Re: arptables: unable to enter address
Aleksandar Milosevic wrote: J. Alfred Prufrock wrote: Also, I just noticed in my cable-modem box's configuration page that the WAN gateway is 24.145.134.65, which reverse dns shows to be user-0c931i1.cable.mindspring.com. Isn't it odd that my gateway is another user rather than the ISP? Should I be worried about all this? Yes, you should. Is it staticly configured or obtained from ISP's dhcp I called my ISP, and this is apparently one of their servers. I don't know why it's called user-whatever. So all is well on that front. Regarding the original issue (arptables: unable to enter address): I unhooked the ISP's (misconfigured) Motorola modem and hooked up my own cable-modem, and haven't had any problems. No more arptables errors. Thanks for all your help, guys. J
Re: arptables: unable to enter address, TCPDUMP
Vijay Sankar wrote:
By the way, regarding list etiquette, I am copying you because you
had asked for that in an earlier message. I should not have included
Darren and John, but what happened was that I did a Reply All, not
noticing that you had sent the messages to those two folks as well.
Sorry for the misunderstanding, Vijay: I didn't mean you, I meant me.
Since this is my first time on the mailing lists, I wasn't sure whom
all I should be replying to.
Yes, I asked to be copied on all replies since I don't subscribe to
misc.
tcpdump -netttvvvSXi interfacename
should show you something like
Here it is:
Feb 05 11:59:06.601418 0:b:6:bc:7b:e ff:ff:ff:ff:ff:ff 0806 60: arp
who-has 192.168.0.10 tell 24.145.134.116
: 0001 0800 0604 0001 000b 06bc 7b0e 1891 ...{...
0010: 8674 c0a8 000a 1102 27b6 .t..@('6
0020: c0a8 6401 008a 00bb 2046 4445 @(d;.. FDE
Feb 05 11:59:06.601500 0:20:78:1f:0:af 0:b:6:bc:7b:e 0806 60: arp reply
192.168.0.10 is-at 0:20:78:1f:0:af
: 0001 0800 0604 0002 0020 781f 00af c0a8 . x../@(
0010: 000a 000b 06bc 7b0e 1891 8674 1102 27b6 .{t..'6
0020: c0a8 6401 008a 00bb 2046 4445 @(d;.. FDE
What is currently in your hostname.* files?
hostname.dc0 (external) is just dhcp.
hostname.fxp0 (internal) is:
inet 192.168.1.11 255.255.255.0 192.168.1.255
is it possible that any of your internal hosts have an address
on the wrong (meaning 192.168.0) subnet?
All the internal hosts are 192.168.1.*
Thanks again for your help, guys.
J
Re: arptables: unable to enter address, TCPDUMP
Darren Spruell wrote: As per above, the tcpdump output suggests a more likely misconfiguration of the cable modem rather than the BSD box. I'm starting to wonder if it's been deliberately (mis-)configured this way. Thinking to reconfigure the cable-modem box myself (as opposed to going with the settings the ISP put on it), I poked the reset button and found...nothing! It looks like the reset button has been removed! And I can't find a reset button in the web interface---that's probably Motorola's default setting. J
Re: arptables: unable to enter address
Also, I just noticed in my cable-modem box's configuration page that the WAN gateway is 24.145.134.65, which reverse dns shows to be user-0c931i1.cable.mindspring.com. Isn't it odd that my gateway is another user rather than the ISP? Should I be worried about all this? J
Re: arptables: unable to enter address
Aleksandar Milosevic wrote: What does 'arp -a' and 'netstat -nr -f inet' output on rock? # arp -a chadmin (192.168.0.1) at 00:0b:06:bc:7b:0d on dc0 becket.dyndns.org (192.168.1.12) at 00:07:e9:d6:ea:fd on fxp0 ? (192.168.1.32) at 00:0c:30:00:06:09 on fxp0 # netstat -nr -f inet Routing tables Internet: DestinationGatewayFlagsRefs UseMtu Interface default192.168.0.1UGS 0 501 - dc0 24.145.134.68 127.0.0.1 UGHS00 33224 lo0 24.145.134.116 127.0.0.1 UGHS00 33224 lo0 24.145.134.116/32 link#2 UC 00 - dc0 127/8 127.0.0.1 UGRS00 33224 lo0 127.0.0.1 127.0.0.1 UH 00 33224 lo0 192.168.0/24 link#2 UC 10 - dc0 192.168.0.100:0b:06:bc:7b:0d UHLc110338 - dc0 192.168.0.10 127.0.0.1 UGHS00 33224 lo0 192.168.1/24 link#1 UC 20 - fxp0 192.168.1.12 00:07:e9:d6:ea:fd UHLc210683 - fxp0 192.168.1.32 00:0c:30:00:06:09 UHLc0 83 - fxp0 224/4 127.0.0.1 URS 00 33224 lo0 I don't know what 24.145.134.68 is, or why it's in my routing table. Thanks, J
Re: arptables: unable to enter address
John wrote: And, as far as getting the obsd box to talk to the modem was concerned, that's it! There is other stuff involved in getting the box to talk to the lan and v/v. I found it useful getting just the box to work with the modem, it's not clear in your message if that is also your situation. Thanks for trying to help, John. I'm able to get the OpenBSD machine to talk to the cable-modem box. Almost everything works fine. The only problem is this repeated log message every fifteen minutes: Feb 3 15:13:58 rock /bsd: arplookup: unable to enter address for 24.aaa.bbb.ccc (24.aaa.bbb.ccc is the WAN address of the cable-modem box.) I don't know if this is serious. If it is, I'd like to solve it; if not, I'd like to turn it off. J
Re: arptables: unable to enter address, TCPDUMP
Darren Spruell wrote: It's curious that the outside interface address on the cable modem is showing up for any reason on the internal network. Right, this is what first puzzled me too. You might use tcpdump or similar on your internal network to determine what kind of traffic it relates to. tcpdump -vv -x -l results attached below. Might help if you diagram it out, indicate IP addresses and subnets, and so on. The setup right now: WAN -- (WAN 24.aaa.bbb.ccc) SBG1000 cable-modem (LAN 192.168.0.1) -- (dc0: 192.168.0.10) OpenBSD (rock) (fxp0: 192.168.1.11) -- other machines, phone, etc. I hope the diagram above is clear. Basically, the WAN talks to the SBG1000, which talks to the OpenBSD box, which talks to the inside machines. The two IPs on each box show inward and outward addresses. (I assume I shouldn't show my real IP or MAC addresses in public.) The entire setup works; it just gives me the following message: Feb 4 19:14:03 rock /bsd: arplookup: unable to enter address for 24.aaa.bbb.ccc The SBG1000 does NAT and runs a DHCP server. I tried turning those off so that the OpenBSD box would get its IP address directly from the ISP's server, but that didn't fix the problem: I still got the same arptables message, but with a different IP address. I just ran tcpdump; here's the line at which I get the error/warning/log message: 19:14:03.562039 arp who-has rock tell 24.aaa.bbb.ccc [Note: 24.aaa.bbb.ccc is the cable-modem box's WAN address.] 0001 0800 0604 0001 000b 06bc 7b0e 1891 8674 c0a8 000a 1102 1fdc c0a8 6401 008a 00bb 2046 4445 19:14:03.562118 arp reply rock is-at 00:11:22:33:44:55 [Note: 00:11:22:33:44:55 is the OpenBSD box's outward-facing NIC's MAC address.] 0001 0800 0604 0002 0020 781f 00af c0a8 000a 000b 06bc 7b0e 1891 8674 1102 1fdc c0a8 6401 008a 00bb 2046 4445 Thanks for trying to help, guys. J
Re: arptables: unable to enter address, TCPDUMP
Vijay Sankar wrote: Possibly a silly question -- how are you connecting the cable modem to your OpenBSD server's external interface? Are they all plugged into a switch or hub or are you using a cable from the external interface directly to the cable modem? The external NIC connects directly to the cable modem. The internal NIC connects to a D-Link switch, and the inside machines (on the LAN, behind the OpenBSD box) also connect to the same switch. J PS: I notice that when I reply-all to Vijay, Darren's and John's email addresses also show up. What's the etiquette here? Should I reply to just Vijay and misc, or to everyone whose address is included? Or will the list-manager automatically figure it out? Thanks. The setup right now: WAN -- (WAN 24.aaa.bbb.ccc) SBG1000 cable-modem (LAN 192.168.0.1) -- (dc0: 192.168.0.10) OpenBSD (rock) (fxp0: 192.168.1.11) -- other machines, phone, etc. I hope the diagram above is clear. Basically, the WAN talks to the SBG1000, which talks to the OpenBSD box, which talks to the inside machines. The two IPs on each box show inward and outward addresses.
Re: arptables: unable to enter address, TCPDUMP
Darren Spruell wrote: Grab that exchange again with the -n flag to tcpdump. Include the MAC address(es) of the cable modem if you can get them. Here it is: 00:14:04.475261 arp who-has 192.168.0.10 tell 24.aaa.bbb.ccc 0001 0800 0604 0001 000b 06bc 7b0e 1891 8674 c0a8 000a 1102 2234 c0a8 6401 008a 00bb 2046 4445 00:14:04.475348 arp reply 192.168.0.10 is-at 0:20:78:1f:0:af 0001 0800 0604 0002 0020 781f 00af c0a8 000a 000b 06bc 7b0e 1891 8674 1102 2234 c0a8 6401 008a 00bb 2046 4445 Did you mean get the MAC addresses from tcpdump? I didn't see the cable modem box's MAC addresses in the dump file. MAC address of OpenBSD PC's external NIC: 00:20:78:1f:00:af Two MAC addresses listed in cable-modem box's admin screen: 00:0B:06:BC:7B:0A (labelled Self) 00:0B:06:BC:7B:0E (labelled Learned). From the way they're labelled, I'm guessing the former is the cable- modem box's external address and the latter its internal address. Not sure how to confirm that guess. J
arptables: unable to enter address
Hi guys, I recently switched ISPs, and my new ISP (Time-Warner) gave me a Motorola SBG1000 cable-modem box. My OpenBSD machine, which used to connect directly to my old ISP's servers, is now behind this box. I'm running a GENERIC 4.0 kernel which has never had any problems with my hardware. My problem now is that every fifteen minutes I get the following message on my console as well as in /var/log/messages: Feb 3 15:13:58 rock /bsd: arplookup: unable to enter address for 24.aaa.bbb.ccc 24.aaa.bbb.ccc is the SBG1000's WAN address. Its LAN address is 192.168.0.1, and my OpenBSD machine's address on the attached NIC (dc0) is 192.168.0.10. This machine functions as my LAN router and firewall, so it has another NIC (fxp0) whose address is 192.168.1.11. After looking around on misc, I tried the following: arp -s 24.aaa.bbb.ccc 00:11:22:33:44:55 pub where 00:11:22:33:44:55 is the MAC address of the Motorola box's WAN-facing NIC. This gives me: cannot intuit interface index and type for 24.aaa.bbb.ccc I don't really know arp, so I'm wary of poking around any further. I also tried getting the Motorola box not to do NAT, so my machine then gets its IP address directly from the ISP's DHCP server instead of the Motorola box's DHCP server. I still get the same message, but with a different IP address (10.something). Following a post on misc, I tried to set my hostname.dc0 as follows: dhcp inet alias 24.aaa.bbb.ccc 255.255.255.0 24.aaa.bbb.255 Now when I run /etc/netstart I get: duplicate IP address 24.aaa.bbb.ccc sent from ethernet address 00:11:22:33:44:55 where, again, 00:11:22:33:44:55 is one of the Motorola box's MAC addresses. As is probably obvious, I don't know much about networking, so I'm really shooting in the dark here and getting increasingly uncomfortable with it. Any ideas? Thanks, J PS: Please cc me on any replies since I'm not subscribed to misc. Thanks.
