Board index Solaris

Cable modem / dhcp / ipfilter NAT - all working but grinds to a halt

Cable modem / dhcp / ipfilter NAT - all working but grinds to a halt

Post by Edwar » Wed, 21 Aug 2002 00:23:43



I've managed to get my Sol8 Ultra-Ent 1 connecting to my cable provider
using DHCP. I've also installed Ipfilter and configured it to perform NAT
for my 172.x.x.x home LAN.

It all works fine for a few mins, but gets gradually slower until it grinds
to a halt. HUPing Ipfilter doesn't fix it and to get it working again I need
to re-boot. Whilst 'hung', if I attempt a new connection (e.g.
www.google.com via browser), ipnat -l shows the new NAT translations but
connections always time out.

Any tips / pointers on troubleshooting this?

Thanks,

Edward

 
 
 
Top

Cable modem / dhcp / ipfilter NAT - all working but grinds to a halt

Post by Edwar » Sat, 24 Aug 2002 18:25:58


Fault was with the 172.x.x.x host, not the server.


Quote:> I've managed to get my Sol8 Ultra-Ent 1 connecting to my cable provider
> using DHCP. I've also installed Ipfilter and configured it to perform NAT
> for my 172.x.x.x home LAN.

> It all works fine for a few mins, but gets gradually slower until it
grinds
> to a halt. HUPing Ipfilter doesn't fix it and to get it working again I
need
> to re-boot. Whilst 'hung', if I attempt a new connection (e.g.
> www.google.com via browser), ipnat -l shows the new NAT translations but
> connections always time out.

> Any tips / pointers on troubleshooting this?

> Thanks,

> Edward


 
 
 
Top

1. Cable modem: DHCP works - NAT doesn't (ipfilter problem?)

Hello all,

hme0 - dhcp connection to cable provider - works fine
hme1 - LAN interface to 172.1.0.0/16 network

# ifconfig hme1
hme1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500
index 3
        inet 172.1.0.1 netmask ffff0000 broadcast 172.1.255.255
        ether 8:0:20:89:b:0

ipfilter is installed

ipf.conf is empty:
bash-2.05# cat /etc/opt/ipf/ipf.conf

ipnat.conf is configured as follows:
bash-2.05# cat /etc/opt/ipf/ipnat.conf
map hme0 172.1.0.1/16 -> 0/32 proxy port ftp ftp/tcp
map hme0 172.1.0.1/16 -> 0/32 portmap tcp/udp auto
map hme0 172.1.0.1/16 -> 0/32
(also tried with 172.0.0.0 replacing 172.1.0.1)

IP forwarding is enabled:
bash-2.05# ndd -get /dev/tcp ip_forwarding
1

I removed /etc/norouter /etc/defaultrouter etc and ndd -get /dev/tcp
ip_forwarding
consistently returned 0. Only when I ran `ndd -set /dev/tcp
ip_forwarding 1` whould the result '1' be returned.

traceroute -i hme1 <any external ip> times out
traceroute <any external ip> works - uses hme0 DHCP interface to cable
ISP.

dhcp-34-481 is the hostname assigned by dhcp.
The following was done via console:
bash-2.05# /etc/init.d/ipfboot stop
Aug  4 21:05:03 dhcp-34-481 ipf: NOTICE: IP Filter: ILL Header Length
Mismatch
Aug  4 21:05:03 dhcp-34-481
Aug  4 21:05:03 dhcp-34-481 ipf: NOTICE: IP Filter: ILL Header Length
Mismatch
Aug  4 21:05:03 dhcp-34-481
Aug  4 21:05:03 dhcp-34-481 ipf: IP Filter: detaching [hme1,128]
bash-2.05# Aug  4 21:05:03 dhcp-34-481 ipf: IP Filter: detaching
[hme0,128]
Aug  4 21:05:03 dhcp-34-481 ipf: IP Filter: detached
bash-2.05# /etc/init.d/ipfboot start
Aug  4 21:05:12 dhcp-34-481 ipf: IP Filter: attach to [hme0,128]
Set 0 now inactive
0 entries flushed from NAT table
0 entries flushed from NAT list
Aug  4 21:05:12 dhcp-34-481 ipf: IP Filter: attach to [hme1,128]
bash-2.05# Aug  4 21:05:12 dhcp-34-481 ipf: IP Filter: v3.3.11,
attaching complete.

Can anyone tell me what I'm doing wrong?

2. inetd and telnetd port bind failure

3. dhcp, ipfilter, Cable Modems, and non-routable IP addresses

4. Start.dip problems. Can't see modem?

5. problem with nat in kernel-2.16.22 on cable modem (i-cable)

6. DNS

7. How to get DHCP & Static working on Linux for Windows Clients using a Cable Modem

8. How to ad a second/third nic?

9. how do i get dhcp for cable modem working?

10. Cable modem..56 modem dial up, 500K cable modem download stream...

11. me again%P : ipfilter on openBSD... can't get rdr (NAT) to work...

12. gateway for cable modem, ipfilter or ipfw+natd?

13. Enterprise2.01/Solaris grinds to a halt


All times are UTC
Board index