pppoe routing problem, default route isnt used for some hosts
Hello,
I have an strange routing problem. I can't connect to some hosts in the
internet till I add an explicit route for this hosts with my default gw
as gateway.
There aren't any other routes that could match the destination IP for
non-working hosts. So the connection should also without an explicit
route for this Hosts use the default gw.
My Setup:
FreeBSD 7.2-RELEASE
mppd to make an PPPOE connection to my internet service
provider.
PF as firewall
To isolate the problem I used an minimal pf.conf:
---
inetif=ng0
lanif=vr0
scrub all max-mss 1492
pass quick on lo0 all
pass out on $inetif proto { tcp udp icmp } all keep state
pass on $lanif from any to any
---
I also tried pppd instead of mppd(dont helps).
Hosts that I can't connect to, are ie spiegel.de, tagesschau.de, freebsd.org
southparkstudios.com
I.e
TCP connections to Port 80 of southparkstudios.com dont work.
If I add an explicit route:
route add southparkstudios.com 213.191.84.199
Connections with nc to port 80 works
(the connections tests are made from the router, the iface MTUs are correct)
Anybody have an idea what could be wrong?
I have no idea anymore
(its also not an provider problem, when i made the pppoe connection from
windows I can connect to alls hosts)
thanks for any hints:)
best regards
Fabian
-
My routing table:
# netstat -ra
Routing tables
Internet:
DestinationGatewayFlagsRefs Use Netif Expire
defaultlo1.br04.weham.de. UGS 015505ng0
1.1.1.10x1010101 link#1 UC 00rl0
exxx45031.adsl.al lo0UHS 00lo0
localhost localhost UH 0 433lo0
192.168.113.0 link#2 UC 00vr0
xyz 00:30:18:ad:26:88 UHLW124005lo0
mail.xyz.ath.cx 00:30:18:ad:26:88 UHLW186400lo0
http.xyz.ath.cx 00:30:18:ad:26:88 UHLW1 770lo0
192.168.113.255ff:ff:ff:ff:ff:ff UHLWb 1 3228vr0
lo1.br04.weham.de. e176145031.adsl.al UH 10ng0
[... ipv6 stuff]
Interface infos:
# netstat -ira
NameMtu Network Address Ipkts IerrsOpkts Oerrs Coll
rl01492 Link#1 00:02:2a:b0:4a:e0 26128479 0 19855993 0 0
01:00:5e:00:00:010 0
rl01492 1.1.1.10x101 1.1.1.1 0 - 2653 - -
ALL-SYSTEMS.MCAST
vr01500 Link#2 00:30:18:ad:26:88 12662831 0 17678949 0 0
01:00:5e:00:00:01 2038 0
vr01500 192.168.113.0 xyz 9745471 - 13639692 - -
ALL-SYSTEMS.MCAST
vr01500 192.168.113.0 mail.xyz.a 291626 -86404 - -
ALL-SYSTEMS.MCAST
vr01500 192.168.113.0 http.xyz.a 6814 - 770 - -
ALL-SYSTEMS.MCAST
lo0 16384 Link#3 113929 0 113929 0 0
lo0 16384 fe80:3::1 fe80:3::10 -0 - -
ff01:3::1 (refs: 1)
ff02:3::2:a61d:93b4(refs: 1)
ff02:3::1 (refs: 1)
ff02:3::1:ff00:1 (refs: 1)
lo0 16384 localhost ::1 0 -0 - -
ff01:3::1 (refs: 1)
ff02:3::2:a61d:93b4(refs: 1)
ff02:3::1 (refs: 1)
ff02:3::1:ff00:1 (refs: 1)
lo0 16384 your-net localhost 433 - 2433 - -
ALL-SYSTEMS.MCAST
pflog 33204 Link#4 0 080567 0 0
tun0* 1500 Link#5 78331 076381 0 0
tun99 1500 Link#6 353 0 375 0 0
ng01492 Link#717114096 0 13449463 0 0
ng01492 85.176.145.31 e176145031.adsl.a12398 -17011 - -
ALL-SYSTEMS.MCAST
mpd.conf:
default:
load PPPoE
PPPoE:
new -i ng0 PPPoE PPPoE
set iface addrs 1.1.1.1 2.2.2.2
set iface route default
set iface enable on-demand
set iface idle 0
set bundle disable multilink
set bundle authname xxy
set iface disable tcpmssfix
set link no acfcomp protocomp
set link disable pap chap
set link accept chap
set link mtu 1492
set link mru 1492
set link keep-alive 10 60
set ipcp yes vjcomp
set iface enable tcpmssfix#I know pf also do this in my setup, but Iam
despaired:)
set ipcp ranges 0.0.0.0/0 0.0.0.0/0
set nat disable
log +link
open
Re: pppoe routing problem, default route isnt used for some hosts
Fabian Holler wrote:
Hello,
I have an strange routing problem. I can't connect to some hosts in the
internet till I add an explicit route for this hosts with my default gw
as gateway.
There aren't any other routes that could match the destination IP for
non-working hosts. So the connection should also without an explicit
route for this Hosts use the default gw.
My Setup:
FreeBSD 7.2-RELEASE
mppd to make an PPPOE connection to my internet service
provider.
PF as firewall
To isolate the problem I used an minimal pf.conf:
---
inetif=ng0
lanif=vr0
scrub all max-mss 1492
pass quick on lo0 all
pass out on $inetif proto { tcp udp icmp } all keep state
pass on $lanif from any to any
---
I also tried pppd instead of mppd(dont helps).
Hosts that I can't connect to, are ie spiegel.de, tagesschau.de, freebsd.org
southparkstudios.com
I.e
TCP connections to Port 80 of southparkstudios.com dont work.
If I add an explicit route:
route add southparkstudios.com 213.191.84.199
Besides netstat -rn, you can use route get southparkstudios.com
to check a route for a destination.
Connections with nc to port 80 works
(the connections tests are made from the router, the iface MTUs are correct)
You cannot test MTU settings using nc, since initial packets, that
is, small packets, are always smaller than your MTU. You can test
MTU using fetch or ftp or nc + GET /some.big.file.
Anybody have an idea what could be wrong?
I have no idea anymore
(its also not an provider problem, when i made the pppoe connection from
windows I can connect to alls hosts)
thanks for any hints:)
best regards
Fabian
-
My routing table:
# netstat -ra
Routing tables
Internet:
DestinationGatewayFlagsRefs Use Netif Expire
defaultlo1.br04.weham.de. UGS 015505ng0
1.1.1.10x1010101 link#1 UC 00rl0
What is this ???
It looks like not-contiguous netmask?
exxx45031.adsl.al lo0UHS 00lo0
localhost localhost UH 0 433lo0
192.168.113.0 link#2 UC 00vr0
xyz 00:30:18:ad:26:88 UHLW124005lo0
mail.xyz.ath.cx 00:30:18:ad:26:88 UHLW186400lo0
http.xyz.ath.cx 00:30:18:ad:26:88 UHLW1 770lo0
192.168.113.255ff:ff:ff:ff:ff:ff UHLWb 1 3228vr0
lo1.br04.weham.de. e176145031.adsl.al UH 10ng0
[... ipv6 stuff]
Interface infos:
# netstat -ira
NameMtu Network Address Ipkts IerrsOpkts Oerrs Coll
rl01492 Link#1 00:02:2a:b0:4a:e0 26128479 0 19855993 0 0
01:00:5e:00:00:010 0
rl01492 1.1.1.10x101 1.1.1.1 0 - 2653 - -
ALL-SYSTEMS.MCAST
vr01500 Link#2 00:30:18:ad:26:88 12662831 0 17678949 0 0
01:00:5e:00:00:01 2038 0
vr01500 192.168.113.0 xyz 9745471 - 13639692 - -
ALL-SYSTEMS.MCAST
vr01500 192.168.113.0 mail.xyz.a 291626 -86404 - -
ALL-SYSTEMS.MCAST
vr01500 192.168.113.0 http.xyz.a 6814 - 770 - -
ALL-SYSTEMS.MCAST
lo0 16384 Link#3 113929 0 113929 0 0
lo0 16384 fe80:3::1 fe80:3::10 -0 - -
ff01:3::1 (refs: 1)
ff02:3::2:a61d:93b4(refs: 1)
ff02:3::1 (refs: 1)
ff02:3::1:ff00:1 (refs: 1)
lo0 16384 localhost ::1 0 -0 - -
ff01:3::1 (refs: 1)
ff02:3::2:a61d:93b4(refs: 1)
ff02:3::1 (refs: 1)
ff02:3::1:ff00:1 (refs: 1)
lo0 16384 your-net localhost 433 - 2433 - -
ALL-SYSTEMS.MCAST
pflog 33204 Link#4 0 080567 0 0
tun0* 1500 Link#5 78331 076381 0 0
tun99 1500 Link#6 353 0 375 0 0
ng01492 Link#717114096 0 13449463 0 0
ng01492 85.176.145.31 e176145031.adsl.a12398 -17011 - -
ALL-SYSTEMS.MCAST
mpd.conf:
default:
load PPPoE
PPPoE:
new -i ng0 PPPoE PPPoE
set iface addrs 1.1.1.1 2.2.2.2
Maybe you should delete the above line as
well. I dont remembere what iface addrs does,
but you'll get the IP addresses via IPCP,
so it's surely redundant.
set iface route default
set iface enable on-demand
Re: pppoe routing problem, default route isnt used for some hosts
Hello Nikos, thank you very much Nikos You've repaired my internet ,) On Fri, May 29, 2009 at 06:56:49PM +0300, Nikos Vassiliadis wrote: Fabian Holler wrote: I have an strange routing problem. I can't connect to some hosts in the internet till I add an explicit route for this hosts with my default gw as gateway. There aren't any other routes that could match the destination IP for non-working hosts. So the connection should also without an explicit route for this Hosts use the default gw. Besides netstat -rn, you can use route get southparkstudios.com to check a route for a destination. Connections with nc to port 80 works (the connections tests are made from the router, the iface MTUs are correct) You cannot test MTU settings using nc, since initial packets, that is, small packets, are always smaller than your MTU. You can test MTU using fetch or ftp or nc + GET /some.big.file. I only tried to say, that the connection problems couldn't be an MTU problem. Because I tried to connect from the router(where the PPPOE iface should have the correct MTU) and not from any LAN-Host. PPPoE: new -i ng0 PPPoE PPPoE set iface addrs 1.1.1.1 2.2.2.2 Maybe you should delete the above line as That was the problem:) I thought ip+netmask from the iface are arbitrary because they will be overwritten after I made an successfull connection. But the the crappy netmask was responsible for my problems set link mtu 1492 set link mru 1492 this is also wrong, don't try to set MTU or MRU. There are negotiated during PPP. removed this also :) regards Fabian pgpksnt3OWbda.pgp Description: PGP signature
