need help pls asap

Ash omniBSD at speakeasy.net
Sat Apr 23 06:57:20 PDT 2005 

angelito munez wrote:
> hi guys..
> ok.. this is actually the problem.. the isp give us a public ip.. then it was assigned to the ADSL router.. then at the router, DCHP is enabled... so this means that my freebsd box is inside a private network with ip 172.16.16.2.. router has the private ip 172.16.16.1.. the router itself is doing a NAT because it has a real ip of 62.215.85.228... now what i want to do is to make another private network with the freebsd as their gateway so that i can make some rules for this network.. and this should also act as their firewall.. now i have already configured the 2 network interfaces which is vr1 (172.16.16.2 -> for the router's network) and vr0 (192.168.0.1 -> for another private network)... now i can ping outside addresses such as yahoo via vr1.. i can also ping 172.16.16.1(my freebsd's gateway) and 192.168.0.1.. the problem is i have one host in my private network having an ip of 192.168.0.2 and i can't ping this host.. what is the problem? i dont have any firewall rules t
o 
>  block
>  any network.. i even add "ipfw 1 add allow ip from any to any"... iv been thinking that it is a route problem but i dont know how to set the proper route because my box is in between 2 private networks.. these are my route..
> Routing tables
> Internet:
> Destination        Gateway            Flags    Refs      Use  Netif Expire
> default            172.16.16.1        UGSc        1       90    vr1
> 127.0.0.1          127.0.0.1          UH          0       49    lo0
> 172.16.16/24       link#2             UC          2        0    vr1
> 172.16.16.1        00:0f:3d:87:9c:51  UHLW        1       12    vr1   1200
> 172.16.16.4        00:0b:db:95:89:a0  UHLW        1     1912    vr1   1081
> 192.168.0          link#1             UC          2        0    vr0
> 192.168.0.1        00:11:95:90:c6:b6  UHLW        0       18    lo0
> 192.168.0.2        00:11:5b:2b:24:20  UHLW        0        0    vr0   1188


Please have your mail client wrap your e-mail to this list at 72 characters.

Your routing table doesn't look right. Did you copy/paste or transcribe it?

You have assigned 192.168.0.1 to your lo0 (loopback, see the manage for 
lo(4)) interface. However your route for the 192.168.0 says its directly 
connected on vr0.

What does ifconfig output for lo0 vr1 and vr2 show?

The reason you can ping 192.168.0.1, is because it is your own 
interface. It doesn't indicate that the network (e.g. cables, switch 
hub, etc...) between that interface and the rest of 192.168.0 are set up 
properly or that 192.168.0.2 is configured properly.

> can you help me with this problem?
> thanks for giving your time in reading this.... ill be waiting for your response..
> 
> 

I'm curious why you are setting things up in the way that you are. I 
this just a learning experience, or is there any particular reason that 
you do not want to put all your internal hosts on the same physical 
subnet and let your ADSL router handle NATing for you?

Also, just out of curiosity is this a VIA Mini-ITX based system?

Again, please wrap your at 72 characters, if you want to increase your 
chances of having someone answer your questions.

-Ash

More information about the freebsd-questions mailing list