in over my head?? networking problems (long)

in over my head?? networking problems (long)

Post by kp » Thu, 26 Jun 2003 13:54:13



I saw some tutorials and figured with a little research I would be able
to get started on netBSD as a home router / firewall

It looks promising except for a few problems

I have 3 network cards, all supported, all come up just fine

fxp0 --> WAN, configured to receive DHCP from COX.NET **WORKS FINE (I
can get an address and ping www.yahoo.com <http://www.yahoo.com/> )

rtk0 --> LAN 192.168.0.0/24 subnet 255.255.255.0

rtk1 --> LAN 10.0.0.0/24 subnet 255.255.255.0

on both rtk0 and rtk1 I want to be able to have a dhcpd running (will be
plugged into different switches using different networks).

If I plug a win2k computer onto rtk1 I can not get a dhcp address,
however if I manually assign the win2k box an addr of 10.0.0.2, then I
can ping 10.0.0.1

This leads me to believe that the rtk1 is working so far as basic
networking, but the dhcpd is not working for rtk1 (or rtk0 for that
matter)

Note: Eventually I will try to get NAT and IPFILTERING on, but that will
be an adventure for another day.

When I boot the netbsd box, as it is going through the startup process,
I see two errors that catch my attention:

Right after I get the dhcp address from my cox environment (just testing
it so far on a local dhcp network, and yes, the cables are plugged in
the right place so there are no topology errors) I see something that
says "ROUTE: BAD VALUE: #Default".  What is this???

Later, as it attempts to start dhcpd, I see an error that I should
contact a certain mailing group if I have problems, and it says "DHCP:
exiting" which obviously means DHCPD is not starting.

Below are a few files I have running that should help anyone in helping
me address this:

To sum it up:

1)     How do I get rtk0 (192.168.0.1) and rtk1 (10.0.0.1) to have the
dhcpd running on each interface for the correct pool

2)     I will have more questions in a later post about NAT/IPFILTERING
& X11 problems

3)     Thank you all for your help

#************************************************

#/etc/rc.conf

#************************************************

#       $NetBSD: rc.conf,v 1.96 2000/10/14 17:01:29 wiz Exp $

#

# see rc.conf(5) for more information.

#

# Use program=YES to enable program, NO to disable it. program_flags are

# passed to the program on the command line.

#

# Load the defaults in from /etc/defaults/rc.conf (if it's readable).

# These can be overridden below.

#

if [ -r /etc/defaults/rc.conf ]; then

        . /etc/defaults/rc.conf

fi

# If this is not set to YES, the system will drop into single-user mode.

#

rc_configured=YES

# Add local overrides below

#

wscons=YES

#       $NetBSD: rc.conf,v 1.37.2.3 2002/11/11 23:41:18 he Exp $

#

# /etc/defaults/rc.conf --

#       default configuration of /etc/rc.conf

#

# see rc.conf(5) for more information.

#

# DO NOT EDIT THIS FILE DIRECTLY; IT MAY BE REPLACED DURING A SYSTEM
UPGRADE.

# EDIT /etc/rc.conf INSTEAD.

#

# DEVELOPERS:  Please edit share/sushi/system/rcconf/form when modifying
this

# file to keep it in sync.

#

# Use program=YES to enable program, NO to disable it. program_flags are

# passed to the program on the command line.

#

# Uncomment this if you want to use local paths in rc.

#

#export
PATH=$PATH:/usr/pkg/sbin:/usr/pkg/bin:/usr/local/sbin:/usr/local/bin

# Uncomment the following to execute each /etc/rc.d script in

# the current shell rather than in a subshell.  This may be

# faster on very slow machines that have an expensive fork(2).

#       NOTE:   USE THIS AT YOUR OWN RISK; A ROGUE COMMAND

#               MAY INADVERTENTLY PREVENT BOOT TO MULTIUSER.

#

#rc_fast_and_loose=YES

# Additional flags to the rcorder(8) that's run by /etc/rc.

#

rc_rcorder_flags=""

# If this is set to NO, shutdown(8) will not run /etc/rc.shutdown.

#

do_rcshutdown=YES

# Additional flags to the rcorder(8) that's run by /etc/rc.shutdown.

#

rcshutdown_rcorder_flags=""

# If this is non-blank, use as the number of seconds to run a watchdog

# timer which will terminate /etc/rc.shutdown if the timeout expires.

#

rcshutdown_timeout=""

# Basic network configuration

#

# Fully Qualified Internet Domain Name (a.k.a. hostname, e.g.
foo.baz.edu).

# If blank, use /etc/myname.

#

hostname=""

# If there's only one way out of your network, set this to the hostname

# or the IP address of the router that will get your packets off the
LAN.

# If blank, use /etc/mygate.

#

defaultroute=""

# The NIS domain name (formerly known as Yellow Pages); not in any way

# related to Internet domain names.

# If blank, use /etc/defaultdomain.

#

domainname=""

# Filesystems to mount early in boot-up.

# Note that `/var' is needed in $critical_filesystems_local (or

# implied as part of `/') as certain services that need /var (such as

# dhclient) may be needed to get the network operational enough to mount

# the $critical_filesystems_remote.

#

critical_filesystems_local="/var"

critical_filesystems_remote="/usr"

# Swap device controls.

#

no_swap=NO              # Set to YES if you have purposefully setup no
swap

                        # partitions and don't want to be warned about
it.

swapoff=NO              # Remove block-type swap partitions upon
shutdown

# One-time actions and programs on boot-up.

#

lkm=NO                                          # run /etc/rc.lkm

savecore=YES            savecore_flags="-z"

clear_tmp=YES                                   # clear /tmp after
reboot

update_motd=YES                                 # updates /etc/motd

dmesg=YES               dmesg_flags=""          # write
/var/run/dmesg.boot

accounting=NO                                   # uses /var/account/acct

newsyslog=NO            newsyslog_flags=""      # trim log files

# NOTE: default coredump name now set in /etc/sysctl.conf

# Security setting.  If $securelevel is non-empty, the system
securelevel

# is set to this value early in the boot sequence.  Otherwise the
default

# action is taken (see init(8)).

#

securelevel=""                                  # securelevel to set to

# To set the IP address of an interface either use

#  ifconfig_xxN="IP-NO"

# where xxN is the interface.  If this variable is not set then

# contents of the file /etc/ifconfig.xxN is used.

# Networking startup.

#

ipfilter=NO                                     # uses /etc/ipf.conf

ipnat=NO                                        # uses /etc/ipnat.conf

ipfs=NO                 ipfs_flags=""           # save/load ipnat and
ipf states

ipsec=NO                                        # uses /etc/ipsec.conf

ipmon=NO                ipmon_flags="-ns"       # syslog ipfilter
messages

racoon=NO                                       # IKE daemon

auto_ifconfig=YES                               # config all avail.
interfaces

net_interfaces=""                               # used only if above is
NO

flushroutes=YES                                 # flush routes in
netstart

dhclient=YES                                    # behave as a DHCP
client

                        dhclient_flags="fxp0"   # blank: config all
interfaces

ntpdate=NO              ntpdate_flags="-b -s"   # May need '-u' thru
firewall

ppp_peers=""                                    # /etc/ppp/peers to call

ip6mode=host                                    # host, autohost or
router

ip6sitelocal=NO                                 # IPv6 sitelocal addrs

rtsol=NO                rtsol_flags="-a"        # for ip6mode=autohost
only

# Special treatment for interfaces that need to be downed on

# shutdown (because they might cause unecessary costs or block resources

# on the peer). All pppoe* interfaces are automatically included in this

# list, add others here manually.

# force_down_interfaces=""

ifwatchd=NO     # execute up/down scripts for in-kernel PPPoE interfaces

        ifwatchd_flags="-u /etc/ppp/ip-up -d /etc/ppp/ip-down pppoe0"

# ALTQ configuration/monitoring daemon

altqd=NO                altqd_flags=""

# Daemons required by servers.  These are not needed for strictly client
use.

#

# inetd is used to start the IP-based services enabled in
/etc/inetd.conf

#

inetd=YES               inetd_flags="-l"        # -l logs libwrap

# rpcbind (formerly known as 'portmap') is used to look up RPC-based
services.

#

rpcbind=NO              rpcbind_flags="-l"      # -l logs libwrap

# Commonly used daemons.

#

syslogd=YES             syslogd_flags="-s"      # -s "secure" unix
domain only

cron=YES

named=NO                named_flags=""          # see below for
named_chrootdir

timed=NO                timed_flags=""

ntpd=NO                 ntpd_flags=""           # see below for
ntpd_chrootdir

sendmail=NO             sendmail_flags="-bd -q30m"

postfix=NO

lpd=NO                  lpd_flags="-s"          # -s "secure" unix
domain only

sshd=YES                        sshd_flags=""

# To run the named(8) DNS server as an unprivileged user under a

# chroot(2) cage, uncomment the following after migrating the contents

# of /etc/namedb to /var/chroot/named/etc/namedb

#

#named_chrootdir="/var/chroot/named"

# To run the ntpd(8) NTP server as an unprivileged user under a

# chroot(2) cage, uncomment the following, after ensuring that:

#       - The kernel has "pseudo-device clockctl" compiled in

#       - /dev/clockctl is present

#

#ntpd_chrootdir="/var/chroot/ntpd"

# Routing daemons.

#

routed=NO               routed_flags="-q"

gated=NO

mrouted=NO              mrouted_flags=""

route6d=NO              route6d_flags=""

rtsold=NO               rtsold_flags=""         # for ip6mode=autohost
only

# Daemons used to boot other hosts over a network.

#

rarpd=NO                rarpd_flags="-a"

bootparamd=NO           bootparamd_flags=""

dhcpd=YES               dhcpd_flags="rtk0 rtk1"

dhcrelay=NO             dhcrelay_flags=""

rbootd=NO               rbootd_flags=""

mopd=NO                 mopd_flags="-a"

ndbootd=NO            
...

read more »

 
 
 

in over my head?? networking problems (long)

Post by kp » Sun, 29 Jun 2003 11:25:33


got it figured out from someone on experts-exchange.

Klint
http://www.custom-web.biz/webdesign/

"kp" <kl...@nospam.cox.net> wrote in message

news:3W9Ka.101827$hd6.13561@fed1read05...
> I saw some tutorials and figured with a little research I would be able
> to get started on netBSD as a home router / firewall

> It looks promising except for a few problems

> I have 3 network cards, all supported, all come up just fine

> fxp0 --> WAN, configured to receive DHCP from COX.NET **WORKS FINE (I
> can get an address and ping www.yahoo.com <http://www.yahoo.com/> )

> rtk0 --> LAN 192.168.0.0/24 subnet 255.255.255.0

> rtk1 --> LAN 10.0.0.0/24 subnet 255.255.255.0

> on both rtk0 and rtk1 I want to be able to have a dhcpd running (will be
> plugged into different switches using different networks).

> If I plug a win2k computer onto rtk1 I can not get a dhcp address,
> however if I manually assign the win2k box an addr of 10.0.0.2, then I
> can ping 10.0.0.1

> This leads me to believe that the rtk1 is working so far as basic
> networking, but the dhcpd is not working for rtk1 (or rtk0 for that
> matter)

> Note: Eventually I will try to get NAT and IPFILTERING on, but that will
> be an adventure for another day.

> When I boot the netbsd box, as it is going through the startup process,
> I see two errors that catch my attention:

> Right after I get the dhcp address from my cox environment (just testing
> it so far on a local dhcp network, and yes, the cables are plugged in
> the right place so there are no topology errors) I see something that
> says "ROUTE: BAD VALUE: #Default".  What is this???

> Later, as it attempts to start dhcpd, I see an error that I should
> contact a certain mailing group if I have problems, and it says "DHCP:
> exiting" which obviously means DHCPD is not starting.

> Below are a few files I have running that should help anyone in helping
> me address this:

> To sum it up:

> 1)     How do I get rtk0 (192.168.0.1) and rtk1 (10.0.0.1) to have the
> dhcpd running on each interface for the correct pool

> 2)     I will have more questions in a later post about NAT/IPFILTERING
> & X11 problems

> 3)     Thank you all for your help

> #************************************************

> #/etc/rc.conf

> #************************************************

> #       $NetBSD: rc.conf,v 1.96 2000/10/14 17:01:29 wiz Exp $

> #

> # see rc.conf(5) for more information.

> #

> # Use program=YES to enable program, NO to disable it. program_flags are

> # passed to the program on the command line.

> #

> # Load the defaults in from /etc/defaults/rc.conf (if it's readable).

> # These can be overridden below.

> #

> if [ -r /etc/defaults/rc.conf ]; then

>         . /etc/defaults/rc.conf

> fi

> # If this is not set to YES, the system will drop into single-user mode.

> #

> rc_configured=YES

> # Add local overrides below

> #

> wscons=YES

> #       $NetBSD: rc.conf,v 1.37.2.3 2002/11/11 23:41:18 he Exp $

> #

> # /etc/defaults/rc.conf --

> #       default configuration of /etc/rc.conf

> #

> # see rc.conf(5) for more information.

> #

> # DO NOT EDIT THIS FILE DIRECTLY; IT MAY BE REPLACED DURING A SYSTEM
> UPGRADE.

> # EDIT /etc/rc.conf INSTEAD.

> #

> # DEVELOPERS:  Please edit share/sushi/system/rcconf/form when modifying
> this

> # file to keep it in sync.

> #

> # Use program=YES to enable program, NO to disable it. program_flags are

> # passed to the program on the command line.

> #

> # Uncomment this if you want to use local paths in rc.

> #

> #export
> PATH=$PATH:/usr/pkg/sbin:/usr/pkg/bin:/usr/local/sbin:/usr/local/bin

> # Uncomment the following to execute each /etc/rc.d script in

> # the current shell rather than in a subshell.  This may be

> # faster on very slow machines that have an expensive fork(2).

> #       NOTE:   USE THIS AT YOUR OWN RISK; A ROGUE COMMAND

> #               MAY INADVERTENTLY PREVENT BOOT TO MULTIUSER.

> #

> #rc_fast_and_loose=YES

> # Additional flags to the rcorder(8) that's run by /etc/rc.

> #

> rc_rcorder_flags=""

> # If this is set to NO, shutdown(8) will not run /etc/rc.shutdown.

> #

> do_rcshutdown=YES

> # Additional flags to the rcorder(8) that's run by /etc/rc.shutdown.

> #

> rcshutdown_rcorder_flags=""

> # If this is non-blank, use as the number of seconds to run a watchdog

> # timer which will terminate /etc/rc.shutdown if the timeout expires.

> #

> rcshutdown_timeout=""

> # Basic network configuration

> #

> # Fully Qualified Internet Domain Name (a.k.a. hostname, e.g.
> foo.baz.edu).

> # If blank, use /etc/myname.

> #

> hostname=""

> # If there's only one way out of your network, set this to the hostname

> # or the IP address of the router that will get your packets off the
> LAN.

> # If blank, use /etc/mygate.

> #

> defaultroute=""

> # The NIS domain name (formerly known as Yellow Pages); not in any way

> # related to Internet domain names.

> # If blank, use /etc/defaultdomain.

> #

> domainname=""

> # Filesystems to mount early in boot-up.

> # Note that `/var' is needed in $critical_filesystems_local (or

> # implied as part of `/') as certain services that need /var (such as

> # dhclient) may be needed to get the network operational enough to mount

> # the $critical_filesystems_remote.

> #

> critical_filesystems_local="/var"

> critical_filesystems_remote="/usr"

> # Swap device controls.

> #

> no_swap=NO              # Set to YES if you have purposefully setup no
> swap

>                         # partitions and don't want to be warned about
> it.

> swapoff=NO              # Remove block-type swap partitions upon
> shutdown

> # One-time actions and programs on boot-up.

> #

> lkm=NO                                          # run /etc/rc.lkm

> savecore=YES            savecore_flags="-z"

> clear_tmp=YES                                   # clear /tmp after
> reboot

> update_motd=YES                                 # updates /etc/motd

> dmesg=YES               dmesg_flags=""          # write
> /var/run/dmesg.boot

> accounting=NO                                   # uses /var/account/acct

> newsyslog=NO            newsyslog_flags=""      # trim log files

> # NOTE: default coredump name now set in /etc/sysctl.conf

> # Security setting.  If $securelevel is non-empty, the system
> securelevel

> # is set to this value early in the boot sequence.  Otherwise the
> default

> # action is taken (see init(8)).

> #

> securelevel=""                                  # securelevel to set to

> # To set the IP address of an interface either use

> #  ifconfig_xxN="IP-NO"

> # where xxN is the interface.  If this variable is not set then

> # contents of the file /etc/ifconfig.xxN is used.

> # Networking startup.

> #

> ipfilter=NO                                     # uses /etc/ipf.conf

> ipnat=NO                                        # uses /etc/ipnat.conf

> ipfs=NO                 ipfs_flags=""           # save/load ipnat and
> ipf states

> ipsec=NO                                        # uses /etc/ipsec.conf

> ipmon=NO                ipmon_flags="-ns"       # syslog ipfilter
> messages

> racoon=NO                                       # IKE daemon

> auto_ifconfig=YES                               # config all avail.
> interfaces

> net_interfaces=""                               # used only if above is
> NO

> flushroutes=YES                                 # flush routes in
> netstart

> dhclient=YES                                    # behave as a DHCP
> client

>                         dhclient_flags="fxp0"   # blank: config all
> interfaces

> ntpdate=NO              ntpdate_flags="-b -s"   # May need '-u' thru
> firewall

> ppp_peers=""                                    # /etc/ppp/peers to call

> ip6mode=host                                    # host, autohost or
> router

> ip6sitelocal=NO                                 # IPv6 sitelocal addrs

> rtsol=NO                rtsol_flags="-a"        # for ip6mode=autohost
> only

> # Special treatment for interfaces that need to be downed on

> # shutdown (because they might cause unecessary costs or block resources

> # on the peer). All pppoe* interfaces are automatically included in this

> # list, add others here manually.

> # force_down_interfaces=""

> ifwatchd=NO     # execute up/down scripts for in-kernel PPPoE interfaces

>         ifwatchd_flags="-u /etc/ppp/ip-up -d /etc/ppp/ip-down pppoe0"

> # ALTQ configuration/monitoring daemon

> altqd=NO                altqd_flags=""

> # Daemons required by servers.  These are not needed for strictly client
> use.

> #

> # inetd is used to start the IP-based services enabled in
> /etc/inetd.conf

> #

> inetd=YES               inetd_flags="-l"        # -l logs libwrap

> # rpcbind (formerly known as 'portmap') is used to look up RPC-based
> services.

> #

> rpcbind=NO              rpcbind_flags="-l"      # -l logs libwrap

> # Commonly used daemons.

> #

> syslogd=YES             syslogd_flags="-s"      # -s "secure" unix
> domain only

> cron=YES

> named=NO                named_flags=""          # see below for
> named_chrootdir

> timed=NO                timed_flags=""

> ntpd=NO                 ntpd_flags=""           # see below for
> ntpd_chrootdir

> sendmail=NO             sendmail_flags="-bd -q30m"

> postfix=NO

> lpd=NO                  lpd_flags="-s"          # -s "secure" unix
> domain only

> sshd=YES                        sshd_flags=""

> # To run the named(8) DNS server as an unprivileged user under a

> # chroot(2) cage, uncomment the following after migrating the contents

> # of /etc/namedb to /var/chroot/named/etc/namedb

> #

...

read more »