Re: help gateway 4.8
yeah KEn you're right yeahhh is this problem but get another and my weak point ( I am newbie ) in my adsl - ext-router(tp-link-TL-WR541G) set up like this (STATIC ROUTE) ip:192.168.0.1 mask255.255.255.0 gateway 192.168.1.101 and nothing soon I'll be crazy not to set it up i dont know, One thing I have done wrong ADSL (router ext) 192.168.1.1 ( cable 1 ) | | xl0 192.168.1.101 ( cable 1) gatewayopenbsd4.8- xl1 192.168.0.1( cable 2) | | Client 192.168.0.10 ( cable 2) * I'm guessing the ADSL router is a typical NAT router, and that your OpenBSD router is *not* configured for NAT. as a result, the ADSL router is seeing outbound packets from 192.168.0.10, but doesn't know how to deliver the inbound responses. it knows that the 192.168.1/24 network is reachable via one of its own LAN ports, but I'm guessing that it doesn't know how to reach the 192.168.0/24 network. you need a static route defined on the ADSL router telling it that for the 192.168.0/24 network, the next hop router is at 192.168.1.101. -ken
Re: help gateway 4.8
Kenneth Gober kgo...@gmail.com wrote: I'm guessing the ADSL router is a typical NAT router, and that your OpenBSD router is *not* configured for NAT. as a result, the ADSL router is seeing outbound packets from 192.168.0.10, but doesn't know how to deliver the inbound responses. it knows that the 192.168.1/24 network is reachable via one of its own LAN ports, but I'm guessing that it doesn't know how to reach the 192.168.0/24 network. you need a static route defined on the ADSL router telling it that for the 192.168.0/24 network, the next hop router is at 192.168.1.101. Your guess is incorrect given the facts in this case. In the first mail david showed a pf ruleset which had: match out on egress inet from ! (egress:network) to any nat-to (egress:0) round-robin He also showed that the client can't reach the OpenBSD gateway so the traffic never gets to the ADSL modem. For refrence see: http://marc.info/?l=openbsd-miscm=129122248900549w=2
Re: help gateway 4.8
hi, dear friend both cables ( cable 1 and 2 ) are crossover and is conectic like this, and no internet in client, help please ADSL (router ext) 192.168.1.1 ( cable 1 ) | | xl0 192.168.1.101 ( cable 1) gatewayopenbsd4.8- xl1 192.168.0.1( cable 2) | | Client 192.168.0.10 ( cable 2) * 2010/12/2, Jan Johansson janj+open...@wenf.org: david carrasco dacar...@gmail.com wrote: answer your question, i believe the problern is static routing setting on all cable is okey please help, with set up static client,gateway, and router (dsl ext) On gateway start tcpdump -i xl1 gateway.my.domain (192.168.0.1) at 00:60:97:be:ca:2a on xl1 static ? (192.168.1.1) at 00:1d:0f:fc:95:de on xl0 * then on client start ping 192.168.0.1. Do you see the packets? / --- 192.168.0.1 ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss /// After you stop the ping run arp -a on both client and gateway. Do you see an entry for the other host? in gateway gateway.my.domain (192.168.0.1) at 00:60:97:be:ca:2a on xl1 static ? (192.168.1.1) at 00:1d:0f:fc:95:de on xl0 in client /// nothing out screen /// I am having a hard time following what you are saying. On the gateway run ping 192.168.0.10 when you stop that run arp -a in the output you should see one of thease lines: This one means your layer 2 such as cable is broken. ? (192.168.0.10) at (incomplete) on xl1 This one means your layer 3 such as packet filter is broken. ? (192.168.0.10) at 00:0c:76:bb:00:5a on xl1 But as another subscriber noted: vr0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 media: Ethernet autoselect (none) status: no carrier and xl1: flags=8a43UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 media: Ethernet autoselect (none) status: no carrier which means neither your gateway or your client has a working cable. Are you using a switch or are these machines connected to each other with a direct cable? If you are using a direct cable you will need a crossover cable as 100baseTX does not support auto MDI/MDI-X.
Re: help gateway 4.8
On Fri, Dec 3, 2010 at 8:02 PM, david carrasco dacar...@gmail.com wrote: hi, dear friend both cables ( cable 1 and 2 ) are crossover and is conectic like this, and no internet in client, help please ADSL (router ext) 192.168.1.1 ( cable 1 ) | | xl0 192.168.1.101 ( cable 1) gatewayopenbsd4.8- xl1 192.168.0.1( cable 2) | | Client 192.168.0.10 ( cable 2) I'm guessing the ADSL router is a typical NAT router, and that your OpenBSD router is *not* configured for NAT. as a result, the ADSL router is seeing outbound packets from 192.168.0.10, but doesn't know how to deliver the inbound responses. it knows that the 192.168.1/24 network is reachable via one of its own LAN ports, but I'm guessing that it doesn't know how to reach the 192.168.0/24 network. you need a static route defined on the ADSL router telling it that for the 192.168.0/24 network, the next hop router is at 192.168.1.101. -ken
Re: help gateway 4.8
david carrasco dacar...@gmail.com wrote: hi, dear friend both cables ( cable 1 and 2 ) are crossover and is conectic like this, and no internet in client, help please From the ifconfig output it is obvious that there is a problem with cable 2. It is either the cable or the network interface card. They should har lights that should be lit when everything is corret. For instance are the lights the same on both of xl0 and xl1? There could also be some kind of issue with auto negotiation. Do you have any other network equipment at hand that you can use to check the cable and network cards? Are you really sure you are using cross over cables? In my experience ADSL Modems are made like a switch and therefor has no problem beeing connected to a host directly. Your other connection is between hosts and therefor (in the 100MBit case) must use a special cable. You can use http://en.wikipedia.org/wiki/Ethernet_crossover_cable to verify that you have an crossover cable.
Re: help gateway 4.8
* dhcpd **
# $OpenBSD: dhcpd.conf,v 1.2 2008/10/03 11:41:21 sthen Exp $
#
# DHCP server options.
# See dhcpd.conf(5) and dhcpd(8) for more information.
#
# Network:192.168.1.0/255.255.255.0
# Domain name:my.domain
# Name servers: 192.168.1.3 and 192.168.1.5
# Default router: 192.168.1.1
# Addresses: 192.168.1.32 - 192.168.1.127
#
option domain-name my.domain;
option domain-name-servers 192.168.1.1;
subnet 192.168.0.0 netmask 255.255.255.0 {
option routers 192.168.0.1;
range 192.168.0.32 192.168.0.127;
}
network 192.168.0.0/24 for client
*** var_log_messages **
Dec 1 00:31:33 gateway dhcpd[21708]: Can't listen on xl1 - dhcpd.conf
has no subnet declaration for 192.168.0.1.
Dec 1 00:31:33 gateway dhcpd[21708]: No interfaces to listen on.
Dec 1 00:31:33 gateway dhcpd[21708]: exiting.
xl1: flags=8a43UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST mtu 1500
lladdr 00:60:97:be:ca:2a
priority: 0
media: Ethernet autoselect (none) -- cable problem
status: no carrier --- cable problem
inet 192.168.0.1 netmask 0xff00 broadcast 192.168.0.255
inet6 fe80::260:97ff:febe:ca2a%xl1 prefixlen 64 scopeid 0x2
thanks
Re: help gateway 4.8
answer your question, i believe the problern is static routing setting on all cable is okey please help, with set up static client,gateway, and router (dsl ext) On gateway start tcpdump -i xl1 gateway.my.domain (192.168.0.1) at 00:60:97:be:ca:2a on xl1 static ? (192.168.1.1) at 00:1d:0f:fc:95:de on xl0 * then on client start ping 192.168.0.1. Do you see the packets? / --- 192.168.0.1 ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss /// After you stop the ping run arp -a on both client and gateway. Do you see an entry for the other host? in gateway gateway.my.domain (192.168.0.1) at 00:60:97:be:ca:2a on xl1 static ? (192.168.1.1) at 00:1d:0f:fc:95:de on xl0 in client /// nothing out screen /// 2010/12/2, Jan Johansson janj+open...@wenf.org: david carrasco dacar...@gmail.com wrote: Greetings to all good I hope to help me I followed the manual gateway-firewall openbsd 4.8 but still can not get or have no internet Conexxion client ADSL (router ext) 192.168.1.1 | | xl0 192.168.1.101 gatewayopenbsd4.8- xl1 192.168.0.1 | | Client 192.168.0.10 On gateway start tcpdump -i xl1 then on client start ping 192.168.0.1. Do you see the packets? After you stop the ping run arp -a on both client and gateway. Do you see an entry for the other host? If the answer to thease questions are No then you have a layer two (or below) problem. Check cabling, vlan configuration and such. It the answer to thease questions are Yes then you have a layer three (or above) problem. Check your packet filters.
Re: help gateway 4.8
david carrasco dacar...@gmail.com wrote: answer your question, i believe the problern is static routing setting on all cable is okey please help, with set up static client,gateway, and router (dsl ext) On gateway start tcpdump -i xl1 gateway.my.domain (192.168.0.1) at 00:60:97:be:ca:2a on xl1 static ? (192.168.1.1) at 00:1d:0f:fc:95:de on xl0 * then on client start ping 192.168.0.1. Do you see the packets? / --- 192.168.0.1 ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss /// After you stop the ping run arp -a on both client and gateway. Do you see an entry for the other host? in gateway gateway.my.domain (192.168.0.1) at 00:60:97:be:ca:2a on xl1 static ? (192.168.1.1) at 00:1d:0f:fc:95:de on xl0 in client /// nothing out screen /// I am having a hard time following what you are saying. On the gateway run ping 192.168.0.10 when you stop that run arp -a in the output you should see one of thease lines: This one means your layer 2 such as cable is broken. ? (192.168.0.10) at (incomplete) on xl1 This one means your layer 3 such as packet filter is broken. ? (192.168.0.10) at 00:0c:76:bb:00:5a on xl1 But as another subscriber noted: vr0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 media: Ethernet autoselect (none) status: no carrier and xl1: flags=8a43UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 media: Ethernet autoselect (none) status: no carrier which means neither your gateway or your client has a working cable. Are you using a switch or are these machines connected to each other with a direct cable? If you are using a direct cable you will need a crossover cable as 100baseTX does not support auto MDI/MDI-X.
help gateway 4.8
Greetings to all good I hope to help me I followed the manual gateway-firewall openbsd 4.8 but still can not get or have no internet Conexxion client ADSL (router ext) 192.168.1.1 | | xl0 192.168.1.101 gatewayopenbsd4.8- xl1 192.168.0.1 | | Client 192.168.0.10 I have attached a number of client files and gateway (route, ping, pf, dhcp, rc, sysctl, messages, dmesg, etc) of configuration. Grateful for your help I hope is that your experience would be helpful to this newbie [demime 1.01d removed an attachment of type application/rar which had a name of gateway.rar] [demime 1.01d removed an attachment of type application/rar which had a name of cliente.rar]
Re: help gateway 4.8
Greetings to all good I hope to help me I followed the manual gateway-firewall openbsd 4.8 but still can not get or have no internet Conexxion client ADSL (router ext) 192.168.1.1 | | xl0 192.168.1.101 gatewayopenbsd4.8- xl1 192.168.0.1 | | Client 192.168.0.10 I have attached a number of client files and gateway (route, ping, pf, dhcp, rc, sysctl, messages, dmesg, etc) of configuration. Grateful for your help I hope is that your experience would be helpful to this newbie / INFORMATION GATEWAY / dmesg** OpenBSD 4.8 (RAMDISK_CD) #89: Mon Aug 16 09:24:20 MDT 2010 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/RAMDISK_CD cpu0: Intel Pentium III (GenuineIntel 686-class, 128KB L2 cache) 632 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PSE36,MMX,FXSR,SSE real mem = 199585792 (190MB) avail mem = 189444096 (180MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/07/01, BIOS32 rev. 0 @ 0xfda74, SMBIOS rev. 2.3 @ 0xf0ea0 (55 entries) bios0: vendor Intel Corp. version A11 date 03/07/2001 bios0: Dell Computer Corporation L800C apm0 at bios0: Power Management spec V1.2 acpi at bios0 function 0x0 not configured pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf2f30/192 (10 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xc000 0xcc000/0x800 cpu0 at mainbus0: (uniprocessor) pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82810 Host rev 0x03 vga1 at pci0 dev 1 function 0 Intel 82810 Video rev 0x03 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) ppb0 at pci0 dev 30 function 0 Intel 82801AA Hub-to-PCI rev 0x02 pci1 at ppb0 bus 1 xl0 at pci1 dev 8 function 0 3Com 3c905C 100Base-TX rev 0x30: irq 11, address 00:01:03:e8:38:4b ukphy0 at xl0 phy 24: Generic IEEE 802.3u media interface, rev. 0: OUI 0x00601d, model 0x0035 xl1 at pci1 dev 9 function 0 3Com 3c905 100Base-TX rev 0x00: irq 10, address 00:60:97:be:ca:2a nsphy0 at xl1 phy 24: DP83840 10/100 PHY, rev. 1 ichpcib0 at pci0 dev 31 function 0 Intel 82801AA LPC rev 0x02: 24-bit timer at 3579545Hz pciide0 at pci0 dev 31 function 1 Intel 82801AA IDE rev 0x02: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: QUANTUM FIREBALLlct20 10 wd0: 8-sector PIO, LBA, 9787MB, 20044080 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 atapiscsi0 at pciide0 channel 1 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: HP, CD-Writer+ 7500, 1.0a ATAPI 5/cdrom removable cd0(pciide0:1:1): using PIO mode 4, DMA mode 2 uhci0 at pci0 dev 31 function 2 Intel 82801AA USB rev 0x02: irq 9 Intel 82801AA SMBus rev 0x02 at pci0 dev 31 function 3 not configured isa0 at ichpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 Intel UHCI root hub rev 1.00/1.00 addr 1 biomask f3ed netmask ffed ttymask rd0: fixed, 3800 blocks softraid0 at root root on rd0a swap on rd0b dump on rd0b syncing disks... done rebooting... OpenBSD 4.8 (GENERIC) #136: Mon Aug 16 09:06:23 MDT 2010 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium III (GenuineIntel 686-class, 128KB L2 cache) 632 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PSE36,MMX,FXSR,SSE real mem = 199585792 (190MB) avail mem = 186396672 (177MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/07/01, BIOS32 rev. 0 @ 0xfda74, SMBIOS rev. 2.3 @ 0xf0ea0 (55 entries) bios0: vendor Intel Corp. version A11 date 03/07/2001 bios0: Dell Computer Corporation L800C apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown acpi at bios0 function 0x0 not configured pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf2f30/192 (10 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xc000 0xcc000/0x800 cpu0 at mainbus0: (uniprocessor) pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82810 Host rev 0x03 vga1 at pci0 dev 1 function 0 Intel 82810 Video rev 0x03 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0:
Re: help gateway 4.8
david carrasco dacar...@gmail.com wrote: Greetings to all good I hope to help me I followed the manual gateway-firewall openbsd 4.8 but still can not get or have no internet Conexxion client ADSL (router ext) 192.168.1.1 | | xl0 192.168.1.101 gatewayopenbsd4.8- xl1 192.168.0.1 | | Client 192.168.0.10 On gateway start tcpdump -i xl1 then on client start ping 192.168.0.1. Do you see the packets? After you stop the ping run arp -a on both client and gateway. Do you see an entry for the other host? If the answer to thease questions are No then you have a layer two (or below) problem. Check cabling, vlan configuration and such. It the answer to thease questions are Yes then you have a layer three (or above) problem. Check your packet filters.
