pppoe routing problem, default route isnt used for some hosts
Nikos Vassiliadis
nvass9573 at gmx.com
Fri May 29 15:57:43 UTC 2009
Fabian Holler wrote:
> Hello,
>
> I have an strange routing problem. I can't connect to some hosts in the
> internet till I add an explicit route for this hosts with my default gw
> as gateway.
> There aren't any other routes that could match the destination IP for
> "non-working hosts". So the connection should also without an explicit
> route for this Hosts use the default gw.
>
> My Setup:
> FreeBSD 7.2-RELEASE
> mppd to make an PPPOE connection to my internet service
> provider.
> PF as firewall
>
> To isolate the problem I used an minimal pf.conf:
> ---
> "inetif=ng0
> lanif=vr0
>
> scrub all max-mss 1492
> pass quick on lo0 all
> pass out on $inetif proto { tcp udp icmp } all keep state"
> pass on $lanif from any to any
> ---
> I also tried pppd instead of mppd(dont helps).
>
>
> Hosts that I can't connect to, are ie spiegel.de, tagesschau.de, freebsd.org
> southparkstudios.com
> I.e
> TCP connections to Port 80 of southparkstudios.com dont work.
> If I add an explicit route:
> "route add southparkstudios.com 213.191.84.199"
Besides netstat -rn, you can use "route get southparkstudios.com"
to check a route for a destination.
> Connections with nc to port 80 works
> (the connections tests are made from the router, the iface MTUs are correct)
You cannot test MTU settings using nc, since initial packets, that
is, small packets, are always smaller than your MTU. You can test
MTU using fetch or ftp or nc + "GET /some.big.file".
>
> Anybody have an idea what could be wrong?
>
> I have no idea anymore
> (its also not an provider problem, when i made the pppoe connection from windows I can connect to alls hosts)
>
>
> thanks for any hints:)
>
> best regards
>
> Fabian
>
>
> -------------------------------------
> My routing table:
> "
> # netstat -ra
> Routing tables
>
> Internet:
> Destination Gateway Flags Refs Use Netif Expire
> default lo1.br04.weham.de. UGS 0 15505 ng0
> 1.1.1.1&0x1010101 link#1 UC 0 0 rl0
What is this ^^^^???
It looks like not-contiguous netmask?
> exxx45031.adsl.al lo0 UHS 0 0 lo0
> localhost localhost UH 0 433 lo0
> 192.168.113.0 link#2 UC 0 0 vr0
> xyz 00:30:18:ad:26:88 UHLW 1 24005 lo0
> mail.xyz.ath.cx 00:30:18:ad:26:88 UHLW 1 86400 lo0
> http.xyz.ath.cx 00:30:18:ad:26:88 UHLW 1 770 lo0
> 192.168.113.255 ff:ff:ff:ff:ff:ff UHLWb 1 3228 vr0
> lo1.br04.weham.de. e176145031.adsl.al UH 1 0 ng0
>
> [... ipv6 stuff]
> "
>
> Interface infos:
> "
> # netstat -ira
> Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
> rl0 1492 <Link#1> 00:02:2a:b0:4a:e0 26128479 0 19855993 0 0
> 01:00:5e:00:00:01 0 0
> rl0 1492 1.1.1.1&0x101 1.1.1.1 0 - 2653 - -
> ALL-SYSTEMS.MCAST
> vr0 1500 <Link#2> 00:30:18:ad:26:88 12662831 0 17678949 0 0
> 01:00:5e:00:00:01 2038 0
> vr0 1500 192.168.113.0 xyz 9745471 - 13639692 - -
> ALL-SYSTEMS.MCAST
> vr0 1500 192.168.113.0 mail.xyz.a 291626 - 86404 - -
> ALL-SYSTEMS.MCAST
> vr0 1500 192.168.113.0 http.xyz.a 6814 - 770 - -
> ALL-SYSTEMS.MCAST
> lo0 16384 <Link#3> 113929 0 113929 0 0
> lo0 16384 fe80:3::1 fe80:3::1 0 - 0 - -
> ff01:3::1 (refs: 1)
> ff02:3::2:a61d:93b4(refs: 1)
> ff02:3::1 (refs: 1)
> ff02:3::1:ff00:1 (refs: 1)
> lo0 16384 localhost ::1 0 - 0 - -
> ff01:3::1 (refs: 1)
> ff02:3::2:a61d:93b4(refs: 1)
> ff02:3::1 (refs: 1)
> ff02:3::1:ff00:1 (refs: 1)
> lo0 16384 your-net localhost 433 - 2433 - -
> ALL-SYSTEMS.MCAST
> pflog 33204 <Link#4> 0 0 80567 0 0
> tun0* 1500 <Link#5> 78331 0 76381 0 0
> tun99 1500 <Link#6> 353 0 375 0 0
> ng0 1492 <Link#7> 17114096 0 13449463 0 0
> ng0 1492 85.176.145.31 e176145031.adsl.a 12398 - 17011 - -
> ALL-SYSTEMS.MCAST
> "
>
> mpd.conf:
> "
> default:
> load PPPoE
> PPPoE:
> new -i ng0 PPPoE PPPoE
> set iface addrs 1.1.1.1 2.2.2.2
Maybe you should delete the above line as
well. I dont remembere what "iface addrs" does,
but you'll get the IP addresses via IPCP,
so it's surely redundant.
> set iface route default
> set iface enable on-demand
> set iface idle 0
> set bundle disable multilink
> set bundle authname "xxy"
> set iface disable tcpmssfix
> set link no acfcomp protocomp
> set link disable pap chap
> set link accept chap
> set link mtu 1492
> set link mru 1492
this is also wrong, don't try to set MTU
or MRU. There are negotiated during PPP.
> set link keep-alive 10 60
> set ipcp yes vjcomp
> set iface enable tcpmssfix#I know pf also do this in my setup, but Iam despaired:)
> set ipcp ranges 0.0.0.0/0 0.0.0.0/0
> set nat disable
> log +link
> open iface
> "
> mpd.links:
> "PPPoE:
> set link type pppoe
> set pppoe iface rl0
> set pppoe disable incoming
> set pppoe enable originate
> "
What is really strange is that netmask, maybe
that's the source of the problem...
HTH, Nikos
More information about the freebsd-questions
mailing list