HOw to forward IP addresses? for Routing and Internet Sharing?

[Sina]

Hello everyone.

I'm running FreeBSD 4.5 and connected directly via a adsl modem to the internet. (using Sympatico adsl)

I have 2 nic cards in the system.
I use the ppp script to connect to the internet as suggested in the handbook.
Now I can assign one IP address to one of the Nic cards. like 192.168.1.15, however if I assign an IP to the 2nd Nic card also, I no longer can connect to the internet.
So the 2nd card is simply with no ip address and its not set to use the dhcp also.

How can I enable or set this system as a router/gateway, so that the other system connected to a hub (which is connected to the 2nd nic card on BSD system) can use and share internet also.

Thank you all
Sina

 

[noka]

put in your rc.conf:
gateway_enable="YES"

start your ppp:
ppp -auto -nat pppoelabel

you should configure a firewall and a nameserver on the gateway.

noka

 

[JaybOt]

You may also need to add some options to you kernel :

option IPDIVERT

and for the firewall ...

option IPFIREWAL_FORWARD
option IPFIREWALL_VERBROSE
option IPFIREWALL_VERBROSE_LIMIT=10

regards,
JayBot "Always know what you say, but don't always say what you know!"

 

[Sina]

thank you all for your help.

I have now done the kernel recompilation as you suggeted.
However the problem is still the same.

Here it is.:
I can connect to sympatico if I only assing one ip address to one of the nic cards.
Sympatico connects fine. But I can not assing an IP to other nic card to the forwarding.
Here is the output of ifconfig

--------------------------------------
spiderman# ifconfig
xl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=3<rxcsum,txcsum>
inet 192.168.1.10 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::210:4bff:fe6b:662d%xl0 prefixlen 64 scopeid 0x1
ether 00:10:4b:6b:66:2d
media: Ethernet autoselect (10baseT/UTP)
status: active
xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::260:8ff:fe53:a1cb%xl1 prefixlen 64 scopeid 0x2
ether 00:60:08:53:a1:cb
media: Ethernet autoselect (10baseT/UTP)
status: active
lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492
inet6 fe80::210:4bff:fe6b:662d%tun0 prefixlen 64 scopeid 0x8
inet 63.231.212.149 --> 63.230.254.108 netmask 0xff000000
Opened by PID 129
As you can see the 2nd nic card identified by xl1 does not have an ip.

Having this configuration, how can I set the ipforwarding so that the other machines on my local lan access internet.

Here is my rc.conf

# Created: Mon Aug 26 23:33:51 2002
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
hostname=&quot;spiderman.sympatico.ca&quot;
network_interfaces=&quot;auto&quot; # List of network interfaces (or &quot;auto&quot.
kern_securelevel_enable=&quot;NO&quot;
linux_enable=&quot;YES&quot;
moused_enable=&quot;YES&quot;
nfs_reserved_port_only=&quot;YES&quot;
sendmail_enable=&quot;NO&quot;
sshd_enable=&quot;YES&quot;
usbd_enable=&quot;YES&quot;
router_flags=&quot;-q&quot;
router=&quot;/sbin/routed&quot;
router_enable=&quot;YES&quot;
gateway_enable=&quot;YES&quot;
hostname=&quot;spiderman.sympatico.ca&quot;
# -- sysinstall generated deltas -- # Sat Aug 31 16:13:25 2002
ifconfig_xl0=&quot;inet 192.168.1.10 netmask 255.255.255.0&quot;
ifconfig_xl1=&quot;inet 192.168.1.20 netmask 255.255.255.0&quot;
defaultrouter=&quot;192.168.1.10&quot;
hostname=&quot;spiderman.sympatico.ca&quot;
inetd_enable=&quot;YES&quot;
##############################################################
### Network configuration sub-section ######################
##############################################################

### Basic network and firewall/security options: ###
hostname=&quot;spiderman.sympatico.ca&quot; # Set this!
firewall_enable=&quot;YES&quot; # Set to YES to enable firewall
functionality
firewall_type=&quot;OPEN&quot; # Firewall type (see /etc/rc.firewall)
firewall_quiet=&quot;NO&quot; # Set to YES to suppress rule display
firewall_logging=&quot;YES&quot;
natd_enable=&quot;YES&quot; # Enable natd (if firewall_enable == YES).
natd_interface=&quot;xl1&quot; # Public interface or IPaddress to use.
natd_flags=&quot;-f /etc/natd.conf&quot;
redirect_address 192.168.1.10 192.168.1.20


Thank you all

 

[spurdy88]

Your rc.conf:-
ifconfig_xl0=&quot;inet 192.168.1.10 netmask 255.255.255.0&quot;
ifconfig_xl1=&quot;inet 192.168.1.20 netmask 255.255.255.0&quot;

Both Network cards are on the same network 192.168.1.0, the whole point of a router is that they are on different networks or am i missing a point somewhere.

Tun0 has an external IP, Is your ADSL modem usb/ethernet/other?

Even I'm confused by this one?

 

[drphat]

you have redudant settings overlapping themselves, you need to put in internal address on your internal nic

then keep the external ip on the external nic...

you can not have gateway enabled and then try to run the same network on 2 different nics...its not possible and frankly kinda silly...because you can assign numerous ips to a single nic. it looks to me like you may not understand routing..

 

[Sina]

Thank you all for your time and comments.
Yes, You are rigth, perhaps I do not understand routing.

This is bascially What I have.

2 nic in Freebsd.
One nic card is connected to sympatico adsl. internet works fine.
I imagine I need to setup a static ip address for the 2nd card. ok
ifconfig_xl0=&quot;inet 192.168.1.10 netmask 255.255.255.0&quot;

ok but now how is the traffic going to be routed from this internal ip to the 2nd card which is connected to sympatico.?
Because when I'm connected to sympatico.

I get this when runing ifconfig
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492
inet6 fe80::210:4bff:fe6b:662d%tun0 prefixlen 64 scopeid 0x8
inet 63.231.212.149 --> 63.230.254.108 netmask 0xff000000
Opened by PID 129

I dont know what is tun0 (tunnel 0). I have to give other pc on the same network the gateway number of the bsd box. lets say ip 192.168.1.10.

Now how am I going to route 192.168.1.10 request to tun0?

Thank you all.

Basically I just want to setup internet sharing using freebsd and adsl

Thanks again

 

[drphat]

its not too tough

config your external ip with the adsl info

config your internal with an internal ip (192.168.y.z is fine)

compile your kernel with bpf, firewall and routing (

http://ariadne.iz.net/FreeBSD/kernelconfig-building.html

and

http://www.freebsd.org/FAQ/networking.html

are both good resources)

you may want to just get a named cacheing only server setup (just install named and its pretty much a caching only server)

then on your other computers set their gateway to be the routers internal ip then the dns to be the ip of the router computer also

 

[xazax]

Im not gonna talk too much:

Ill give you my config files of a working FreeBSD (mines 4.4)
should be almost if not identical to 4.5.

The point is mines working now.

/etc/rc.conf

# -- sysinstall generated deltas -- # Fri May 31 01:44:00 2002
# Created: Fri May 31 01:44:00 2002
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
defaultrouter=&quot;192.168.1.2&quot;
gateway_enable=&quot;YES&quot;
hostname=&quot;ZUANTIZ.pacbell.net &quot;
hostname=&quot;ZUANTIZ.pacbell.net&quot;
ifconfig_ep0=&quot;inet 192.168.1.2 netmask 255.255.255.0&quot;
ifconfig_ep1=&quot;inet 192.168.0.1 netmask 255.255.255.0&quot;
ifconfig_tun0=&quot;inet 0.0.0.0 netmask 0.0.0.0&quot;
ifconfig_tun1=&quot;inet 0.0.0.0 netmask 0.0.0.0&quot;
ifconfig_tun2=&quot;inet 0.0.0.0 netmask 0.0.0.0&quot;
kern_securelevel_enable=&quot;NO&quot;
moused_enable=&quot;NO&quot;
moused_type=&quot;NO&quot;
nfs_client_enable=&quot;YES&quot;
nfs_reserved_port_only=&quot;YES&quot;
sendmail_enable=&quot;NO&quot;
sendmail_enable=&quot;NO&quot;
sshd_enable=&quot;YES&quot;
gateway_enable=&quot;YES&quot;
firewall_enable=&quot;YES&quot;
firewall_type=&quot;/etc/rc.firewall&quot;
firewall_quiet=&quot;NO&quot;
natd_enable=&quot;YES&quot;
natd_interface=&quot;ep0&quot;

ppp_enable=&quot;YES&quot;
ppp_mode=&quot;ddial&quot;
ppp_nat=&quot;YES&quot; # if you want to enable nat for your local network, otherwise NO
ppp_profile=&quot;sbcglobal.net&quot;

#I added the other tun(1,2) you dont have to do those

/etc/ppp/ppp.conf

#

http://heyer.supranet.net/pptp/

#/etc/ppp/ppp.conf
# using /etc/passwd instead of chap-secrets
#Now for some copying and pasting. First add the following lines to your /etc/ppp/ppp.conf file.
default:
set log Phase Chat LCP IPCP CCP IPCP tun command

# set device /dev/ep0
set ifaddr 63.21.96.254/24 #ignore this I was desparate
# set ifaddr 0.0.0.0/0
#loop:
sbcglobal.net:
set phone 562-549-9486 #this hasnt caused any probs
set redial 10 4
# set speed 256
set timeout 999
# set Chat log phase chat connect lcp ipcp command
# set log Phase Chat LCP IPCP CCP tun command
set device PPPoE:ep0
set authname xazax666@sbcglobal.net
set authkey satansapprentice666
set dial
set login
add default HISADDR
enable dns

/sbin/ifconfig

ep0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::2a0:24ff:fe37:9b15%ep0 prefixlen 64 scopeid 0x1
ether 00:a0:24:37:9b:15
media: Ethernet 10baseT/UTP

ep1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
inet6 fe80::220:afff:fea4:3184%ep1 prefixlen 64 scopeid 0x2
ether 00:20:af:a4:31:84
media: Ethernet 10baseT/UTP

faith0: flags=8000<MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492
inet6 fe80::2a0:24ff:fe37:9b15%tun0 prefixlen 64 scopeid 0x6
inet 63.21.98.66 --> 63.21.98.254 netmask 0xff000000
Opened by PID 111
tun1: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
inet6 fe80::2a0:24ff:fe37:9b15%tun1 prefixlen 64 scopeid 0x7

Summary:
As far as I can see you did fine for the most part.
If you want my opinion, I think you forgot to give each of your nic cards a private static ip address.

Your tun0 got the WAN ip address which is what I was trying to get all along.

I hope this helped you, good luck.