Matt Morrow <[email protected]> writes: > Ive setup my openbsd box as a router and everything works great except for > 2 things: the openbsd box itself isn't routing for itself but all machines > behind it work just fine with dns and routing. At the openbsd box, if I try > to ping anything by dns, it will sit for about 10 minutes then error that > it could not find the host. Pinging any IP will just time out, and > connections to my openbsd box (ssh for instance) from any internal machine > are very slow to make initial connection.
Obviuosly, your name resolution config is incorrect. The place to start would be to study the contents of /etc/resolv.conf on your gateway and compare to what the other machines have (if they have better name resolution, that is). The ssh slowness problem is likely related. Your sshd is trying to check forward and reverse hostname to IP address mapping for hosts that contact it. IIRC this can be disabled in your sshd config, but the better solution is probably to make sure those names resolve for your gateway, either by sticking the mappings in the gateway's /etc/hosts or actually putting them in your zones or a view, whatever fits your setup. > My configuration is this: > OpenBSD 3.8 with two network cards, rl0 (dhcp) connected directly to my > cable modem, bce0 (192.168.1.60) connected to a null hub. OpenBSD 3.8 is seriously old (released November 1st, 2005). It would help immensely if you upgrade to a still-supported version. People tend to forget the specifics of older releases. But anyway, I don't think the problem here is PF, more likely you need to check your DNS-related settings. Seeing that you're on a dhcp setup, it's eve possible your ISP's name server addresses changed and a simple 'dhclient rl0' will give you better resolv.conf content. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
