Thread: Simple network config problem?
View Single Post

   
  #1 (permalink)  
Old 02-16-2008, 05:33 AM
Mitch Zollinger
 
Posts: n/a
Default Simple network config problem?
Hi,

I just replaced Linux with OpenBSD 3.3 on my home NAT server / firewall.
I'm having some difficulty getting a basic 2 NIC setup to work
properly. I've read through the docs and mailing list, but haven't been
able to figure this out. I just want to do a simple setup with one NIC
as the external (internet) interface and have a second internal
(LAN:192.168.1.x) interface to do address translation for the clients
behind the firewall.

I have 2 NICs, recognized by 'ifconfig -a':

dc0: flags=8d43<UP,BROADCAST,RUNNING,PROMISC,OACTIVE,SI MPLEX,MULTICAST>
mtu 1500
address: 00:a0:cc:61:d4:b8
media: Ethernet autoselect (100baseTX)
status: active
inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::2a0:ccff:fe61:d4b8%dc0 prefixlen 64 scopeid 0x1
ne3:
flags=8b63<UP,BROADCAST,NOTRAILERS,RUNNING,PROMISC ,ALLMULTI,SIMPLEX,MULTICAST>
mtu 1500
address: 00:e0:29:38:55:27
media: Ethernet autoselect (10baseT)
inet6 fe80::2e0:29ff:fe38:5527%ne3 prefixlen 64 scopeid 0x2
inet 12.234.89.65 netmask 0xfffffe00 broadcast 255.255.255.255

the hostname.if files:
hostname.dc0: inet 192.168.1.100 255.255.255.0 192.168.1.255
hostname.ne3: dhcp NONE NONE NONE

If I try to ping the OpenBSD firewall (192.168.1.100) from an internal
client, I get no return packets; if I try to ping an internal client
from the BSD box, I also receive no return packets. It doesn't appear
to be a hardware problem, since I receive no error messages and I can
see the NIC & hub lights flashing appropriately.

I tried setting up a bridge, also; /etc/bridgename.bridge0:
add dc0
add ne3
up

The output of 'netstat -r' (ipv6 is truncated):

Routing tables

Internet:
Destination Gateway Flags Refs Use Mtu
Interface
default 12-234-88-1.client UGS 2 25507 - ne3
12-234-88-0.client link#2 UC 0 0 - ne3
12-234-88-1.client 0:a:8b:6d:90:54 UHL 1 0 - ne3
12-234-89-65.clien localhost UGHS 0 0 33224 lo0
loopback localhost UGRS 0 0 33224 lo0
localhost localhost UH 6 11254 33224 lo0
192.168.1/24 link#1 UC 0 0 - dc0
BASE-ADDRESS.MCAST localhost URS 0 0 33224 lo0

/etc/hosts:
::1 localhost.attbi.com localhost
127.0.0.1 localhost.attbi.com localhost
::1 tanuki.attbi.com tanuki
127.0.0.1 tanuki.attbi.com tanuki
127.0.0.1 outside.attbi.com outside
192.168.1.100 inside.attbi.com inside

I have turned on pf, but the pf.conf file just lets everything through
("pass quick all").

Any ideas?

Thanks,
Mitch

Reply With Quote