[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Problems setting up an OpenBSD gateway



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Rink

do you have the correct rule in ipnat.rules

# $OpenBSD: ipnat.rules,v 1.2 1999/05/08 16:33:10 jason Exp $
#
# See /usr/share/ipf/nat.1 for examples.
# edit the ipnat= line in /etc/rc.conf to enable Network Address
Translation

#This allows us to use this box as the gateway

map <ext nic> 192.168.x.x/24 -> fxp0/32 portmap tcp/udp 10000:20000
map  <ext nic> 192.168.x.x/24 -> fxp0/32




Dan Cuthbert
European Hosting Research & Engineering
PSINet Datacentres
mobile : +44 77 1279 0646

- -----Original Message-----
From: owner-misc_(_at_)_openbsd_(_dot_)_org [mailto:owner-misc_(_at_)_openbsd_(_dot_)_org]On Behalf
Of
Rink Springer
Sent: 31 October 2000 15:26
To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Problems setting up an OpenBSD gateway


Hi,

I've installed OpenBSD 2.7 on one of my boxes a few days back. The
box
(GALLIUM) is supposed to provide gatewaying services to my network.
It works
like this:

( INTERNET ) - [MINERVA] - < GALLIUM >
                [FREYA]    < THALLIUM >
               [SPOOKY]    < AURUM >

In this overview, MINERVA is directly connected to the cable modem,
and the
box has two network cards. This is a Linux box, which also does NAT
(or
masquarading, as they like to call it :). MINERVA, FREYA and SPOOKY
are all
part of a BNC network, 10.0.0.x.

GALLIUM is a OpenBSD gateway, which should do gatewaying between the
BNC
network and the UTP one. It has two network cards, ne0 (at
176.16.0.4) and
ne1 (at 10.0.0.4). GALLIUM, THALLIUM and AURUM are all on an UTP
network, at
176.16.0.x.

The problem is the following: GALLIUM can ping all boxes in the
network,
including the internet. But any box that uses GALLIUM as gateway, can
*NOT*
access the internet. They can use the 10.0.0.x and 176.16.0.x
networks
all-right, but accessing the internet does not work.

Does anything have an idea why this is? GALLIUM is set up to use
MINERVA as
default gateway, and that works. MINERVA uses a route to network
176.16 that
uses 10.0.0.4 as gateway (and MINERVA and all it's clients in the BNC
network can ping anything also correct).

After some tcpdump(1)'s and ip logging stuff, I've found out that
GALLIUM,
for some reason, *NEVER* forwards packets to the MINERVA gateway,
even
though it should. I have no idea why this is.

I've spent hours on figuring this out, but to no avail. Can someone
out
there *please* help me?

Thanks!
- --Rink


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOf7oTg35kLKMi26SEQKbigCdE8aQggwQLETLeiBr9s6uED5uLnEAoMY3
tM6e1TfZbgFy7U0HrpkXwkDI
=6PM/
-----END PGP SIGNATURE-----





Visit your host, monkey.org