On Sat, 24 Nov 2007, Alaor Barroso de Carvalho Neto wrote:
2007/11/24, Ian Smith [EMAIL PROTECTED]:
No I didn't mean that; use your own favourite packet filter, any of them
can handle what you've described. Bill suggested pf - lots of people
seem to like it a lot - and I use ipfw
2007/11/24, Ian Smith [EMAIL PROTECTED]:
ipfw works fine too for these sorts of network policy separation :)
So ipfilter is not recommended by you guyz?
If that wasn't a typo, this is a non-contiguous netmask. I suspect you
want 255.255.255.224, assuming the default router is in the same
On Sat, 24 Nov 2007, Alaor Barroso de Carvalho Neto wrote:
2007/11/24, Ian Smith [EMAIL PROTECTED]:
ipfw works fine too for these sorts of network policy separation :)
So ipfilter is not recommended by you guyz?
No I didn't mean that; use your own favourite packet filter, any of
2007/11/24, Ian Smith [EMAIL PROTECTED]:
No I didn't mean that; use your own favourite packet filter, any of them
can handle what you've described. Bill suggested pf - lots of people
seem to like it a lot - and I use ipfw because I (mostly) know how to.
I always had linux servers, so I'm
On Sat, 24 Nov 2007 13:41:51 -0200
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
2007/11/24, Ian Smith [EMAIL PROTECTED]:
No I didn't mean that; use your own favourite packet filter, any of
them can handle what you've described. Bill suggested pf - lots of
people seem to like
First off, what's the output of sysctl net.inet.ip.forwarding? If
it is 0, then reboot and see if it starts working.
The return was: net.inet.ip.forwarding 1
Routed is running, named is running, the server itself can ping to any
network, I don't know what else to test.
On Fri, 23 Nov 2007 12:33:26 -0200
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
[..]
em0 external world XXX.XXX.XXX.XXX
rl0 adm 192.168.1.80
rl1 acad
2007/11/23, Bill Moran [EMAIL PROTECTED]:
I'm going to the server room to test the command. And yes, the DNS is
working properly. I just came from the room and I did the command dig @
192.168.1.1 google.ca and it said no server reached, then I did dig @
127.0.0.1 google.ca and it worked!
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
OK guyz, I did some tests and I found the error, like you said, it's a
config problem with the routes, I thought the routed
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
OK guyz, I did some tests and I found the error, like you said, it's a
config problem with the routes, I thought the routed daemon would care
of it
for me but it seems like it don't. Please
OK guyz, I did some tests and I found the error, like you said, it's a
config problem with the routes, I thought the routed daemon would care of it
for me but it seems like it don't. Please I ask you to forget the scenario I
said before, now what i have is:
The dns server is now with the IP
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
OK guyz, I did some tests and I found the error, like you said, it's a
config problem with the routes, I thought the routed daemon would care of it
for me but it seems like it don't. Please I ask you to forget the scenario I
said before,
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
OK guyz, I did some tests and I found the error, like you said, it's
a
config
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
Yes, I have IPFIlTER installed, but if I would want to everybody ping to
everybody and then block the things in the firewall, it
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
Yes, I have IPFIlTER installed, but if I would want to everybody
ping to
By ping, mean ping. I don't know what have access means, but I know
what
ping means.
Well I say have access because the icpm would be blocked, but I would still
have communicationwith the network even if I didn't ping. But yeah, for
meright now ping and have access is the same once the
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
First off, what's the output of sysctl net.inet.ip.forwarding? If
it is 0, then reboot and see if it starts working.
The return was: net.inet.ip.forwarding 1
OK. That's not the problem then ... did you disable ipfilter and try
Alaor Barroso de Carvalho Neto wrote:
If I turn off linux and set the rl0 to 192.168.1.1 it
stop resolving names but can ping to anywhere. Help!!!
in the rc.conf
gateway_enable=YES
defaultrouter=X.X.X.X
I don't know if I quite understand on which machine things are breaking,
but if it is a
Sorry my english skills, I'm brazilian and I'm not very familiar with the
language, but I'm gonna try to explain it clearly:
LINUX SERVER
private network 192.168.1.1
external network x.x.x.x
FREEBSD SERVER
private network 192.168.1.240
external network x.x.x.x
DNS SERVER
private network
Sorry,
searchdomain ...
nameserver 192.168.1.2
not 192.168.1.1 as I've said before.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL
In response to Alaor Barroso de Carvalho Neto [EMAIL PROTECTED]:
Sorry my english skills, I'm brazilian and I'm not very familiar with the
language, but I'm gonna try to explain it clearly:
LINUX SERVER
private network 192.168.1.1
external network x.x.x.x
FREEBSD SERVER
private network
The nameserver is the 192.168.1.2 in the resolv.conf, sorry my fault. I'm
gonna copy the rc.conf and paste here. But the routes are OK and still OK
for any time when the machine is not the main gateway and have some few
clients using it as gateway, if it was a config problem it wouldn't work
Alaor Barroso de Carvalho Neto wrote:
Sorry,
searchdomain ...
nameserver 192.168.1.2
not 192.168.1.1 as I've said before.
What about:
# dig @192.168.1.2 google.ca
Also, I don't know if it has any impact, but my resolv.conf shows just
'search mydomain.com' as opposed to
In response to George Vanev [EMAIL PROTECTED]:
I have FreeBSD 6.2 box with 1 NIC and 2 IPs.
The first IP is to access internet, the second
is for the ISP's LAN.
Unfortunately I have internet, but no access to
the other network.
I made a test. I assigned to the NIC only the local
IP and
On 2/8/07, Bill Moran [EMAIL PROTECTED] wrote:
In response to George Vanev [EMAIL PROTECTED]:
I have FreeBSD 6.2 box with 1 NIC and 2 IPs.
The first IP is to access internet, the second
is for the ISP's LAN.
Unfortunately I have internet, but no access to
the other network.
I made a
In response to George Vanev [EMAIL PROTECTED]:
On 2/8/07, Bill Moran [EMAIL PROTECTED] wrote:
In response to George Vanev [EMAIL PROTECTED]:
I have FreeBSD 6.2 box with 1 NIC and 2 IPs.
The first IP is to access internet, the second
is for the ISP's LAN.
Unfortunately I have
Nothing? You're able to arp 192.168.64.1 and 192.168.64.3, can you ping
them?
Since you have an RFC-1918 address on both the inside and the outside, I
assume you're running nat on this machine to translate internal machine
traffic. It looks like you have all the routes you need, so my
On Thu, Feb 08, 2007 at 12:10:07PM +0200, George Vanev wrote:
I have FreeBSD 6.2 box with 1 NIC and 2 IPs.
The first IP is to access internet, the second
is for the ISP's LAN.
Unfortunately I have internet, but no access to
the other network.
We need network IP configuration details; ie
In answer to my own question. When I disable the firewall on the server
the routing issue is instantly resolved. However for 90% of the time
the firewall runs without any apparent problems... I will start a new
thread of conversation and ask my now firewall related problem. Sorry
for my
Gustafson, Tim wrote:
I know it can be done. I have a feeling that the FreeBSD TCP
stack lacks the capability.
If you are looking for multiple routes to the same destination, you are
correct. I believe that if you see the thread on net@ from 03/01/04
with the subject My planned work on
Im confused.. if you have two T1s, then are using /30s dor the ranges? If
so.. what about not giving a default gateway for either one and just add
routes...
Are you attempting utilize this as just a router.?
Theres a section that covers setting up routing on interfaces in the
handbook:
PROTECTED]
Subject: Re: Routing Problem
Im confused.. if you have two T1s, then are using /30s dor the ranges?
If
so.. what about not giving a default gateway for either one and just add
routes...
Are you attempting utilize this as just a router.?
Theres a section that covers setting up routing
? I guess I am not fully understanding your
configuration ...
T.
- Original Message -
From: Gustafson, Tim [EMAIL PROTECTED]
To: Thomas Foster [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Wednesday, February 02, 2005 4:06 AM
Subject: RE: Routing Problem
Thomas,
No, I'm not using
PROTECTED]
(516) 379-0001 Office
(516) 480-1870 Mobile/Emergencies
(516) 908-4185 Fax
http://www.meitech.com/
-Original Message-
From: Thomas Foster [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 02, 2005 7:57 AM
To: Gustafson, Tim
Cc: [EMAIL PROTECTED]
Subject: Re: Routing Problem
Hi Tim
: RE: Routing Problem
Thomas (and John too),
Let me clarify a little bit.
What I have is this:
A single FreeBSD web server with a single NIC in it
Two T1 routers, each with a different subnet.
My FreeBSD box has two IP addresses assigned to it, one from the first
subnet and one from the second subnet
You should add on your router the following routes
192.168.1.0/24
192.168.2.0/24
with gateway 192.168.0.2 (interface firewall)
Your router doesn't know where to return the packets to.
And your firewall needs to route 0.0.0.0 to 192.168.0.1 (router interface)
Your CIDR is good.
These changes
- Original Message -
From: James P. Howard, II [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, June 29, 2004 2:57 PM
Subject: Routing problem in IPv4/IPSec VPN environment
As a personal favor, I am building a VPN for a small business. I
have chosen FreeBSD for this due to
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html
Essentially, once the gif tunnel has been established you just need to
add an additional route for the specific gif interface from each server
to the other's remote subnet using the external IP of the remote subnet
as the
LAN clients can access boh gateway interfaces by hostname and IP. Clients
are
setup to use 192.168.1.2 for DNS, and 192.168.1.2 uses 192.168.1.1 for DNS.
I cannot get any traffic to reach (let alone pass) the DSL modem from the
clients.
I have tried this with the FreeBSD gateway, a
This setup appears a little confusing. Does your ISP give you a static
or dynamic IP address to the internet? It would also help to see the
interface configuration info in your rc.conf file.
generally speaking, your external interface should have the ip address
assigned by your isp, not a
Lokken
From: Clayton F [EMAIL PROTECTED]
To: joshua lokken [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Subject: Re: Routing problem
Date: Mon, 8 Dec 2003 12:52:47 -0800
This setup appears a little confusing. Does your ISP give you a static or
dynamic IP address to the internet? It would also help
From which interface? Try these:
ping google.com
(that will ping using the external interface)
ping -S 10.0.0.1 google.com
(that will ping using the internal interface)
If one works, but not the other, post your firewall
rules and natd command line.
Hello,
The FreeBSD machine is simply passing
[EMAIL PROTECTED] wrote:
I have a friend with a cisco 827 adsl router. It has config hassles but
when that is sorted, we need to setup a freebsd box inside the cisco
router to handle a /29 block of ips. 3 questions...
I'm running an identical setup here - a Cisco 827, a /29, and a FreeBSD
HI and thanks,
Cool! I am OK with the fbsd stuff ipfilter ipnat etc. I garee it is nice.
The small matter of the cisco thing...hmmm!
OK...so would it be ok to ask another question or 2 later if today is bad?
I need to know how to bridge the /29 on the cisco.
does it mean I simply install static
Thx everybody.
Problem solved.
/Hasse.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message
Steve
SB
Sorry, will offcourse do.
I just removed the line and the problem was gone.
Subject: Re: Re: Routing problem ?
Date: Thursday 20 March 2003 21.37
From: Joshua Lokken [EMAIL PROTECTED]
To: Hasse [EMAIL PROTECTED]
* Hasse ([EMAIL PROTECTED]) wrote:
== blanktime=3000
fix, it would be
== SB appreciated.
== SB
== SB Tks.
== SB
== SB Steve
== SB
== Sorry, will offcourse do.
== I just removed the line and the problem was gone.
==
== Subject: Re: Re: Routing problem ?
== Date: Thursday 20 March 2003 21.37
== From: Joshua Lokken [EMAIL PROTECTED
On Thursday 20 March 2003 17.54, Steve Bertrand wrote:
SB Hi everybody.
SB I have small network at home with two machines connected to the net
SB via ADSL. That means Dynamic IP, though not changing very often.
SB -
SB odin.swedehost.com running FreeBSD 4.8-RC #0 Sun Mar 16
Hi everybody.
I have small network at home with two machines connected to the net
via ADSL. That means Dynamic IP, though not changing very often.
-
odin.swedehost.com running FreeBSD 4.8-RC #0 Sun Mar 16 2003
Two NICs. xl0 DHCP and NAT-interface, acting as a gateway, doing
On Fri, Feb 21, 2003 at 09:24:44PM +0200, molotov wrote:
I have a little problem with my home network. I had a Linux router
before and now I have FreeBSD set up and running on the same box.
The problem is, that I don't know what manual could speak about
that kind of routing: there are three
twig les wrote:
Hey all, I have a 4.7 release box that needs to cvsup
its ports. The problem is that this box never sees
the outside world normally; it does IDS on an IP-less
interface and of course has a backnet interface. So
basically I added a temporary IP address to this box,
edited my
today i tried to setup 4.7 gateway. It hastwo NICs (rl0 and rl1) on
different subnets (rl0 = 192.168.0.66, rl1 = 192.168.1.2). The rl0 is
connected to a cable-modem and gets an other IP (213.209.66.214) after
booting.
After playing with routes, i can ping outside, can ping rl0 and rl1 and
52 matches
Mail list logo