Routed(8) resurrecting deleted aliases

[Arthur Chance]

I've got a gateway machine running routed. If I use ifconfig to 
temporarily add a /32 alias to an interface to give it an alternate 
identity on that interface's network, and then delete the alias, it 
reappears in the routing table shortly after. Use route delete to 
clear it and it reappears again. Automate the process and it reappears 
every 30 seconds, corresponding to routed's cycle time. The only way to 
permanently clear it is to restart routed.


This is at 9.1-RELEASE-p3 on amd64.

I can't find any PR that matches this behaviour or anything via Google 
except for one comment on the forums that's less than helpful(*). 
Anybody know anything about this, or should I file a PR?


(*) The comment consists of That's because you are running routed with 
no explanation or suggestions.


--
In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a
new race of servants. Called Uruk-Oh-Hai in the Black Speech, they
were cruel and delighted in torturing spelling and grammar.

_Lord of the Rings 2.0, the Web Edition_
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Bug in routed?

[Milo Hyson]

I'm posting this in questions because 1) I'm not sure if it's really a defect, 
and 2) I'm not sure what other list might be more appropriate.

I've been experimenting with modifications to the i386 platform in STABLE-8 to 
support 64-bit time_t values. After changing sys/i386/include/_types.h so that 
__time_t is defined as __int64_t, I received a warning when compiling 
sbin/routed/if.c that complained about passing a time_t for %ld. The following 
patch illustrates the change I made to fix this:

--- orig/if.c   2011-03-05 14:25:47.0 -0800
+++ new/if.c2011-03-05 14:26:01.0 -0800
@@ -950,8 +950,8 @@
trace_act(interface %s has been off
   %ld seconds; forget it,
  ifp-int_name,
- (long)now.tv_sec-
- ifp-int_data.ts);
+ (long)(now.tv_sec-
+ ifp-int_data.ts));
ifdel(ifp);
}
continue;

I'm guessing the original intent here was for the result of the subtraction to 
be passed as a long to trace_act(), but in actuality it's passed as a time_t. 
The original code compiles just fine if time_t and long are the same size.

Additional note, this particular code fragment does not seem to exist in 
-current, so the issue appears limited to -stable.

- Milo Hyson
Chief Scientist
CyberLife Labs, Inc.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

routed corrupting arp table with multiple ip aliases ?

[Colin Yuile]

Hi all,

I stumbled on this while trying to track down an mbuf leak on a new server.

It seems that routed corrupts the arp table on FreeBSD 6.2 when
there are more than one ip alias on an interface. The behaviour differs
depending on whether routed is enable in rc.d or manually started after
boot. 

How to repeat:
configure multiple aliases on an interface
if routed is not enabled in rc.d
ping all aliases
arp -a shows that each alias has the nics mac
eg
lnat.ips.gov.au (192.168.1.100) at 00:30:1b:ba:bb:01 on bge0 [permanent]
knat.ips.gov.au (192.168.1.101) at 00:30:1b:ba:bb:01 on bge0 [permanent]

run routed and wait a few seconds
run arp -a again, the mac address for all aliases (except the last)
will have changed to a 0 or 128 hex numbers seperated by :'s
eg
lnat.ips.gov.au (192.168.1.100) at 0 [permanent]
knat.ips.gov.au (192.168.1.101) at 00:30:1b:ba:bb:01 on bge0 [permanent]

All aliases are still pingable
A netstat -r shows something like the following for the aliases

192.168.1.100   192.168.1.100   UHLW1   30  lo0 =
192.168.1.100/32 link#1 UC  0   0   bge0
192.168.1.101   00:30:1b:ba:bb:01 UHLW  1   16  lo0 =
192.168.1.101/32 link#1 UC  0   0   bge0

If routed is enabled in rc.d and the system rebooted only the last
alias shows with arp -a . 

A netstat -r shows something like the following for the aliases

192.168.1.100   192.168.1.100   UH  1   30  bge0 =
192.168.1.100/32 link#1 UC  0   0   bge0
192.168.1.101   00:30:1b:ba:bb:01 UHLW  1   16  lo0 =
192.168.1.101/32 link#1 UC  0   0   bge0

Only the primary ip and the last alias are pingable.

I have tried this on several machines running 6.2- stable with similar results.

Can anyone confirm this behaviour.

Cheers
Colin
-- 

--
Colin Yuile ([EMAIL PROTECTED])





___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Routed and netmask...

[Nikos Vassiliadis]

On Saturday 03 February 2007 22:08, Thiago Esteves de Oliveira wrote:
 Hi,
 
 I'm using FreeBSD 6.2 Stable with routed to connect networks(gateway)
 
 
THE INTERNET
  |
  |
 
 |  eee.eee.eee.0/26  |
 
  |
  |
eee.eee.eee.11/26
ROUTER
iii.iii.iii.1
  |
  |
  
  |  iii.iii.iii.0/24 |  My Network
  
 
 
 The problem...
 
 The system is routing, but only to iii.iii.iii.0/26 .
 
 Look... my rc.conf
 
 ifconfig_em0=inet iii.iii.iii.1 netmask 255.255.255.0
 ifconfig_sk0=inet eee.eee.eee.11 netmask 255.255.255.192
 
 defaultrouter=eee.eee.eee.1
 router_enable=YES
 router_flags=-s
 gateway_enable=YES
 router=/sbin/routed
 

routed uses by default ripv1, which is clasful.
That means that your net/26 surely won't work.
I doubt your other_net/24 is a C class network,
(from 192.0.0.0/24 to 223.255.255.0/24).

Use explicitly ripv2(-P ripv2) and see what's
going on. You can use rtquery to query routed.
Check the neighbour routeds as well. Be sure
to check the in-kernel routing table using
netstat -r.

Hope this helps, Nikos
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Routed and netmask...

[Thiago Esteves de Oliveira]

Hi,

I'm using FreeBSD 6.2 Stable with routed to connect networks(gateway)


  THE INTERNET
|
|

|  eee.eee.eee.0/26  |

|
|
  eee.eee.eee.11/26
  ROUTER
  iii.iii.iii.1
|
|

|  iii.iii.iii.0/24 |  My Network



The problem...

The system is routing, but only to iii.iii.iii.0/26 .

Look... my rc.conf

ifconfig_em0=inet iii.iii.iii.1 netmask 255.255.255.0
ifconfig_sk0=inet eee.eee.eee.11 netmask 255.255.255.192

defaultrouter=eee.eee.eee.1
router_enable=YES
router_flags=-s
gateway_enable=YES
router=/sbin/routed


...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

RE: Routed and netmask...

[Grzegorz Pluta]

If eee.eee.eee.0/26 is a separate network (wich i guess it is) there needs
to be a routing device there too. How can a packet find its way to the
internet? The router sees only eee.eee.eee.o network on its port (not
mentioning the iii.iii.iii.0 network from wich the packet travels)

It is also possible that im missing something. Your network visualization is
kinda weird...
The top interface address is wrong. It cant be eee.eee.eee.11 with /26 mask.
The lowest address with this mask is 193.

What actually is this eee network? How did you connect your eee network to
the internet? For me it makes little sense...

Sorry if im wrong. Please explain more!
Cheers,
greg
 Hi,
 
 I'm using FreeBSD 6.2 Stable with routed to connect
 networks(gateway)
 
 
THE INTERNET
  |
  |
 
 |  eee.eee.eee.0/26  |
 
  |
  |
eee.eee.eee.11/26
ROUTER
iii.iii.iii.1
  |
  |
  
  |  iii.iii.iii.0/24 |  My Network
  
 
 
 The problem...
 
 The system is routing, but only to iii.iii.iii.0/26 .
 
 Look... my rc.conf
 
 ifconfig_em0=inet iii.iii.iii.1 netmask 255.255.255.0
 ifconfig_sk0=inet eee.eee.eee.11 netmask 255.255.255.192
 
 defaultrouter=eee.eee.eee.1
 router_enable=YES
 router_flags=-s
 gateway_enable=YES
 router=/sbin/routed


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

RE: Routed and netmask...

[Grzegorz Pluta]

 The top interface address is wrong. It cant be eee.eee.eee.11 with /26 
 mask.
 The lowest address with this mask is 193.

Ops... I'm wrong here ofcourse... The address is correct ;]




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

outlook express be routed through sendmail

[dharam paul]

Hi,
I want to to implement mails sent from my network from
outlook express be routed through sendmail to their
destined address.
Come pointers please!

Thanks in advance.



__ 
Yahoo! India Answers: Share what you know. Learn something new. 
http://in.answers.yahoo.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: outlook express be routed through sendmail

[Kevin Kinsey]

dharam paul wrote:

Hi,
I want to to implement mails sent from my network from
outlook express be routed through sendmail to their
destined address.
Come pointers please!

Thanks in advance.




Well, how are they being routed at the present time?  Sendmail is an 
SMTP server (MTA-Mail Transport Agent).  Outlook Express is a personal 
email client (MUA-Mail User Agent).


By setting the Outlook Express parameters to point to the Sendmail 
server as the SMTP server (IIRC, OE says outgoing server or 
something similar), you *would* be routing through Sendmail.


Or have I somehow misunderstood your question?

HTH,

Kevin Kinsey

--
New Year's Eve is the time of year when a man most feels his
age, and his wife most often reminds him to act it.
-- Webster's Unafraid Dictionary

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

routed vpn between two freebsd machines

[dave]

Hello,
My apologies if this is a repost i didn't see it go through.
I'm trying to set up a routed vpn between two freebsd 5.4 machines.
Currently they're on the same physical subnet, 192.168.0.x to make testing
easier and for vpn they're using 10.8.0.x. My first problem, although both
server and client start, i can only ping the client's ip address 10.8.0.6,
not the server's of 10.8.0.5, and an IP of 10.8.0.1 is also showing up.
Eventually i'd like to add windows boxes accessing the vpn via samba and
remote clients from beyound the firewall, but i'd like to know if my basic
configuration looks good.
Any help appreciated.
Thanks.
Dave.

client:
openvpn.conf:
client
dev tun
proto udp
remote 192.168.0.3 1194
resolv-retry infinite
nobind
user nobody
group nobody
persist-key
persist-tun
mute-replay-warnings
ca keys/ca.crt
cert keys/client1.crt
key keys/client1.key
ns-cert-type server
tls-auth keys/ta.key 1
comp-lzo
status openvpn-status.log
log openvpn.log
verb 3
mute 20

server:
openvpn.conf:
local 192.168.0.3
port 1194
proto udp
dev tun
ca keys/ca.crt
cert keys/vpn.crt
dh keys/dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push route 192.168.2.0 255.255.255.0
client-to-client
keepalive 10 120
comp-lzo
max-clients 100
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
verb 3
mute 20

server:
OpenVPN CLIENT LIST
Updated,Fri Sep 16 11:09:42 2005
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
client1,192.168.0.4:53537,75321,75571,Fri Sep 16 08:18:50 2005
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
10.8.0.6,client1,192.168.0.4:53537,Fri Sep 16 10:34:37 2005
GLOBAL STATS
Max bcast/mcast queue length,0
END

server:
Fri Sep 16 00:10:50 2005 OpenVPN 2.0.2 i386-portbld-freebsd5.4 [SSL] [LZO]
built on Aug 30 2005
Fri Sep 16 00:10:50 2005 Diffie-Hellman initialized with 2048 bit key
Fri Sep 16 00:10:50 2005 Control Channel Authentication: using 'keys/ta.key'
as a OpenVPN static key file
Fri Sep 16 00:10:50 2005 Outgoing Control Channel Authentication: Using 160
bit message hash 'SHA1' for HMAC authentication
Fri Sep 16 00:10:50 2005 Incoming Control Channel Authentication: Using 160
bit message hash 'SHA1' for HMAC authentication
Fri Sep 16 00:10:50 2005 TLS-Auth MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0
EL:0 ]
Fri Sep 16 00:10:50 2005 gw 192.168.0.254
Fri Sep 16 00:10:50 2005 TUN/TAP device /dev/tun0 opened
Fri Sep 16 00:10:50 2005 /sbin/ifconfig tun0 10.8.0.1 10.8.0.2 mtu 1500
netmask 255.255.255.255 up
Fri Sep 16 00:10:50 2005 /sbin/route add -net 10.8.0.0 10.8.0.2
255.255.255.0
add net 10.8.0.0: gateway 10.8.0.2
Fri Sep 16 00:10:50 2005 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135
ET:0 EL:0 AF:3/1 ]
Fri Sep 16 00:10:50 2005 GID set to nobody
Fri Sep 16 00:10:50 2005 UID set to nobody
Fri Sep 16 00:10:50 2005 UDPv4 link local (bound): 192.168.0.3:1194
Fri Sep 16 00:10:50 2005 UDPv4 link remote: [undef]
Fri Sep 16 00:10:50 2005 MULTI: multi_init called, r=256 v=256
Fri Sep 16 00:10:50 2005 IFCONFIG POOL: base=10.8.0.4 size=62
Fri Sep 16 00:10:50 2005 IFCONFIG POOL LIST
Fri Sep 16 00:10:50 2005 Initialization Sequence Completed
Fri Sep 16 08:18:50 2005 MULTI: multi_create_instance called
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Re-using SSL/TLS context
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 LZO compression initialized
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Control Channel MTU parms [
L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Data Channel MTU parms [ L:1542
D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Local Options hash (VER=V4):
'14168603'
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Expected Remote Options hash
(VER=V4): '504e774e'
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 TLS: Initial packet from
192.168.0.4:53537, sid=c06f4d68 1e59a37e
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 VERIFY OK: depth=1,
/C=US/ST=OH/L=ENGLEWOOD/O=davemehler.com_OpenVPN/CN=OpenVPN-CA/emailAddress=
[EMAIL PROTECTED]
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 VERIFY OK: depth=0,
/C=US/ST=OH/O=davemehler.com_OpenVPN/CN=client1/[EMAIL PROTECTED]
ehler.com
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Encrypt: Cipher
'BF-CBC' initialized with 128 bit key
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Encrypt: Using 160
bit message hash 'SHA1' for HMAC authentication
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Decrypt: Cipher
'BF-CBC' initialized with 128 bit key
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Decrypt: Using 160
bit message hash 'SHA1' for HMAC authentication
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Control Channel: TLSv1, cipher
TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 [client1] Peer Connection
Initiated with 192.168.0.4:53537
Fri Sep 16 08:18:51 2005 client1/192.168.0.4:53537 MULTI: Learn: 10.8.0.6 -
client1/192.168.0.4:53537

Re: routed vpn between two freebsd machines

[Frank Mueller - emendis GmbH]

10.8.0.1 is your servers IP!
According to the manpage the parameter
server 10.8.0.0 255.255.255.0
sets therouter to 10.8.0.1.
Why do you push a route to 192.168.2.0/24 ??? Do you have such a subnet?

Greetz,

Ice

dave schrieb:

Hello,
My apologies if this is a repost i didn't see it go through.
I'm trying to set up a routed vpn between two freebsd 5.4 machines.
Currently they're on the same physical subnet, 192.168.0.x to make testing
easier and for vpn they're using 10.8.0.x. My first problem, although both
server and client start, i can only ping the client's ip address 10.8.0.6,
not the server's of 10.8.0.5, and an IP of 10.8.0.1 is also showing up.
Eventually i'd like to add windows boxes accessing the vpn via samba and
remote clients from beyound the firewall, but i'd like to know if my basic
configuration looks good.
Any help appreciated.
Thanks.
Dave.

client:
openvpn.conf:
client
dev tun
proto udp
remote 192.168.0.3 1194
resolv-retry infinite
nobind
user nobody
group nobody
persist-key
persist-tun
mute-replay-warnings
ca keys/ca.crt
cert keys/client1.crt
key keys/client1.key
ns-cert-type server
tls-auth keys/ta.key 1
comp-lzo
status openvpn-status.log
log openvpn.log
verb 3
mute 20

server:
openvpn.conf:
local 192.168.0.3
port 1194
proto udp
dev tun
ca keys/ca.crt
cert keys/vpn.crt
dh keys/dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push route 192.168.2.0 255.255.255.0
client-to-client
keepalive 10 120
comp-lzo
max-clients 100
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
verb 3
mute 20

server:
OpenVPN CLIENT LIST
Updated,Fri Sep 16 11:09:42 2005
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
client1,192.168.0.4:53537,75321,75571,Fri Sep 16 08:18:50 2005
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
10.8.0.6,client1,192.168.0.4:53537,Fri Sep 16 10:34:37 2005
GLOBAL STATS
Max bcast/mcast queue length,0
END

server:
Fri Sep 16 00:10:50 2005 OpenVPN 2.0.2 i386-portbld-freebsd5.4 [SSL] [LZO]
built on Aug 30 2005
Fri Sep 16 00:10:50 2005 Diffie-Hellman initialized with 2048 bit key
Fri Sep 16 00:10:50 2005 Control Channel Authentication: using 'keys/ta.key'
as a OpenVPN static key file
Fri Sep 16 00:10:50 2005 Outgoing Control Channel Authentication: Using 160
bit message hash 'SHA1' for HMAC authentication
Fri Sep 16 00:10:50 2005 Incoming Control Channel Authentication: Using 160
bit message hash 'SHA1' for HMAC authentication
Fri Sep 16 00:10:50 2005 TLS-Auth MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0
EL:0 ]
Fri Sep 16 00:10:50 2005 gw 192.168.0.254
Fri Sep 16 00:10:50 2005 TUN/TAP device /dev/tun0 opened
Fri Sep 16 00:10:50 2005 /sbin/ifconfig tun0 10.8.0.1 10.8.0.2 mtu 1500
netmask 255.255.255.255 up
Fri Sep 16 00:10:50 2005 /sbin/route add -net 10.8.0.0 10.8.0.2
255.255.255.0
add net 10.8.0.0: gateway 10.8.0.2
Fri Sep 16 00:10:50 2005 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135
ET:0 EL:0 AF:3/1 ]
Fri Sep 16 00:10:50 2005 GID set to nobody
Fri Sep 16 00:10:50 2005 UID set to nobody
Fri Sep 16 00:10:50 2005 UDPv4 link local (bound): 192.168.0.3:1194
Fri Sep 16 00:10:50 2005 UDPv4 link remote: [undef]
Fri Sep 16 00:10:50 2005 MULTI: multi_init called, r=256 v=256
Fri Sep 16 00:10:50 2005 IFCONFIG POOL: base=10.8.0.4 size=62
Fri Sep 16 00:10:50 2005 IFCONFIG POOL LIST
Fri Sep 16 00:10:50 2005 Initialization Sequence Completed
Fri Sep 16 08:18:50 2005 MULTI: multi_create_instance called
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Re-using SSL/TLS context
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 LZO compression initialized
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Control Channel MTU parms [
L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Data Channel MTU parms [ L:1542
D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Local Options hash (VER=V4):
'14168603'
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 Expected Remote Options hash
(VER=V4): '504e774e'
Fri Sep 16 08:18:50 2005 192.168.0.4:53537 TLS: Initial packet from
192.168.0.4:53537, sid=c06f4d68 1e59a37e
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 VERIFY OK: depth=1,
/C=US/ST=OH/L=ENGLEWOOD/O=davemehler.com_OpenVPN/CN=OpenVPN-CA/emailAddress=
[EMAIL PROTECTED]
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 VERIFY OK: depth=0,
/C=US/ST=OH/O=davemehler.com_OpenVPN/CN=client1/[EMAIL PROTECTED]
ehler.com
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Encrypt: Cipher
'BF-CBC' initialized with 128 bit key
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Encrypt: Using 160
bit message hash 'SHA1' for HMAC authentication
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Decrypt: Cipher
'BF-CBC' initialized with 128 bit key
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Data Channel Decrypt: Using 160
bit message hash 'SHA1' for HMAC authentication
Fri Sep 16 08:18:51 2005 192.168.0.4:53537 Control Channel: TLSv1, cipher
TLSv1/SSLv3 DHE-RSA

Re: routed daemon

[Lowell Gilbert]

Jim Pazarena [EMAIL PROTECTED] writes:

 Can the routed daemon co-exist with a CISCO router which, by default,
 also responds to routing requests?
 
 The reason I ask, is that I accidentally installed routed, and it
 was running, and my whole network came to a grinding halt, until
 I de-activated routed. I had not set up *any* configuration file
 or anything other than installing the port (by accident).
 
 So did this halt my system because I had no configuration file, or
 because routed cannot co-exist with (in this case) my telco provided
 CISCO gateway router?

Certainly they *can* co-exist, but in your case there is no reason for
them to do so.  Your routed doesn't know about any routes that the
Cisco doesn't.  This is also (most likely) where the problem came
from; your routed was probably advertising routes that went through
the Cisco, causing the Cisco to pick up those routes through the
FreeBSD box, causing a routing loop.  In ordinary routing situations,
split horizon would keep this from happening, but because the
default route was configured statically, routed couldn't detect this.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

routed daemon

[Jim Pazarena]

Can the routed daemon co-exist with a CISCO router which, by default,
also responds to routing requests?
The reason I ask, is that I accidentally installed routed, and it
was running, and my whole network came to a grinding halt, until
I de-activated routed. I had not set up *any* configuration file
or anything other than installing the port (by accident).
So did this halt my system because I had no configuration file, or
because routed cannot co-exist with (in this case) my telco provided
CISCO gateway router?
TIA
Jim
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

routed on lo0 device

[Michael Jeung]

Hello everyone,
I'm trying to get past a sticky routing situation by running routed on 
all of my machines in my server cluster.  I've been instructed by 
several sources of authority that the best solution for a multi-homed 
ip address scenario is bind the ip addresses to the loopback device and 
use routed to advertise their presence.

I'm having difficulty getting routed to bind to the loopback device.  
By default, routed seems to think the loopback device should be in 
passive mode - which causes routed to completely ignore all ips 
associated with the device.  (Perhaps this is to avoid advertising 
routes to 127.0.0.1?)  In any case, I was just curious as to whether 
anyone has every dealt with a situation like this before.

Is there some sort of trick to getting routed to work with the loopback 
device?  I want the loopback device to be active for routed, not 
passive.

Thanks!
Michael Jeung
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

routed(8)

[Richard P. Williamson]

Is it possible to have routed(8) ignore certain ethernet interfaces.

For example, on a device with fxp[0-3], I only need routed to 
interact with fxp[0-1], and to ignore the existence of fxp[2-3].

TIA,
rip

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: routed(8)

[Thomas Beer]

Try to put two lines in /etc/gateways

if=fxp2 passive
if=fxp3 passive

Cheers Tom

 Is it possible to have routed(8) ignore certain ethernet interfaces.

 For example, on a device with fxp[0-3], I only need routed to
 interact with fxp[0-1], and to ignore the existence of fxp[2-3].

 TIA,
 rip

 ___
 [EMAIL PROTECTED] mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to
 [EMAIL PROTECTED]



___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

routed gets permission denied at boot

[stefan]

Hi
When i boot my firewall i get a permission denied from routed when it tries to sendto 
the second nic.
What could be causing this?



Med vänliga hälsningar

Stefan Midjich, Swebase AB
Tel: 042-20 15 00
Fax: 042-20 15 03
E-post: [EMAIL PROTECTED]
Webb: http://swebase.com
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: routed

[Ion-Mihai Tetcu]

On Mon, 15 Dec 2003 16:33:20 -0800 (PST)
Valerian Galeru [EMAIL PROTECTED] wrote:

 I want to understand about these routing tables I
 run route flush (to remove all routes, gateways...).
 Yes, all the routes are deleted(i try a web browser
 and  i get an error), but when i run netstat -r, i
 dont see that. When i want to get again the routing
 table, i run routed (probably this is what i need for
 regetting the routing table) and when i try a web page
 on the web browser, it shows me the same eror as in
 the case of the deleted routing table. Probably i did
 something wrong... 

Dou you have a default geteway in your rc.conf ?

 Thank you very much or support

Contrar to popular belive routed(8) is not necesary when running a
standalone computer or event a simple gateway. I've spent half a day
arging with a fren on that, just to dicover to our both amusament the
cables where plugged each in the other nic ;)

Try disable the routed_enable line in /etc/rc.conf or change it to NO,
reboot and you should have netwotk connnection, provided that you have a
defaultrouter=xxx.xxx.xxx.xxx in the above file.

Routed(8) use RIP - Route Information Protocol, an interior gateway
protocol, which is suitable to use on small networks, which it uses to
get routing table from neghbour routers in order to build up a routing
table.

When you flush the routes you delete the defaul route seted in rc.conf
so your system does not know where to send packets for network other
that those directly connected.

Example:

Normal operation, without routed (I don't paste ipv6):
it/home/itetcu# netstat -rn
Routing tables

Internet:
DestinationGatewayFlagsRefs  Use  Netif Expire
default192.168.0.1UGSc50rl0
127.0.0.1  127.0.0.1  UH  04lo0
192.168.0  link#1 UC  10rl0
192.168.0.100:e0:4c:55:c3:13  UHLW6   56rl0


it/home/itetcu# route flush
it/home/itetcu# netstat -rn
Routing tables

Internet:
DestinationGatewayFlagsRefs  Use  Netif Expire
127.0.0.1  127.0.0.1  UH  04lo0
192.168.0  link#1 UC  10rl0
192.168.0.100:e0:4c:55:c3:13  UHLW0  190rl0   1030


The deaflault route has gonw away, the directly connected networks are still present.

it/home/itetcu# ping www.freebsd.org
PING www.freebsd.org (216.136.204.117): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
^C

Note that www.freebsd.org resolves on 216.136.204.177 becouse I have a
name server on 192.168.0.1 which is on a directly connected network:

it/home/itetcu# route get 192.168.0.1
   route to: 192.168.0.1
destination: 192.168.0.1
  interface: rl0
  flags: UP,HOST,DONE,LLINFO,WASCLONED
 recvpipe  sendpipe  ssthresh  rtt,msecrttvar  hopcount  mtu expire
   0 0 0 0 0 0  1500   820

Now if I add back the default route with:

it/home/itetcu# route add default 192.168.0.1 0.0.0.0
add net default: gateway 192.168.0.1
it/home/itetcu# netstat -rn
Routing tables

Internet:
DestinationGatewayFlagsRefs  Use  Netif Expire
default192.168.0.1UGSc00rl0
127.0.0.1  127.0.0.1  UH  04lo0
192.168.0  link#1 UC  10rl0
192.168.0.100:e0:4c:55:c3:13  UHLW1  222rl0935

I get my freebsd connection back:
it/home/itetcu# ping www.freebsd.org
PING www.freebsd.org (216.136.204.117): 56 data bytes
64 bytes from 216.136.204.117: icmp_seq=0 ttl=50 time=242.811 ms
^C

All this time:
it/home/itetcu# ps axw | grep routed
returns nada.

Reference, besides the man pages:
http://www.onlamp.com/pub/a/bsd/2000/08/23/FreeBSD_Basics.html
and the rest networking articles from there.

-- 
IOnut
Unregistered ;) FreeBSD user
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

routed 'forgets' it's path (or something)

[freeBSD]

I have run into a strange problem:

Suddenly has my nic no routingtables so name lookups etc doesn't work.

The only solution is to SU and kill routed and then start it again.

Everything will then work for an hour or so and then I'm back on step
one again.

I have laborated with cvsup etc the last day, so it's probably something
that's been changed, but I'm to novice to understan what.

I am running 5.0p7 now.

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Solved! Was: Re: routed 'forgets' it's path (or something)

[freeBSD]

Odd, but the soo simple solution which however I can't explain was to do
a:

route add default 192.168.0.1 

(192.168.0.1 is my gateway)


If someone can explain how the system could work for a while after the
route daemon was started and then suddenly forget all routing tables it
would be great, however it works for me know so I'm pleased again! ;)

 


On Sat, 2003-06-28 at 00:04, freeBSD wrote:
 I have run into a strange problem:
 
 Suddenly has my nic no routingtables so name lookups etc doesn't work.
 
 The only solution is to SU and kill routed and then start it again.
 
 Everything will then work for an hour or so and then I'm back on step
 one again.
 
 I have laborated with cvsup etc the last day, so it's probably something
 that's been changed, but I'm to novice to understan what.
 
 I am running 5.0p7 now.
 
 ___
 [EMAIL PROTECTED] mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to [EMAIL PROTECTED]

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

routed: duplicate /etc/gateways entry

[webmaster]

Hi I have the following situation

/etc/gateways:

net subnet-buzet/24 gateway 192.168.1.1 metric 3 passive
net subnet-rovinj/24 gateway 192.168.1.1 metric 3 passive
net subnet-porec/24 gateway 192.168.1.1 metric 3 passive
net subnet-umag/24 gateway 192.168.1.1 metric 3 passive
net subnet-pazin/24 gateway 192.168.1.1 metric 3 passive
net subnet-labin/24 gateway 192.168.1.1 metric 3 passive



box# routed  
box# routed: duplicate /etc/gateways entry net subnet-rovinj/24 gateway pix metric 3 
passive
routed: duplicate /etc/gateways entry net subnet-porec/24 gateway pix metric 3 
passive
routed: duplicate /etc/gateways entry net subnet-umag/24 gateway pix metric 3 passive
routed: duplicate /etc/gateways entry net subnet-pazin/24 gateway pix metric 3 
passive
routed: duplicate /etc/gateways entry net subnet-labin/24 gateway pix metric 3 
passive


Can someone explain me please what I'm doing wrong I'm searching two days for some 
good
example but can't find nothing, please help me.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

Routed

[Gannater Jnos]

Hello,

I would like to what are the advantiges and disadvantiges of using the 
routed daemon.
Should I small web and mail server run this daemon?

Thanks..



To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

routed, dynamic update

[Kliment Andreev]

Hi,

how can I prevent automatic updating of routing tables where one of the
flags has D (Dynamic). I tried to put

routed: ALL: deny in /etc/hosts.allow, but somehow I still got entries in
routing table.

Thank you!






To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

routed daemon

[Kliment Andreev]

Hi,

I have a production PC (4.5-stable)

-- -
|172.16.1.3|---|172.16.4.10|---|172.16.4.11| - (Internet)
-- -
4.5 STABLECisco RouterPIX Firewall

--
(Internet) |172.19.4.10|---|172.19.1.x|(Clients)
--
Cisco Router

Everything is fine, but from time to time when I type

# netstat -r

I have

172.19gateway 172.16.4.10
172.19.1.10 gateway 172.16.4.11   --- This should not be here
(dynamic flag)

I don't have routed daemon running. Who is updating my routing table?

Thanks!



To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message