Routing problem
Bill Moran
wmoran at collaborativefusion.com
Thu Feb 8 13:34:43 UTC 2007
In response to "George Vanev" <george.vanev at gmail.com>:
> On 2/8/07, Bill Moran <wmoran at collaborativefusion.com> wrote:
> >
> > In response to "George Vanev" <george.vanev at gmail.com>:
> >
> > > I have FreeBSD 6.2 box with 1 NIC and 2 IPs.
> > > The first IP is to access internet, the second
> > > is for the ISP's LAN.
> > > Unfortunately I have internet, but no access to
> > > the other network.
> > >
> > > I made a test. I assigned to the NIC only the local
> > > IP and removed the defaultrouter. Then, of course,
> > > I have no internet but was able to access the ISP's
> > > network.
> > >
> > > I've tried everything I know, but still nothing
> >
> > Consider providing more details, such as the output of ifconfig and
> > netstat -rn.
> >
> > Sure sounds like a routing issue, but I doubt anyone can say anything
> > more without details.
>
> You are right.
>
> ifconfig
> ----------
> rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> options=8<VLAN_MTU>
> inet 212.25.37.96 netmask 0xffffff00 broadcast 212.25.37.255
> inet 192.168.67.41 netmask 0xfffffc00 broadcast 192.168.67.255
> ether 00:17:31:e7:92:18
> media: Ethernet autoselect (100baseTX <full-duplex>)
> status: active
> rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> options=8<VLAN_MTU>
> inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
> ether 00:50:bf:d5:f1:33
> media: Ethernet autoselect (100baseTX <full-duplex>)
> status: active
> plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
> inet 127.0.0.1 netmask 0xff000000
>
>
>
>
> Routing tables
>
> Internet:
> Destination Gateway Flags Refs Use Netif Expire
> default 212.25.37.1 UGS 0 458268 rl0
> 10/24 link#2 UC 0 0 rl1
> 10.0.0.2 00:15:60:ae:f7:61 UHLW 1 231827 rl1 922
> 10.0.0.3 00:17:08:2d:08:26 UHLW 1 1686 rl1 1004
> 10.0.0.255 ff:ff:ff:ff:ff:ff UHLWb 1 67 rl1
> 127.0.0.1 127.0.0.1 UH 0 0 lo0
> 192.168.64/22 link#1 UC 0 0 rl0
> 192.168.64.1 00:02:a5:90:a9:b6 UHLW 1 0 rl0 1200
> 192.168.64.3 00:17:08:58:83:8d UHLW 1 0 rl0 1113
> 212.25.37 link#1 UC 0 0 rl0
> 212.25.37.1 00:02:a5:90:a9:b6 UHLW 2 0 rl0 1195
> In this case I can't access nothing from 192.168.64/22
Nothing? You're able to arp 192.168.64.1 and 192.168.64.3, can you ping
them?
Since you have an RFC-1918 address on both the inside and the outside, I
assume you're running nat on this machine to translate internal machine
traffic. It looks like you have all the routes you need, so my _guess_
at this point is that when the public address is up, the nat is preventing
traffic from going out that interface without being translated. Once it
has a public address, it can't route properly on the 192.168.64/22 space.
Have a look at what you're using for nat. If you can't see anything
obviously at odds, post your nat/firewall/related config.
--
Bill Moran
Collaborative Fusion Inc.
More information about the freebsd-questions
mailing list