|
Router doesn't work
I posted installed OpenBSD on a Pentium II with three Ethernet cards. The setup initialized the first one and i have access to the net through it. The hope to use this computer as a router so i turned on ip forwarding. Unfortunately it doesn't work. The the other Ethernet cards to not have hostname.<if> files but they do appear when i type ifconfig -a. What am i doing wrong?
|
Re: Router doesn't work
Quote:
Read this: http://www.aei.ca/~pmatulis/pub/obsd_fw.html#router |
You need to assign ip addresses and netmasks to all three cards.
Internet | router -- network1 10.0.1.1 255.255.255.0 | network2 10.0.2.1 255.255.255.0 This is roughly what it will look like. NOTE: Your networks MUST not overlap according to the netmask. In the above example we need different numbers in the second block because the netmask declares each network to take up the whole range of each network. Your router will have THREE ip addresses. An external one... for the internet. An address on card1 from network1 and an address on card2 from network2. You need to set this up or routing is not going to do anything... how does the router know where to send packets if it can't see where the networks are? Note, using "route add" should not be necessary unless you are a step or more away from a network you need to route... which should not be the case. EDIT: You may need to add one route... the default route which should point to the internet. But in MOST cases this is setup automatically or during other configuration to connect yourself to the internet. aka... it should have been done already if you can reach the internet from the router. |
before i get started, do i need hostname.<if> for the other network cards?
|
Yes... because when you restart the computer need to come up with the right ip addresses and netmasks for the network they are on.
EDIT: restart the computer not the cards. |
An example given my sample network above and assuming that ep1 is for network1 and ep2 is for network2 -- change as needed:
hostname.ep1 would contain: inet 10.0.1.1 255.255.255.0 hostname.ep2 would contain: inet 10.0.2.1 255.255.255.0 That assumes you want to have .1 assigned to this machine. This is usually a pretty good idea since it is where many people expect to see a router. Then all the machines on network1 would set their default route to 10.0.1.1 (/etc/mygate in OBSD) and the machines on network2 would have their default route of 10.0.2.1. |
Well here's the exact set up, i think i'm going to need some more help.
Cable Modem | Netgear router | | | | Parents Comp 1 Parents Comp 2 Sister's Comp My Openbsd Router | | My Desktop My Webserver I'm not sure if this diagram makes any sense, it's late, but as you can see my router is attached to another router. My router has an IP address given from the netgear router. But i want the it to forward the interest to the other network card under a different subnet. I'm not sure how to set up the hostname.rl1 and hostname.rl2, it wasn't in that webpage router tutorial. I need help getting the whole second subnet thing up and running, then i think i can figure out how to forward the ip to the computers in my room. EDIT: My diagram didn't turn out the way i wanted it to so basically this how my network is setup. My router is attached to a netgear router. Then My router will route to the other computers in my room under a different subnet. |
Also, if you're using non-routable (from the Internet) IPs on your internal cards, then you need to setup NAT. You should also be filtering packets so people can't make arbitrary connections to your internal machines. For all of that you'll want to read the PF user's guide
|
I just set up the second subnet. I enabled i ipforwarding and i ran "route add -net 10.0.0.0 192.168.0.10". After I added a static route on the computers on the 192.168.0.0 subnet i could ping the 10.0.0.0 card. But i do have internet access when i plug a computer into the other network card. I enable a static route on the computer i plugged into the card but i still didn't get internet access.
|
Just to clarify my question, how can i get the Internet connections coming in the first Ethernet card to then to allow a computer to plug into the second and third cards and receive an Internet connection.
|
Here is my netstat -rn:
# netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Mtu Interface default 192.168.0.1 UGS 0 0 - rl0 127/8 127.0.0.1 UGRS 0 0 33224 lo0 127.0.0.1 127.0.0.1 UH 1 0 33224 lo0 192.168.0/24 link#1 UC 2 0 - rl0 192.168.0.1 0:9:5b:72:3:a2 UHLc 1 45 - rl0 192.168.0.2 0:6:25:23:12:24 UHLc 1 69 - rl0 192.168.1/24 link#2 UC 0 0 - rl1 224/4 127.0.0.1 URS 0 0 33224 lo0 Internet6: Destination Gateway Flags Refs Use Mtu Interface ::/104 ::1 UGRS 0 0 - lo0 => ::/96 ::1 UGRS 0 0 - lo0 ::1 ::1 UH 12 0 33224 lo0 ::127.0.0.0/104 ::1 UGRS 0 0 - lo0 ::224.0.0.0/100 ::1 UGRS 0 0 - lo0 ::255.0.0.0/104 ::1 UGRS 0 0 - lo0 ::ffff:0.0.0.0/96 ::1 UGRS 0 0 - lo0 2002::/24 ::1 UGRS 0 0 - lo0 2002:7f00::/24 ::1 UGRS 0 0 - lo0 2002:e000::/20 ::1 UGRS 0 0 - lo0 2002:ff00::/24 ::1 UGRS 0 0 - lo0 fe80::/10 ::1 UGRS 0 0 - lo0 fe80::%rl0/64 link#1 UC 0 0 - rl0 fe80::230:bdff:fe1e:af2d%rl0 0:30:bd:1e:af:2d UHL 0 0 - lo0 fe80::%rl1/64 link#2 UC 0 0 - rl1 fe80::230:bdff:fe2e:6c97%rl1 0:30:bd:2e:6c:97 UHL 0 0 - lo0 fe80::%lo0/64 fe80::1%lo0 U 0 0 - lo0 fe80::1%lo0 link#6 UHL 0 0 - lo0 fec0::/10 ::1 UGRS 0 0 - lo0 ff01::/32 ::1 UC 0 0 - lo0 ff02::%rl0/32 link#1 UC 0 0 - rl0 ff02::%rl1/32 link#2 UC 0 0 - rl1 ff02::%lo0/32 ::1 UC 0 0 - lo0 Encap: Source Port Destination Port Proto SA(Address/Proto/Type/Direction) My ifconfig -a: # ifconfig -a lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33224 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 address: 00:30:bd:1e:af:2d media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.0.10 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::230:bdff:fe1e:af2d%rl0 prefixlen 64 scopeid 0x1 rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 address: 00:30:bd:2e:6c:97 media: Ethernet autoselect (none) status: no carrier inet 192.168.1.10 netmask 0xffffff00 broadcast 192.168.1.255 inet6 fe80::230:bdff:fe2e:6c97%rl1 prefixlen 64 scopeid 0x2 rl2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500 address: 00:50:ba:44:79:f9 media: Ethernet autoselect (none) status: no carrier pflog0: flags=0<> mtu 33224 pfsync0: flags=0<> mtu 2020 enc0: flags=0<> mtu 1536 My route -n show: # route -n show Routing tables Internet: Destination Gateway Flags default 192.168.0.1 UG 127.0.0.0 127.0.0.1 UG 127.0.0.1 127.0.0.1 UH 192.168.0.0 link#1 U 192.168.0.1 0:9:5b:72:3:a2 UH 192.168.0.2 0:6:25:23:12:24 UH 192.168.1.0 link#2 U 224.0.0.0 127.0.0.1 U Internet6: Destination Gateway Flags default ::1 UG default ::1 UG ::1 ::1 UH ::127.0.0.0 ::1 UG ::224.0.0.0 ::1 UG ::255.0.0.0 ::1 UG ::ffff:0.0.0.0 ::1 UG 2002:: ::1 UG 2002:7f00:: ::1 UG 2002:e000:: ::1 UG 2002:ff00:: ::1 UG fe80:: ::1 UG fe80::%rl0 link#1 U fe80::230:bdff:fe1e:af2d%rl0 0:30:bd:1e:af:2d UH fe80::%rl1 link#2 U fe80::230:bdff:fe2e:6c97%rl1 0:30:bd:2e:6c:97 UH fe80::%lo0 fe80::1%lo0 U fe80::1%lo0 link#6 UH fec0:: ::1 UG ff01:: ::1 U ff02::%rl0 link#1 U ff02::%rl1 link#2 U ff02::%lo0 ::1 U Another point of interest is that whenver i log on i get an error "gethostbyaddr(192.168.1.10) failed 2 |
Umm, you have no carrier on rl1, that means the cable is not plugged in or the switch or machine that it's plugged into is powered off.
You do know that you do not have to add static routes for this to work, right? All you need to do is specify the default route to the internet in /etc/mygate, everything else works itself out. I think you're trying to over-engineer something that is very simple. Also, none of your cards have an IP on a 10.x.x.x network, so why are you trying to add static routes to a 10.? Each network card has to have an IP on the network it's trying to communicate with. If you have a 10. network attached to rl1, then you need to give rl1 a 10. address, not a 192.168.1. address. |
the machine it's plugged into is on, i'm typing this post on it ( i also have a wireless connection). I changed the 10.0.0.0 to 192.168.1.0.
|
That's the exact error i get when i log on, i think it's what's causing the problem, but then again i have no idea.
#Aug 29 13:38:19 MyHostname sm-mta[22871]: gethostbyaddr(192.168.1.10) failed: 2 |
That's sendmail. It's telling you that it has no hostname for 192.168.1.10. You should edit /etc/hosts and add a hostname for 192.168.1.10. All that doesn't have anything to do with why your connection is not working, though.
For one thing, if you're plugging one NIC directly into another via Cat5/6 cable, then you need to use a crossover cable, not a straight through--that is, unless you plug your OpenBSD box into a hub or switch (in that case you can use all straight-through). Your Netgear router likely will not accept packets from outside of 192.168.0.0/24, because almost certainly the subnet on the Netgear's LAN side is a /24 bitmask. You will need to setup NAT on the OpenBSD box to convert 192.168.1.0/24 addresses to 192.168.0.0/24 addresses when they go out. Another option would be to configure two of the NICs on the OpenBSD box as an IPless bridge, but then if you want to plug two more computers into it you would need a hub or switch The last bit is that you'll need DNS settings both for the OpenBSD router and the boxes that you're plugging into it. Even if you manage to get IP packets routing around, they won't be able to resolve any names on the Internet. Last, you need to make sure the machines you're trying to plug into the router actually have IPs on the same subnet. If you give one of your machines the IP 10.0.0.5, but none of the Interfaces on the OpenBSD box have an IP on that subnet, the other machine will not be able to send packets through the OpenBSD box. |
| All times are GMT -5. The time now is 03:14 AM. |