPv4 link remote: [undef] Fri Sep 16 00:10:50 2005 MULTI: multi_init called, r=256 v=256 Fri Sep 16 00:10:50 2005 IFCONFIG POOL: base=10.8.0.4 size=62 Fri Sep 16 00:10:50 2005 IFCONFIG POOL LIST Fri Sep 16 00:10:50 2005 Initialization Sequence Completed Fri Sep 16 08:18:50 2005 MULTI: multi_create_instance called Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Re-using SSL/TLS context Fri Sep 16 08:18:50 2005 192.168.0.4:53537 LZO compression initialized Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ] Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Local Options hash (VER=V4): '14168603' Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Expected Remote Options hash (VER=V4): '504e774e' Fri Sep 16 08:18:50 2005 192.168.0.4:53537 TLS: Initial packet from 192.168.0.4:53537, sid=c06f4d68 1e59a37e Fri Sep 16 08:18:51 2005 192.168.0.4:53537 VERIFY OK: depth=1, /C=US/ST=OH/L=ENGLEWOOD/O=davemehler.com_OpenVPN/CN=OpenVPN-CA/emailAddress= [EMAIL PROTECTED] Fri Sep 16 08:18:51 2005 192.168.0.4:53537 VERIFY OK: depth=0, /C=US/ST=OH/O=davemehler.com_OpenVPN/CN=client1/[EMAIL PROTECTED] ehler.com Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA
Re: routed daemon
Jim Pazarena [EMAIL PROTECTED] writes: Can the routed daemon co-exist with a CISCO router which, by default, also responds to routing requests? The reason I ask, is that I accidentally installed routed, and it was running, and my whole network came to a grinding halt, until I de-activated routed. I had not set up *any* configuration file or anything other than installing the port (by accident). So did this halt my system because I had no configuration file, or because routed cannot co-exist with (in this case) my telco provided CISCO gateway router? Certainly they *can* co-exist, but in your case there is no reason for them to do so. Your routed doesn't know about any routes that the Cisco doesn't. This is also (most likely) where the problem came from; your routed was probably advertising routes that went through the Cisco, causing the Cisco to pick up those routes through the FreeBSD box, causing a routing loop. In ordinary routing situations, split horizon would keep this from happening, but because the default route was configured statically, routed couldn't detect this. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
routed daemon
Can the routed daemon co-exist with a CISCO router which, by default, also responds to routing requests? The reason I ask, is that I accidentally installed routed, and it was running, and my whole network came to a grinding halt, until I de-activated routed. I had not set up *any* configuration file or anything other than installing the port (by accident). So did this halt my system because I had no configuration file, or because routed cannot co-exist with (in this case) my telco provided CISCO gateway router? TIA Jim ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
routed on lo0 device
Hello everyone, I'm trying to get past a sticky routing situation by running routed on all of my machines in my server cluster. I've been instructed by several sources of authority that the best solution for a multi-homed ip address scenario is bind the ip addresses to the loopback device and use routed to advertise their presence. I'm having difficulty getting routed to bind to the loopback device. By default, routed seems to think the loopback device should be in passive mode - which causes routed to completely ignore all ips associated with the device. (Perhaps this is to avoid advertising routes to 127.0.0.1?) In any case, I was just curious as to whether anyone has every dealt with a situation like this before. Is there some sort of trick to getting routed to work with the loopback device? I want the loopback device to be active for routed, not passive. Thanks! Michael Jeung ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
routed(8)
Is it possible to have routed(8) ignore certain ethernet interfaces. For example, on a device with fxp[0-3], I only need routed to interact with fxp[0-1], and to ignore the existence of fxp[2-3]. TIA, rip ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: routed(8)
Try to put two lines in /etc/gateways if=fxp2 passive if=fxp3 passive Cheers Tom Is it possible to have routed(8) ignore certain ethernet interfaces. For example, on a device with fxp[0-3], I only need routed to interact with fxp[0-1], and to ignore the existence of fxp[2-3]. TIA, rip ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
routed gets permission denied at boot
Hi When i boot my firewall i get a permission denied from routed when it tries to sendto the second nic. What could be causing this? Med vänliga hälsningar Stefan Midjich, Swebase AB Tel: 042-20 15 00 Fax: 042-20 15 03 E-post: [EMAIL PROTECTED] Webb: http://swebase.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: routed
On Mon, 15 Dec 2003 16:33:20 -0800 (PST) Valerian Galeru [EMAIL PROTECTED] wrote: I want to understand about these routing tables I run route flush (to remove all routes, gateways...). Yes, all the routes are deleted(i try a web browser and i get an error), but when i run netstat -r, i dont see that. When i want to get again the routing table, i run routed (probably this is what i need for regetting the routing table) and when i try a web page on the web browser, it shows me the same eror as in the case of the deleted routing table. Probably i did something wrong... Dou you have a default geteway in your rc.conf ? Thank you very much or support Contrar to popular belive routed(8) is not necesary when running a standalone computer or event a simple gateway. I've spent half a day arging with a fren on that, just to dicover to our both amusament the cables where plugged each in the other nic ;) Try disable the routed_enable line in /etc/rc.conf or change it to NO, reboot and you should have netwotk connnection, provided that you have a defaultrouter=xxx.xxx.xxx.xxx in the above file. Routed(8) use RIP - Route Information Protocol, an interior gateway protocol, which is suitable to use on small networks, which it uses to get routing table from neghbour routers in order to build up a routing table. When you flush the routes you delete the defaul route seted in rc.conf so your system does not know where to send packets for network other that those directly connected. Example: Normal operation, without routed (I don't paste ipv6): it/home/itetcu# netstat -rn Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire default192.168.0.1UGSc50rl0 127.0.0.1 127.0.0.1 UH 04lo0 192.168.0 link#1 UC 10rl0 192.168.0.100:e0:4c:55:c3:13 UHLW6 56rl0 it/home/itetcu# route flush it/home/itetcu# netstat -rn Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire 127.0.0.1 127.0.0.1 UH 04lo0 192.168.0 link#1 UC 10rl0 192.168.0.100:e0:4c:55:c3:13 UHLW0 190rl0 1030 The deaflault route has gonw away, the directly connected networks are still present. it/home/itetcu# ping www.freebsd.org PING www.freebsd.org (216.136.204.117): 56 data bytes ping: sendto: No route to host ping: sendto: No route to host ^C Note that www.freebsd.org resolves on 216.136.204.177 becouse I have a name server on 192.168.0.1 which is on a directly connected network: it/home/itetcu# route get 192.168.0.1 route to: 192.168.0.1 destination: 192.168.0.1 interface: rl0 flags: UP,HOST,DONE,LLINFO,WASCLONED recvpipe sendpipe ssthresh rtt,msecrttvar hopcount mtu expire 0 0 0 0 0 0 1500 820 Now if I add back the default route with: it/home/itetcu# route add default 192.168.0.1 0.0.0.0 add net default: gateway 192.168.0.1 it/home/itetcu# netstat -rn Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire default192.168.0.1UGSc00rl0 127.0.0.1 127.0.0.1 UH 04lo0 192.168.0 link#1 UC 10rl0 192.168.0.100:e0:4c:55:c3:13 UHLW1 222rl0935 I get my freebsd connection back: it/home/itetcu# ping www.freebsd.org PING www.freebsd.org (216.136.204.117): 56 data bytes 64 bytes from 216.136.204.117: icmp_seq=0 ttl=50 time=242.811 ms ^C All this time: it/home/itetcu# ps axw | grep routed returns nada. Reference, besides the man pages: http://www.onlamp.com/pub/a/bsd/2000/08/23/FreeBSD_Basics.html and the rest networking articles from there. -- IOnut Unregistered ;) FreeBSD user ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
routed 'forgets' it's path (or something)
I have run into a strange problem: Suddenly has my nic no routingtables so name lookups etc doesn't work. The only solution is to SU and kill routed and then start it again. Everything will then work for an hour or so and then I'm back on step one again. I have laborated with cvsup etc the last day, so it's probably something that's been changed, but I'm to novice to understan what. I am running 5.0p7 now. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Solved! Was: Re: routed 'forgets' it's path (or something)
Odd, but the soo simple solution which however I can't explain was to do a: route add default 192.168.0.1 (192.168.0.1 is my gateway) If someone can explain how the system could work for a while after the route daemon was started and then suddenly forget all routing tables it would be great, however it works for me know so I'm pleased again! ;) On Sat, 2003-06-28 at 00:04, freeBSD wrote: I have run into a strange problem: Suddenly has my nic no routingtables so name lookups etc doesn't work. The only solution is to SU and kill routed and then start it again. Everything will then work for an hour or so and then I'm back on step one again. I have laborated with cvsup etc the last day, so it's probably something that's been changed, but I'm to novice to understan what. I am running 5.0p7 now. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
routed: duplicate /etc/gateways entry
Hi I have the following situation /etc/gateways: net subnet-buzet/24 gateway 192.168.1.1 metric 3 passive net subnet-rovinj/24 gateway 192.168.1.1 metric 3 passive net subnet-porec/24 gateway 192.168.1.1 metric 3 passive net subnet-umag/24 gateway 192.168.1.1 metric 3 passive net subnet-pazin/24 gateway 192.168.1.1 metric 3 passive net subnet-labin/24 gateway 192.168.1.1 metric 3 passive box# routed box# routed: duplicate /etc/gateways entry net subnet-rovinj/24 gateway pix metric 3 passive routed: duplicate /etc/gateways entry net subnet-porec/24 gateway pix metric 3 passive routed: duplicate /etc/gateways entry net subnet-umag/24 gateway pix metric 3 passive routed: duplicate /etc/gateways entry net subnet-pazin/24 gateway pix metric 3 passive routed: duplicate /etc/gateways entry net subnet-labin/24 gateway pix metric 3 passive Can someone explain me please what I'm doing wrong I'm searching two days for some good example but can't find nothing, please help me. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Routed
Hello, I would like to what are the advantiges and disadvantiges of using the routed daemon. Should I small web and mail server run this daemon? Thanks.. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
routed, dynamic update
Hi, how can I prevent automatic updating of routing tables where one of the flags has D (Dynamic). I tried to put routed: ALL: deny in /etc/hosts.allow, but somehow I still got entries in routing table. Thank you! To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
routed daemon
Hi, I have a production PC (4.5-stable) -- - |172.16.1.3|---|172.16.4.10|---|172.16.4.11| - (Internet) -- - 4.5 STABLECisco RouterPIX Firewall -- (Internet) |172.19.4.10|---|172.19.1.x|(Clients) -- Cisco Router Everything is fine, but from time to time when I type # netstat -r I have 172.19gateway 172.16.4.10 172.19.1.10 gateway 172.16.4.11 --- This should not be here (dynamic flag) I don't have routed daemon running. Who is updating my routing table? Thanks! To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message