Re: arptables: unable to enter address
Aleksandar Milosevic wrote: J. Alfred Prufrock wrote: Also, I just noticed in my cable-modem box's configuration page that the WAN gateway is 24.145.134.65, which reverse dns shows to be user-0c931i1.cable.mindspring.com. Isn't it odd that my gateway is another user rather than the ISP? Should I be worried about all this? Yes, you should. Is it staticly configured or obtained from ISP's dhcp I called my ISP, and this is apparently one of their servers. I don't know why it's called user-whatever. So all is well on that front. Regarding the original issue (arptables: unable to enter address): I unhooked the ISP's (misconfigured) Motorola modem and hooked up my own cable-modem, and haven't had any problems. No more arptables errors. Thanks for all your help, guys. J
Re: arptables: unable to enter address, TCPDUMP
On Sunday 04 February 2007 23:27, J. Alfred Prufrock wrote: Darren Spruell wrote: Grab that exchange again with the -n flag to tcpdump. Include the MAC address(es) of the cable modem if you can get them. Here it is: 00:14:04.475261 arp who-has 192.168.0.10 tell 24.aaa.bbb.ccc 0001 0800 0604 0001 000b 06bc 7b0e 1891 8674 c0a8 000a 1102 2234 c0a8 6401 008a 00bb 2046 4445 00:14:04.475348 arp reply 192.168.0.10 is-at 0:20:78:1f:0:af 0001 0800 0604 0002 0020 781f 00af c0a8 000a 000b 06bc 7b0e 1891 8674 1102 2234 c0a8 6401 008a 00bb 2046 4445 Did you mean get the MAC addresses from tcpdump? I didn't see the cable modem box's MAC addresses in the dump file. tcpdump -netttvvvSXi interfacename should show you something like Feb 05 06:18:35.971171 0:10:dc:9d:81:15 0:4:5a:5f:b8:3c 0800 194: 10.0.0.102.22 10.0.0.60.26730: P 1946239115:1946239243(128) ack 3135232539 win 17376 nop,nop,timestamp 3159846252 0 (DF) [tos 0x10] (ttl 64, id 24542, len 180) : 4510 00b4 5fde 4000 4006 c5b4 0a00 0066 [EMAIL PROTECTED]@.E4...f 0010: 0a00 003c 0016 686a 7401 408b badf da1b ...[EMAIL PROTECTED]:_Z. 0020: 8018 43e0 a708 0101 080a bc57 6d6c ..C`'...Wml 0030: 5b26 be71 94bb b227 4b4b ef77 [q.;2'KKow 0040: e860 3e7f 91ec 8b0f 5b60 1f0a 6ae9 d30c h`..l..[`..jiS. 0050: 61d1 aQ What is currently in your hostname.* files? Do you have your hostname.internal interface set up on the right subnet? You said everything was working properly, but is it possible that any of your internal hosts have an address on the wrong (meaning 192.168.0) subnet? By the way, regarding list etiquette, I am copying you because you had asked for that in an earlier message. I should not have included Darren and John, but what happened was that I did a Reply All, not noticing that you had sent the messages to those two folks as well. MAC address of OpenBSD PC's external NIC: 00:20:78:1f:00:af Two MAC addresses listed in cable-modem box's admin screen: 00:0B:06:BC:7B:0A (labelled Self) 00:0B:06:BC:7B:0E (labelled Learned). From the way they're labelled, I'm guessing the former is the cable- modem box's external address and the latter its internal address. Not sure how to confirm that guess. J !DSPAM:1,45c6cc73107621879814018! -- Vijay Sankar ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: +1 (204) 885-9535, E-Mail: [EMAIL PROTECTED]
Re: arptables: unable to enter address, TCPDUMP
Vijay Sankar wrote:
By the way, regarding list etiquette, I am copying you because you
had asked for that in an earlier message. I should not have included
Darren and John, but what happened was that I did a Reply All, not
noticing that you had sent the messages to those two folks as well.
Sorry for the misunderstanding, Vijay: I didn't mean you, I meant me.
Since this is my first time on the mailing lists, I wasn't sure whom
all I should be replying to.
Yes, I asked to be copied on all replies since I don't subscribe to
misc.
tcpdump -netttvvvSXi interfacename
should show you something like
Here it is:
Feb 05 11:59:06.601418 0:b:6:bc:7b:e ff:ff:ff:ff:ff:ff 0806 60: arp
who-has 192.168.0.10 tell 24.145.134.116
: 0001 0800 0604 0001 000b 06bc 7b0e 1891 ...{...
0010: 8674 c0a8 000a 1102 27b6 .t..@('6
0020: c0a8 6401 008a 00bb 2046 4445 @(d;.. FDE
Feb 05 11:59:06.601500 0:20:78:1f:0:af 0:b:6:bc:7b:e 0806 60: arp reply
192.168.0.10 is-at 0:20:78:1f:0:af
: 0001 0800 0604 0002 0020 781f 00af c0a8 . x../@(
0010: 000a 000b 06bc 7b0e 1891 8674 1102 27b6 .{t..'6
0020: c0a8 6401 008a 00bb 2046 4445 @(d;.. FDE
What is currently in your hostname.* files?
hostname.dc0 (external) is just dhcp.
hostname.fxp0 (internal) is:
inet 192.168.1.11 255.255.255.0 192.168.1.255
is it possible that any of your internal hosts have an address
on the wrong (meaning 192.168.0) subnet?
All the internal hosts are 192.168.1.*
Thanks again for your help, guys.
J
Re: arptables: unable to enter address, TCPDUMP
On Monday 05 February 2007 11:55, J. Alfred Prufrock wrote:
tcpdump -netttvvvSXi interfacename
should show you something like
Here it is:
Feb 05 11:59:06.601418 0:b:6:bc:7b:e ff:ff:ff:ff:ff:ff 0806 60: arp
who-has 192.168.0.10 tell 24.145.134.116
: 0001 0800 0604 0001 000b 06bc 7b0e 1891 ...{...
0010: 8674 c0a8 000a 1102 27b6 .t..@('6
0020: c0a8 6401 008a 00bb 2046 4445 @(d;.. FDE
Feb 05 11:59:06.601500 0:20:78:1f:0:af 0:b:6:bc:7b:e 0806 60: arp reply
192.168.0.10 is-at 0:20:78:1f:0:af
: 0001 0800 0604 0002 0020 781f 00af c0a8 . x../@(
0010: 000a 000b 06bc 7b0e 1891 8674 1102 27b6 .{t..'6
0020: c0a8 6401 008a 00bb 2046 4445 @(d;.. FDE
I checked the cable modem set up used by my kids and did not see this type of
behavior. I would have expected the tell address to be in the 192.168.0
subnet, not on the 24.x.x.x network. This to me indicates that there is a
subnet mask problem.
what happens if you try
dhcp NONE NONE NONE
in your hostname.dc0?
What is currently in your hostname.* files?
hostname.dc0 (external) is just dhcp.
hostname.fxp0 (internal) is:
inet 192.168.1.11 255.255.255.0 192.168.1.255
is it possible that any of your internal hosts have an address
on the wrong (meaning 192.168.0) subnet?
All the internal hosts are 192.168.1.*
Thanks again for your help, guys.
J
--
Vijay Sankar
ForeTell Technologies Limited
59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6
Phone: +1 (204) 885-9535, E-Mail: [EMAIL PROTECTED]
Re: arptables: unable to enter address, TCPDUMP
On 2/5/07, Vijay Sankar [EMAIL PROTECTED] wrote:
On Monday 05 February 2007 11:55, J. Alfred Prufrock wrote:
tcpdump -netttvvvSXi interfacename
should show you something like
Here it is:
Feb 05 11:59:06.601418 0:b:6:bc:7b:e ff:ff:ff:ff:ff:ff 0806 60: arp
who-has 192.168.0.10 tell 24.145.134.116
: 0001 0800 0604 0001 000b 06bc 7b0e 1891 ...{...
0010: 8674 c0a8 000a 1102 27b6 .t..@('6
0020: c0a8 6401 008a 00bb 2046 4445 @(d;.. FDE
This ARP request doesn't make sense. Your cable modem is asking for an
IP resolution on a different Ethernet segment than the address it
wants the reply sent back to. As Vijay pointed out, the device asking
for layer 2 / 3 address information should use the IP address on that
segment as the destination for the response.
Feb 05 11:59:06.601500 0:20:78:1f:0:af 0:b:6:bc:7b:e 0806 60: arp reply
192.168.0.10 is-at 0:20:78:1f:0:af
: 0001 0800 0604 0002 0020 781f 00af c0a8 . x../@(
0010: 000a 000b 06bc 7b0e 1891 8674 1102 27b6 .{t..'6
0020: c0a8 6401 008a 00bb 2046 4445 @(d;.. FDE
I checked the cable modem set up used by my kids and did not see this type of
behavior. I would have expected the tell address to be in the 192.168.0
subnet, not on the 24.x.x.x network. This to me indicates that there is a
subnet mask problem.
what happens if you try
dhcp NONE NONE NONE
in your hostname.dc0?
As per above, the tcpdump output suggests a more likely
misconfiguration of the cable modem rather than the BSD box.
DS
Re: arptables: unable to enter address, TCPDUMP
Darren Spruell wrote: As per above, the tcpdump output suggests a more likely misconfiguration of the cable modem rather than the BSD box. I'm starting to wonder if it's been deliberately (mis-)configured this way. Thinking to reconfigure the cable-modem box myself (as opposed to going with the settings the ISP put on it), I poked the reset button and found...nothing! It looks like the reset button has been removed! And I can't find a reset button in the web interface---that's probably Motorola's default setting. J
Re: arptables: unable to enter address
Also, I just noticed in my cable-modem box's configuration page that the WAN gateway is 24.145.134.65, which reverse dns shows to be user-0c931i1.cable.mindspring.com. Isn't it odd that my gateway is another user rather than the ISP? Should I be worried about all this? J
Re: arptables: unable to enter address
Aleksandar Milosevic wrote: What does 'arp -a' and 'netstat -nr -f inet' output on rock? # arp -a chadmin (192.168.0.1) at 00:0b:06:bc:7b:0d on dc0 becket.dyndns.org (192.168.1.12) at 00:07:e9:d6:ea:fd on fxp0 ? (192.168.1.32) at 00:0c:30:00:06:09 on fxp0 # netstat -nr -f inet Routing tables Internet: DestinationGatewayFlagsRefs UseMtu Interface default192.168.0.1UGS 0 501 - dc0 24.145.134.68 127.0.0.1 UGHS00 33224 lo0 24.145.134.116 127.0.0.1 UGHS00 33224 lo0 24.145.134.116/32 link#2 UC 00 - dc0 127/8 127.0.0.1 UGRS00 33224 lo0 127.0.0.1 127.0.0.1 UH 00 33224 lo0 192.168.0/24 link#2 UC 10 - dc0 192.168.0.100:0b:06:bc:7b:0d UHLc110338 - dc0 192.168.0.10 127.0.0.1 UGHS00 33224 lo0 192.168.1/24 link#1 UC 20 - fxp0 192.168.1.12 00:07:e9:d6:ea:fd UHLc210683 - fxp0 192.168.1.32 00:0c:30:00:06:09 UHLc0 83 - fxp0 224/4 127.0.0.1 URS 00 33224 lo0 I don't know what 24.145.134.68 is, or why it's in my routing table. Thanks, J
Re: arptables: unable to enter address, TCPDUMP
tcpdump -netttvvvSXi interfacename
should show you something like
Here it is:
Feb 05 11:59:06.601418 0:b:6:bc:7b:e ff:ff:ff:ff:ff:ff 0806 60: arp
who-has 192.168.0.10 tell 24.145.134.116
: 0001 0800 0604 0001 000b 06bc 7b0e 1891 ...{...
0010: 8674 c0a8 000a 1102 27b6 .t..@('6
0020: c0a8 6401 008a 00bb 2046 4445 @(d;.. FDE
Feb 05 11:59:06.601500 0:20:78:1f:0:af 0:b:6:bc:7b:e 0806 60: arp reply
192.168.0.10 is-at 0:20:78:1f:0:af
: 0001 0800 0604 0002 0020 781f 00af c0a8 . x../@(
0010: 000a 000b 06bc 7b0e 1891 8674 1102 27b6 .{t..'6
0020: c0a8 6401 008a 00bb 2046 4445 @(d;.. FDE
What is currently in your hostname.* files?
hostname.dc0 (external) is just dhcp.
hostname.fxp0 (internal) is:
inet 192.168.1.11 255.255.255.0 192.168.1.255
is it possible that any of your internal hosts have an address
on the wrong (meaning 192.168.0) subnet?
All the internal hosts are 192.168.1.*
What does 'arp -a' and 'netstat -nr -f inet' output on rock?
Re: arptables: unable to enter address
John wrote: And, as far as getting the obsd box to talk to the modem was concerned, that's it! There is other stuff involved in getting the box to talk to the lan and v/v. I found it useful getting just the box to work with the modem, it's not clear in your message if that is also your situation. Thanks for trying to help, John. I'm able to get the OpenBSD machine to talk to the cable-modem box. Almost everything works fine. The only problem is this repeated log message every fifteen minutes: Feb 3 15:13:58 rock /bsd: arplookup: unable to enter address for 24.aaa.bbb.ccc (24.aaa.bbb.ccc is the WAN address of the cable-modem box.) I don't know if this is serious. If it is, I'd like to solve it; if not, I'd like to turn it off. J
Re: arptables: unable to enter address
On 2/4/07, J. Alfred Prufrock [EMAIL PROTECTED] wrote: John wrote: And, as far as getting the obsd box to talk to the modem was concerned, that's it! There is other stuff involved in getting the box to talk to the lan and v/v. I found it useful getting just the box to work with the modem, it's not clear in your message if that is also your situation. Thanks for trying to help, John. I'm able to get the OpenBSD machine to talk to the cable-modem box. Almost everything works fine. The only problem is this repeated log message every fifteen minutes: Feb 3 15:13:58 rock /bsd: arplookup: unable to enter address for 24.aaa.bbb.ccc (24.aaa.bbb.ccc is the WAN address of the cable-modem box.) I don't know if this is serious. If it is, I'd like to solve it; if not, I'd like to turn it off. It's curious that the outside interface address on the cable modem is showing up for any reason on the internal network. If your modem is configured as a routing device, there's no reason you should see that. You might use tcpdump or similar on your internal network to determine what kind of traffic it relates to. Note also that figuring this out is a bit harder if you don't understand the overall architecture of what things are set up like now and how you want them to be set up in the end. Might help if you diagram it out, indicate IP addresses and subnets, and so on. DS
Re: arptables: unable to enter address, TCPDUMP
Darren Spruell wrote: It's curious that the outside interface address on the cable modem is showing up for any reason on the internal network. Right, this is what first puzzled me too. You might use tcpdump or similar on your internal network to determine what kind of traffic it relates to. tcpdump -vv -x -l results attached below. Might help if you diagram it out, indicate IP addresses and subnets, and so on. The setup right now: WAN -- (WAN 24.aaa.bbb.ccc) SBG1000 cable-modem (LAN 192.168.0.1) -- (dc0: 192.168.0.10) OpenBSD (rock) (fxp0: 192.168.1.11) -- other machines, phone, etc. I hope the diagram above is clear. Basically, the WAN talks to the SBG1000, which talks to the OpenBSD box, which talks to the inside machines. The two IPs on each box show inward and outward addresses. (I assume I shouldn't show my real IP or MAC addresses in public.) The entire setup works; it just gives me the following message: Feb 4 19:14:03 rock /bsd: arplookup: unable to enter address for 24.aaa.bbb.ccc The SBG1000 does NAT and runs a DHCP server. I tried turning those off so that the OpenBSD box would get its IP address directly from the ISP's server, but that didn't fix the problem: I still got the same arptables message, but with a different IP address. I just ran tcpdump; here's the line at which I get the error/warning/log message: 19:14:03.562039 arp who-has rock tell 24.aaa.bbb.ccc [Note: 24.aaa.bbb.ccc is the cable-modem box's WAN address.] 0001 0800 0604 0001 000b 06bc 7b0e 1891 8674 c0a8 000a 1102 1fdc c0a8 6401 008a 00bb 2046 4445 19:14:03.562118 arp reply rock is-at 00:11:22:33:44:55 [Note: 00:11:22:33:44:55 is the OpenBSD box's outward-facing NIC's MAC address.] 0001 0800 0604 0002 0020 781f 00af c0a8 000a 000b 06bc 7b0e 1891 8674 1102 1fdc c0a8 6401 008a 00bb 2046 4445 Thanks for trying to help, guys. J
Re: arptables: unable to enter address, TCPDUMP
On Sunday 04 February 2007 18:37, J. Alfred Prufrock wrote: Darren Spruell wrote: It's curious that the outside interface address on the cable modem is showing up for any reason on the internal network. Right, this is what first puzzled me too. Possibly a silly question -- how are you connecting the cable modem to your OpenBSD server's external interface? Are they all plugged into a switch or hub or are you using a cable from the external interface directly to the cable modem? You might use tcpdump or similar on your internal network to determine what kind of traffic it relates to. tcpdump -vv -x -l results attached below. Might help if you diagram it out, indicate IP addresses and subnets, and so on. The setup right now: WAN -- (WAN 24.aaa.bbb.ccc) SBG1000 cable-modem (LAN 192.168.0.1) -- (dc0: 192.168.0.10) OpenBSD (rock) (fxp0: 192.168.1.11) -- other machines, phone, etc. I hope the diagram above is clear. Basically, the WAN talks to the SBG1000, which talks to the OpenBSD box, which talks to the inside machines. The two IPs on each box show inward and outward addresses. (I assume I shouldn't show my real IP or MAC addresses in public.) The entire setup works; it just gives me the following message: Feb 4 19:14:03 rock /bsd: arplookup: unable to enter address for 24.aaa.bbb.ccc The SBG1000 does NAT and runs a DHCP server. I tried turning those off so that the OpenBSD box would get its IP address directly from the ISP's server, but that didn't fix the problem: I still got the same arptables message, but with a different IP address. I just ran tcpdump; here's the line at which I get the error/warning/log message: 19:14:03.562039 arp who-has rock tell 24.aaa.bbb.ccc [Note: 24.aaa.bbb.ccc is the cable-modem box's WAN address.] 0001 0800 0604 0001 000b 06bc 7b0e 1891 8674 c0a8 000a 1102 1fdc c0a8 6401 008a 00bb 2046 4445 19:14:03.562118 arp reply rock is-at 00:11:22:33:44:55 [Note: 00:11:22:33:44:55 is the OpenBSD box's outward-facing NIC's MAC address.] 0001 0800 0604 0002 0020 781f 00af c0a8 000a 000b 06bc 7b0e 1891 8674 1102 1fdc c0a8 6401 008a 00bb 2046 4445 Thanks for trying to help, guys. J !DSPAM:1,45c689a494861220213263! -- Vijay Sankar ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: +1 (204) 885-9535, E-Mail: [EMAIL PROTECTED]
Re: arptables: unable to enter address, TCPDUMP
On 2/4/07, J. Alfred Prufrock [EMAIL PROTECTED] wrote: tcpdump -vv -x -l results attached below. I just ran tcpdump; here's the line at which I get the error/warning/log message: 19:14:03.562039 arp who-has rock tell 24.aaa.bbb.ccc [Note: 24.aaa.bbb.ccc is the cable-modem box's WAN address.] 0001 0800 0604 0001 000b 06bc 7b0e 1891 8674 c0a8 000a 1102 1fdc c0a8 6401 008a 00bb 2046 4445 19:14:03.562118 arp reply rock is-at 00:11:22:33:44:55 [Note: 00:11:22:33:44:55 is the OpenBSD box's outward-facing NIC's MAC address.] 0001 0800 0604 0002 0020 781f 00af c0a8 000a 000b 06bc 7b0e 1891 8674 1102 1fdc c0a8 6401 008a 00bb 2046 4445 Grab that exchange again with the -n flag to tcpdump. Include the MAC address(es) of the cable modem if you can get them. DS
Re: arptables: unable to enter address, TCPDUMP
On 2/4/07, J. Alfred Prufrock [EMAIL PROTECTED] wrote: PS: I notice that when I reply-all to Vijay, Darren's and John's email addresses also show up. What's the etiquette here? Should I reply to just Vijay and misc, or to everyone whose address is included? Or will the list-manager automatically figure it out? Thanks. Depends on who you talk to. Some subscribers get really pissy when you email them on a mailing list reply because they're subscribed. But the list doesn't provide a Reply-To header either. I guess the assumption would be that the only reply needed can go to misc@ since everyone who needs to get it is subscribed, and if they're not they should be. DS
Re: arptables: unable to enter address, TCPDUMP
Vijay Sankar wrote: Possibly a silly question -- how are you connecting the cable modem to your OpenBSD server's external interface? Are they all plugged into a switch or hub or are you using a cable from the external interface directly to the cable modem? The external NIC connects directly to the cable modem. The internal NIC connects to a D-Link switch, and the inside machines (on the LAN, behind the OpenBSD box) also connect to the same switch. J PS: I notice that when I reply-all to Vijay, Darren's and John's email addresses also show up. What's the etiquette here? Should I reply to just Vijay and misc, or to everyone whose address is included? Or will the list-manager automatically figure it out? Thanks. The setup right now: WAN -- (WAN 24.aaa.bbb.ccc) SBG1000 cable-modem (LAN 192.168.0.1) -- (dc0: 192.168.0.10) OpenBSD (rock) (fxp0: 192.168.1.11) -- other machines, phone, etc. I hope the diagram above is clear. Basically, the WAN talks to the SBG1000, which talks to the OpenBSD box, which talks to the inside machines. The two IPs on each box show inward and outward addresses.
Re: arptables: unable to enter address, TCPDUMP
Darren Spruell wrote: Grab that exchange again with the -n flag to tcpdump. Include the MAC address(es) of the cable modem if you can get them. Here it is: 00:14:04.475261 arp who-has 192.168.0.10 tell 24.aaa.bbb.ccc 0001 0800 0604 0001 000b 06bc 7b0e 1891 8674 c0a8 000a 1102 2234 c0a8 6401 008a 00bb 2046 4445 00:14:04.475348 arp reply 192.168.0.10 is-at 0:20:78:1f:0:af 0001 0800 0604 0002 0020 781f 00af c0a8 000a 000b 06bc 7b0e 1891 8674 1102 2234 c0a8 6401 008a 00bb 2046 4445 Did you mean get the MAC addresses from tcpdump? I didn't see the cable modem box's MAC addresses in the dump file. MAC address of OpenBSD PC's external NIC: 00:20:78:1f:00:af Two MAC addresses listed in cable-modem box's admin screen: 00:0B:06:BC:7B:0A (labelled Self) 00:0B:06:BC:7B:0E (labelled Learned). From the way they're labelled, I'm guessing the former is the cable- modem box's external address and the latter its internal address. Not sure how to confirm that guess. J
arptables: unable to enter address
Hi guys, I recently switched ISPs, and my new ISP (Time-Warner) gave me a Motorola SBG1000 cable-modem box. My OpenBSD machine, which used to connect directly to my old ISP's servers, is now behind this box. I'm running a GENERIC 4.0 kernel which has never had any problems with my hardware. My problem now is that every fifteen minutes I get the following message on my console as well as in /var/log/messages: Feb 3 15:13:58 rock /bsd: arplookup: unable to enter address for 24.aaa.bbb.ccc 24.aaa.bbb.ccc is the SBG1000's WAN address. Its LAN address is 192.168.0.1, and my OpenBSD machine's address on the attached NIC (dc0) is 192.168.0.10. This machine functions as my LAN router and firewall, so it has another NIC (fxp0) whose address is 192.168.1.11. After looking around on misc, I tried the following: arp -s 24.aaa.bbb.ccc 00:11:22:33:44:55 pub where 00:11:22:33:44:55 is the MAC address of the Motorola box's WAN-facing NIC. This gives me: cannot intuit interface index and type for 24.aaa.bbb.ccc I don't really know arp, so I'm wary of poking around any further. I also tried getting the Motorola box not to do NAT, so my machine then gets its IP address directly from the ISP's DHCP server instead of the Motorola box's DHCP server. I still get the same message, but with a different IP address (10.something). Following a post on misc, I tried to set my hostname.dc0 as follows: dhcp inet alias 24.aaa.bbb.ccc 255.255.255.0 24.aaa.bbb.255 Now when I run /etc/netstart I get: duplicate IP address 24.aaa.bbb.ccc sent from ethernet address 00:11:22:33:44:55 where, again, 00:11:22:33:44:55 is one of the Motorola box's MAC addresses. As is probably obvious, I don't know much about networking, so I'm really shooting in the dark here and getting increasingly uncomfortable with it. Any ideas? Thanks, J PS: Please cc me on any replies since I'm not subscribed to misc. Thanks.
Re: arptables: unable to enter address
On Sat, Feb 03, 2007 at 03:31:08PM -0500, J. Alfred Prufrock wrote: Hi guys, I recently switched ISPs, and my new ISP (Time-Warner) gave me a Motorola SBG1000 cable-modem box. My OpenBSD machine, which used to connect directly to my old ISP's servers, is now behind this box. I'm running a GENERIC 4.0 kernel which has never had any problems with my hardware. Yeah, I've got one of those or similar. I'm using it with openbsd doing firewalling and NAT. My problem now is that every fifteen minutes I get the following message on my console as well as in /var/log/messages: Feb 3 15:13:58 rock /bsd: arplookup: unable to enter address for 24.aaa.bbb.ccc 24.aaa.bbb.ccc is the SBG1000's WAN address. Its LAN address is 192.168.0.1, and my OpenBSD machine's address on the attached NIC (dc0) is 192.168.0.10. This machine functions as my LAN router and firewall, so it has another NIC (fxp0) whose address is 192.168.1.11. After looking around on misc, I tried the following: arp -s 24.aaa.bbb.ccc 00:11:22:33:44:55 pub where 00:11:22:33:44:55 is the MAC address of the Motorola box's WAN-facing NIC. This gives me: cannot intuit interface index and type for 24.aaa.bbb.ccc I don't really know arp, so I'm wary of poking around any further. I also tried getting the Motorola box not to do NAT, so my machine then gets its IP address directly from the ISP's DHCP server instead of the Motorola box's DHCP server. I still get the same message, but with a different IP address (10.something). My setup goes like this: modem -- obsd (xl0) -- LANs (xl1 and xl2) on obsd I have in hostname.xl0 just the following: dhcp none none none I made sure NAT and DHCP was turned off the modem via the web interface. And, as far as getting the obsd box to talk to the modem was concerned, that's it! There is other stuff involved in getting the box to talk to the lan and v/v. I found it useful getting just the box to work with the modem, it's not clear in your message if that is also your situation. -- John
