LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices


Reply
 
Search this Thread
Old 08-31-2012, 09:14 AM   #1
sasser
Member
 
Registered: Apr 2010
Location: Bucharest
Distribution: Slackware13.37, OpenBSD5.1, FreeBSD9.0
Posts: 40

Rep: Reputation: 0
OpenBSD 5.1 as NAT Gateway


Hello,

I'm trying to learn how to setup an small residential gateway using OpenBSD 5.1.
The NIC cards:
- dc0 card on 192.168.2.0/24 network (considered an external network), having 192.168.2.2 IP address.
- rl0 card not userd at this point.
- rl1 card on 192.168.1.0/24 network (considered the internal network), having 192.168.1.1 IP address.
I want to make the OpenBSD machine a router for rl1:network using NAT. But when trying to ping from a host in rl1:network (192.168.1.50) a host in dc0:network (192.168.2.10) I get no answer, just a message telling "No route to host"

What's wrong? Should I first create a bridge between the two networks and the filter on that bridge? Pinging between OpenBSD router and hosts in each network works OK.

The pf.conf file looks like this:
Code:
# Skip on loopback
set skip on lo
# NAT
match out on dc0 inet from 192.168.1.0/24 to any nat-to dc0
#
# Allow all inbound and outbound
pass out
pass in
#
# Allow NAT explicit access for the match rule above
pass on dc0 inet from 192.168.1.0/24 to any
The output of the pfctl -s rules is:
Code:
match out on dc0 inet from 192.168.1.0/24 to any nat-to 192.168.2.2
pass out all flags S/SA
pass in all flags S/SA
pass on dc0 inet from 192.168.1.0/24 to any flags S/SA
 
Old 08-31-2012, 12:15 PM   #2
sasser
Member
 
Registered: Apr 2010
Location: Bucharest
Distribution: Slackware13.37, OpenBSD5.1, FreeBSD9.0
Posts: 40

Original Poster
Rep: Reputation: 0
I forgot to add that the IP forwarding is enabled, by uncommenting the line
net.inet.ip.forwarding=1
in /etc/sysctl.conf
 
Old 09-01-2012, 07:56 PM   #3
gezley
Member
 
Registered: Sep 2009
Location: Ireland
Distribution: Slackware-64, Crux-64, NetBSD-64
Posts: 682

Rep: Reputation: 432Reputation: 432Reputation: 432Reputation: 432Reputation: 432
Quote:
Originally Posted by sasser View Post
I forgot to add that the IP forwarding is enabled, by uncommenting the line
net.inet.ip.forwarding=1
in /etc/sysctl.conf
I presume you rebooted after changing this file? If you want to change the kernel dynamically you should use the sysctl utility instead.
 
Old 09-03-2012, 01:11 AM   #4
sasser
Member
 
Registered: Apr 2010
Location: Bucharest
Distribution: Slackware13.37, OpenBSD5.1, FreeBSD9.0
Posts: 40

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by gezley View Post
I presume you rebooted after changing this file? If you want to change the kernel dynamically you should use the sysctl utility instead.
Yes, I've done many reboots for various reasons.

The history of the OpenBSD machine: first was configured as a client for another router just to be able to download vim. Those times the machine had the default gateway pointing to that router. After configuring it as a router I renamed the mygate file as mygate.BAK because I saw somewhere on other forums that when building a router the default gateway is not needed and that file should be deleted.
 
Old 09-03-2012, 04:38 AM   #5
sasser
Member
 
Registered: Apr 2010
Location: Bucharest
Distribution: Slackware13.37, OpenBSD5.1, FreeBSD9.0
Posts: 40

Original Poster
Rep: Reputation: 0
Finally solved.. It was my mistake in configuring the dhcp server. The clients behind the router were getting a wrong defaul gateway so they couldn't ping anything outside their network.
I fixed that mistake and now everything works well.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenBSD pf NAT question IMNOboist *BSD 2 08-29-2012 05:08 AM
OpenBSD 4.9 PF and NAT do not work lcxpics *BSD 5 09-20-2011 07:49 AM
VMware OpenBSD suitable as gateway? Just_Started Linux - Server 2 03-15-2007 01:03 AM
[OpenBSD 3.9] NAT Configuration/ Static IP Slycer *BSD 4 05-16-2006 04:14 AM
configuring openbsd 3.3 pppoe gateway yocompia *BSD 3 09-28-2003 01:11 PM


All times are GMT -5. The time now is 09:28 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration