Problem(s) resolving names with natd/ipfw.

Jose Albores josealbores at yahoo.com
Sat Sep 13 21:57:51 PDT 2003 

The problem summary is as follows:
I'm setting up a very simple LAN at home using only
two machines with fixed private ip addresses either.
The FreeBSD gateway is connected to the internet
through my cablemodem ISP's modem.

The problem is that the Windows XP client CANNOT
access the Internet with alphabetic names (should be
called a DNS problem?) but it YES CAN do it with ip
addresses (numbers).

AFAIK (being a newbie in networking issues) it seems
that no problems arise from the gateway side after
"setting" up natd/ipfw.

>From the client, I can ping to numeric addresses
locally and outside. And (again using ip-numbers) I
can telnet to my pop server's 110 port. But not with
"names".
The (gateway) server has NO problems with alphabetic
addresses. Neither pinging the local network nor with
the internet.

Maybe I forgot some "flag" for natd in my
/etc/rc.conf?
Is/are there other option/s in my kernel-configuration
file needeed?
Any hint will be appreciated. Please feel free to ask
for any necessary info.


These are the "details".
It's my first job with networks, and the scenario is
as follows:
The server:
   · Pentium 233 MMX.
   · OS: FreeBSD 4.8-RELEASE. Alternating with Win 98
for testing.
   · dc0: interfase to my cablemodem ISP.
   · vr0: interfase to my local network connected to a
hub.

The client:
   · AMD athlon xp 2.0 Ghz.
   · OS: Windows XP.
Adding DNS servers to the network config in the client
didn't solve the problem.
BTW it's not necessary to add DNS entries when the
server boots with Win 98 + Microsoft's ICS.

On the server side, I built a new kernel with (all?)
the necessary options:
   · The GENERIC kernel, adding:
   options 	IPDIVERT
   options 	IPFIREWALL
   options 	IPFIREWALL_VERBOSE
   options 	IPFIREWALL_VERBOSE_LIMIT=200
   options 	IPFIREWALL_DEFAULT_TO_ACCEPT

The /etc/hosts file has three entries:
127.0.0.1 localhost  localhost.homenet.org
192.168.0.1 david    david.homenet.org
192.198.0.2 goliath  goliath.homenet.org

My /etc/resolv.conf has been automagically generated
when first configured the interfases.
Maybe? it updates on every boot.

And my networking-related lines in /etc/resolv.conf
are as follows:
--- Begin of /etc/rc.conf ---
hostname="david.homenet.org"
# [...] chunking a few not-networking lines...
ifconfig_dc0="DHCP"
ifconfig_vr0="inet 192.168.0.1	netmask 255.255.255.0"
gateway_enable="YES"
firewall_enable="YES"
firewall_type="OPEN"
firewall_script="/etc/my.rc.firewall"
#firewall_script="/etc/rc.firewall" ### did not work
either!!!
natd_enable="YES"
natd_interface="dc0"
natd_flags=""
--- End of /etc/rc.conf ---


The COMPLETE /etc/my.rc.firewall is extremely simple:
--- Begin ---
#!/bin/sh
/sbin/ipfw -f flush
/sbin/ipfw add divert natd all from any to any via dc0
/sbin/ipfw add pass all from any to any
--- End ---
Testing "blindly" the /etc/rc.firewall also did not
work.
Learning ipfw secrets will be left for the immediate
future ;o))).


TIA.
--
José Albores - <josealbores at yahoo.com>

------------
Internet GRATIS es Yahoo! Conexión
4004-1010 desde Buenos Aires. Usuario: yahoo; contraseña: yahoo
Más ciudades: http://conexion.yahoo.com.ar

More information about the freebsd-questions mailing list