Re: NAT Dropping Internal Connection
On 27/06/03 10:43 -0300, Han Hwei Woo wrote: > Is there any reason you are running both ipfw + ipfilter? Although they > probably should play nice together, it might be best not to tempt fate, > especially when you're experiencing problems. Also, are you using ipnat or > natd to perform NAT? I tried taking IPDIVERT out of my kernel, but that killed NAT, so I had to revert to the old kernel. I'm still playing with it. I had been told that running both IPFIREWALL and IPDIVERT was unecessary. I am running natd to perform NAT (with the -dynamic flag). -j > > - Original Message - > From: "Jeremy Bingham" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, June 25, 2003 4:16 PM > Subject: Re: NAT Dropping Internal Connection > > On 25/06/03 14:39 -0400, FBSD_User wrote: > > Sounds like hardware problem with the switch or hub on your LAN. > > Rebooting the machine makes the NAT stuff work again. Could the hub > still be a problem in that case? > > -j > > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] Behalf Of Jeremy > > Bingham > > Sent: Wednesday, June 25, 2003 2:25 PM > > To: [EMAIL PROTECTED] > > Subject: NAT Dropping Internal Connection > > > > I have a P-200 running 4.8-STABLE running as a NAT box at home. It > > runs > > well, except that periodically it will drop it's connection on the > > internal side of the network. The external interface still works, > > but the > > internal machines can't ping the NAT box at all and the NAT box > > can't > > ping the internal machines. > > > > I've looked through the mailing lists and google for hints why this > > might be happening, but I can't find anything. /var/log/messages > > also > > reveals nothing. Here are the relevant kernel options: > > > > options IPFIREWALL > > options IPFIREWALL_FORWARD > > options IPFIREWALL_DEFAULT_TO_ACCEPT > > options IPDIVERT > > options IPFILTER > > options IPSTEALTH > > options RANDOM_IP_ID > > options TCP_DROP_SYNFIN > > > > Would any of those cause the problem, or is there a kernel option > > that > > I'm accidentally leaving off? > > > > Thanks, > > > > -Jeremy Bingham > > > > > > -- > > /* You are not expected to understand this. */ > > > > Captain_Tenille > > http://www.satanosphere.com/ > > [EMAIL PROTECTED] > > > > -- > > -- > /* You are not expected to understand this. */ > > Captain_Tenille > http://www.satanosphere.com/ > [EMAIL PROTECTED] > -- -- /* You are not expected to understand this. */ Captain_Tenille http://www.satanosphere.com/ [EMAIL PROTECTED] pgp0.pgp Description: PGP signature
Re: NAT Dropping Internal Connection
Is there any reason you are running both ipfw + ipfilter? Although they probably should play nice together, it might be best not to tempt fate, especially when you're experiencing problems. Also, are you using ipnat or natd to perform NAT? - Original Message - From: "Jeremy Bingham" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, June 25, 2003 4:16 PM Subject: Re: NAT Dropping Internal Connection On 25/06/03 14:39 -0400, FBSD_User wrote: > Sounds like hardware problem with the switch or hub on your LAN. Rebooting the machine makes the NAT stuff work again. Could the hub still be a problem in that case? -j > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Jeremy > Bingham > Sent: Wednesday, June 25, 2003 2:25 PM > To: [EMAIL PROTECTED] > Subject: NAT Dropping Internal Connection > > I have a P-200 running 4.8-STABLE running as a NAT box at home. It > runs > well, except that periodically it will drop it's connection on the > internal side of the network. The external interface still works, > but the > internal machines can't ping the NAT box at all and the NAT box > can't > ping the internal machines. > > I've looked through the mailing lists and google for hints why this > might be happening, but I can't find anything. /var/log/messages > also > reveals nothing. Here are the relevant kernel options: > > options IPFIREWALL > options IPFIREWALL_FORWARD > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPDIVERT > options IPFILTER > options IPSTEALTH > options RANDOM_IP_ID > options TCP_DROP_SYNFIN > > Would any of those cause the problem, or is there a kernel option > that > I'm accidentally leaving off? > > Thanks, > > -Jeremy Bingham > > > -- > /* You are not expected to understand this. */ > > Captain_Tenille > http://www.satanosphere.com/ > [EMAIL PROTECTED] > -- -- /* You are not expected to understand this. */ Captain_Tenille http://www.satanosphere.com/ [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: NAT Dropping Internal Connection
On 25/06/03 14:39 -0400, FBSD_User wrote: > Sounds like hardware problem with the switch or hub on your LAN. Rebooting the machine makes the NAT stuff work again. Could the hub still be a problem in that case? -j > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Jeremy > Bingham > Sent: Wednesday, June 25, 2003 2:25 PM > To: [EMAIL PROTECTED] > Subject: NAT Dropping Internal Connection > > I have a P-200 running 4.8-STABLE running as a NAT box at home. It > runs > well, except that periodically it will drop it's connection on the > internal side of the network. The external interface still works, > but the > internal machines can't ping the NAT box at all and the NAT box > can't > ping the internal machines. > > I've looked through the mailing lists and google for hints why this > might be happening, but I can't find anything. /var/log/messages > also > reveals nothing. Here are the relevant kernel options: > > options IPFIREWALL > options IPFIREWALL_FORWARD > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPDIVERT > options IPFILTER > options IPSTEALTH > options RANDOM_IP_ID > options TCP_DROP_SYNFIN > > Would any of those cause the problem, or is there a kernel option > that > I'm accidentally leaving off? > > Thanks, > > -Jeremy Bingham > > > -- > /* You are not expected to understand this. */ > > Captain_Tenille > http://www.satanosphere.com/ > [EMAIL PROTECTED] > -- -- /* You are not expected to understand this. */ Captain_Tenille http://www.satanosphere.com/ [EMAIL PROTECTED] pgp0.pgp Description: PGP signature
Re: NAT Dropping Internal Connection
On 25/06/03 13:34 -0500, Gene Bomgardner wrote: > > Check IP addresses. Do you use dhcp? Is the f-bsd box the server? I've had > this problem when dhcpd stopped and the windoze machines assigned their own > ip's I have to use dhcp on the external interface, but the internal interfaces use static IPs. The address is theoretically dynamic but it never seems to actually change. Also, while one of the boxes on the internal network is a dual boot Win2K/FreeBSD 5.1 box, the others are two Suns and a Mac. I've been ssh'ed into the box, noticed that it had lost the connections with the interal boxes, rebooted it remotely, and it worked again. > > What else is going on on the F-BSD box? Not much. I just use it as a NAT box mostly and ssh into it occasionally. > > Kernel options seem ok. > > I also had a firewl problem at one time and had to completely re-install it. > The divert wasn't getting loaded. > > Good luck. > > Gene Hope this info sheds some light on it. -j -- /* You are not expected to understand this. */ Captain_Tenille http://www.satanosphere.com/ [EMAIL PROTECTED] pgp0.pgp Description: PGP signature
