Re: ipnat and ping problem.
Maślanka Wojciech píše v pá 23. 12. 2005 v 23:07 +0100: This is my network: Internet---[rl0, 192.168.0.50_10.0.0.1 ,rl1]--[10.0.0.2] On 10.0.0.2 machine I cant ping any host in internet. I can ping only 10.0.0.1 and 192.168.0.50. :( Whats wrong?? [/usr/src]#uname -a FreeBSD freebsd.mila10.6 6.0-RELEASE FreeBSD 6.0-RELEASE [/usr/src]#ipfstat -io pass out quick all pass in quick all [/usr/src]#ipnat -l List of active MAP/Redirect filters: map rl0 10.0.0.0/24 - 192.168.0.50/32 proxy port ftp ftp/tcp map rl0 10.0.0.0/24 - 192.168.0.50/32 portmap tcp/udp auto map rl0 10.0.0.0/24 - 192.168.0.50/32 You need also map rl0 10.0.0.0/24 - 192.168.0.50/32 icmpidmap icmp 64000:65535 In the documentation of ipnat(5) there's written that for this to reliably work you have to recompile the world with limited PID_MAX but it works without it. List of active sessions: MAP 10.0.0.2 3610 - - 192.168.0.508666 [66.249.85.83 80] MAP 10.0.0.2 3609 - - 192.168.0.508665 [66.249.85.83 80] MAP 10.0.0.2 3608 - - 192.168.0.508664 [66.249.85.19 80] MAP 10.0.0.2 3607 - - 192.168.0.508663 [194.204.152.34 53] MAP 10.0.0.2 3606 - - 192.168.0.508662 [66.249.85.83 80] Michal ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fwd: ipnat and ping problem.
Im affraid that this solution dont work. :( Any other idea?? Regards! -- Forwarded message -- From: Michal Mertl [EMAIL PROTECTED] Date: 2005-12-24 11:20 Subject: Re: ipnat and ping problem. To: Maślanka Wojciech [EMAIL PROTECTED] Cc: Freebsd-questions freebsd-questions@freebsd.org Maślanka Wojciech píše v pá 23. 12. 2005 v 23:07 +0100: This is my network: Internet---[rl0, 192.168.0.50_10.0.0.1 ,rl1]--[10.0.0.2] On 10.0.0.2 machine I cant ping any host in internet. I can ping only 10.0.0.1 and 192.168.0.50. :( Whats wrong?? [/usr/src]#uname -a FreeBSD freebsd.mila10.6 6.0-RELEASE FreeBSD 6.0-RELEASE [/usr/src]#ipfstat -io pass out quick all pass in quick all [/usr/src]#ipnat -l List of active MAP/Redirect filters: map rl0 10.0.0.0/24 - 192.168.0.50/32 proxy port ftp ftp/tcp map rl0 10.0.0.0/24 - 192.168.0.50/32 portmap tcp/udp auto map rl0 10.0.0.0/24 - 192.168.0.50/32 You need also map rl0 10.0.0.0/24 - 192.168.0.50/32 icmpidmap icmp 64000:65535 In the documentation of ipnat(5) there's written that for this to reliably work you have to recompile the world with limited PID_MAX but it works without it. List of active sessions: MAP 10.0.0.2 3610 - - 192.168.0.508666 [66.249.85.83 80] MAP 10.0.0.2 3609 - - 192.168.0.508665 [66.249.85.83 80] MAP 10.0.0.2 3608 - - 192.168.0.508664 [66.249.85.19 80] MAP 10.0.0.2 3607 - - 192.168.0.508663 [194.204.152.34 53] MAP 10.0.0.2 3606 - - 192.168.0.508662 [66.249.85.83 80] Michal ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipnat and ping problem.
This is my network: Internet---[rl0, 192.168.0.50_10.0.0.1 ,rl1]--[10.0.0.2] On 10.0.0.2 machine I cant ping any host in internet. I can ping only 10.0.0.1 and 192.168.0.50. :( Whats wrong?? [/usr/src]#uname -a FreeBSD freebsd.mila10.6 6.0-RELEASE FreeBSD 6.0-RELEASE [/usr/src]#ipfstat -io pass out quick all pass in quick all [/usr/src]#ipnat -l List of active MAP/Redirect filters: map rl0 10.0.0.0/24 - 192.168.0.50/32 proxy port ftp ftp/tcp map rl0 10.0.0.0/24 - 192.168.0.50/32 portmap tcp/udp auto map rl0 10.0.0.0/24 - 192.168.0.50/32 List of active sessions: MAP 10.0.0.2 3610 - - 192.168.0.508666 [66.249.85.83 80] MAP 10.0.0.2 3609 - - 192.168.0.508665 [66.249.85.83 80] MAP 10.0.0.2 3608 - - 192.168.0.508664 [66.249.85.19 80] MAP 10.0.0.2 3607 - - 192.168.0.508663 [194.204.152.34 53] MAP 10.0.0.2 3606 - - 192.168.0.508662 [66.249.85.83 80] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipnat and ping problem.
On 12/23/05, Maślanka Wojciech [EMAIL PROTECTED] wrote: This is my network: Internet---[rl0, 192.168.0.50_10.0.0.1 ,rl1]--[10.0.0.2] On 10.0.0.2 machine I cant ping any host in internet. I can ping only 10.0.0.1 and 192.168.0.50. :( Whats wrong?? [/usr/src]#uname -a FreeBSD freebsd.mila10.6 6.0-RELEASE FreeBSD 6.0-RELEASE [/usr/src]#ipfstat -io pass out quick all pass in quick all [/usr/src]#ipnat -l List of active MAP/Redirect filters: map rl0 10.0.0.0/24 - 192.168.0.50/32 proxy port ftp ftp/tcp map rl0 10.0.0.0/24 - 192.168.0.50/32 portmap tcp/udp auto map rl0 10.0.0.0/24 - 192.168.0.50/32 List of active sessions: MAP 10.0.0.2 3610 - - 192.168.0.508666 [66.249.85.83 80] MAP 10.0.0.2 3609 - - 192.168.0.508665 [66.249.85.83 80] MAP 10.0.0.2 3608 - - 192.168.0.508664 [66.249.85.19 80] MAP 10.0.0.2 3607 - - 192.168.0.508663 [194.204.152.34 53] MAP 10.0.0.2 3606 - - 192.168.0.508662 [66.249.85.83 80] I believe this is due to the fact that ICMP is the ICMP protocol and not UDP or TCP. There's really no port so it's first come first serve in the NAT tables. Clear your translations and then try from a different host, betting it works. -- Just my $.02, your mileage may vary, batteries not included, etc ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
