The subject makes wild claims. But I really don't have any other
explanation. So perhaps someone else will see where I've gone wrong.
Thanks.
I'm using ipfilter 3.3.8 on a FreeBSD 3.3-stable box which acts as my
gateway. Within my LAN I have a box which which is running FreeBSD
4.0-current, which, when it's running seems to cause problems with the
gateway. The symptons are an inability to obtain connections to boxes
out outside my gateway. For example, I can't browse to a website (it
times out), I can't telnet (it times out), nor can I send mail out (again, it
times out). Incoming mail also seems to be affected as I've not
Incoming requests to my webserver are working. People can ping my
gateway.
At one time, one box can ping the outside world. This box happens to
have this entry:
# ipnat -l | grep 192.168.0.11
MAP 192.168.0.11 0 <- -> 192.168.1.1 0 [216.71.202.74 0]
Then, as a test, I did an ipnat -F to clear the NAT mappings. Then the
above box could no longer ping boxes outside the gateway. In fact, the
gateway cannot even ping the router (which is actually referred to as my
ADSL modem). Existing connections, such as my IRC session,
worked fine until I disconnected them. Then I was unable to reconnect
to the IRC server.
Communications within my LAN are normal.
This 4.0-current box contains a 10/100 nic. This may sound strange,
but I suspect this NIC is the cause of my problems, but I have no
explanation as to why it. The above symptoms occur only when this
box is running. The problems go away if I reboot the gateway (not a
long term solution). To complicate the issue, said box is running
FreeBSD 4.0-current. I have another box which is running 4.0-current,
but it does not contain a 10/100 NIC.
Upon rebooting the gateway, all is fine. But after about 10 minutes or
so, the symptoms reappear. If I disconnect the 10/100 NIC from the
hub, and reboot the gateway, all is well.
My hub is a plain simple hub (works only with 10 not 100, I suspect).
The 10/100 NIC has been configured thusly:
$ ifconfig dc0
dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST>
mtu 1500
inet 192.168.0.11 netmask 0xffffff00 broadcast 192.168.0.255
ether 00:80:ad:7f:4e:7b
media: 10baseT/UTP status: active
supported media: autoselect 100baseTX <full-duplex> 100baseTX
10baseT/UTP <full-duplex> 10baseT/UTP 100baseTX <hw-loopback>
none
I am using UTP between the NIC and the hub.
I have tested with and without firewall rules.
The box in question is:
[dan@buff:/usr/home/dan] $ uname -a
FreeBSD buff.unixathome.org 4.0-CURRENT FreeBSD 4.0-CURRENT
#0: Sun Feb 6 18:05:58 NZDT 200 0
[EMAIL PROTECTED]:/usr/src/sys/compile/BUFF i386
[dan@buff:/usr/home/dan] $ dmesg
Copyright (c) 1992-2000 The FreeBSD Project.
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
FreeBSD 4.0-CURRENT #0: Sun Feb 6 18:05:58 NZDT 2000
[EMAIL PROTECTED]:/usr/src/sys/compile/BUFF
Timecounter "i8254" frequency 1193182 Hz
CPU: Pentium/P54C (99.47-MHz 586-class CPU)
Origin = "GenuineIntel" Id = 0x525 Stepping = 5
Features=0x1bf<FPU,VME,DE,PSE,TSC,MSR,MCE,CX8>
real memory = 33554432 (32768K bytes)
config> di psm0
config> di sn0
config> di lnc0
config> di le0
config> di ie0
config> di fe0
config> di cs0
config> di bt0
config> di aic0
config> di aha0
config> di adv0
config> q
avail memory = 28835840 (28160K bytes)
Preloaded elf kernel "kernel" at 0xc03b9000.
Preloaded userconfig_script "/boot/kernel.conf" at 0xc03b909c.
Intel Pentium detected, installing workaround for F00F bug
md0: Malloc disk
npx0: <math processor> on motherboard
npx0: INT 16 interface
pcib0: <Host to PCI bridge> on motherboard
pci0: <PCI bus> on pcib0
isab0: <Intel 82371FB PCI to ISA bridge> at device 7.0 on pci0
isa0: <ISA bus> on isab0
ata-pci0: <Intel PIIX ATA controller> port 0xe800-0xe80f at device 7.1 on
pci0
ata0 at 0x01f0 irq 14 on ata-pci0
dc0: <Macronix 98715/98715A 10/100BaseTX> port 0xe400-0xe4ff mem
0xfbfa0000-0xfbfa00ff irq 11 at device 9.0 on pci0
dc0: Ethernet address: 00:80:ad:7f:4e:7b
miibus0: <MII bus> on dc0
dcphy0: <Intel 21143 NWAY media interface> on miibus0
dcphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
vga-pci0: <ATI Mach64-CT graphics accelerator> mem 0xfa000000-
0xfaffffff at device 12.0 on pci0
fe0: not probed (disabled)
fdc0: <NEC 72065B or clone> at port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on
isa0
fdc0: FIFO enabled, 8 bytes threshold
fd0: <1440-KB 3.5" drive> on fdc0 drive 0
ata-isa0: already registered as ata0
adv0: not probed (disabled)
bt0: not probed (disabled)
aha0: not probed (disabled)
aic0: not probed (disabled)
atkbdc0: <keyboard controller (i8042)> at port 0x60-0x6f on isa0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff
on isa0
sc0: <System console> on isa0
sc0: VGA <16 virtual consoles, flags=0x200>
pcic1: not probed (disabled)
sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
sio0: type 16550A
sio1 at port 0x2f8-0x2ff irq 3 on isa0
sio1: type 16550A
sio2: not probed (disabled)
sio3: not probed (disabled)
ppc0: <Parallel port> at port 0x378-0x37f irq 7 on isa0
ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode
ppi0: <Parallel I/O> on ppbus0
lpt0: <Printer> on ppbus0
lpt0: Interrupt-driven port
plip0: <PLIP network interface> on ppbus0
ie0: not probed (disabled)
le0: not probed (disabled)
lnc0: not probed (disabled)
cs0: not probed (disabled)
sn0: not probed (disabled)
IPsec: Initialized Security Association Processing.
ad0: 1222MB <QUANTUM FIREBALL1280A> [2484/16/63] at ata0-
master using WDMA2
Mounting root from ufs:/dev/ad0s1a
--
Dan Langille - DVL Software Limited [I'm looking for more work]
The FreeBSD Diary - http://www.freebsddiary.org/
NZ FreeBSD User Group - http://www.nzfug.nz.freebsd.org/
The Racing System - http://www.racingsystem.com/
unix @ home - http://www.unixathome.org/
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
