PDA

View Full Version : [Solved] routing problens

Disasm
November 21st, 2009, 07:56
I have 8.0-PRERELEASE updated from stable-supfile. There is a route to the 194.85.80.0/22 subnet, but I can't ping 194.85.80.27.

# netstat -rn
Routing tables

Internet:
Destination Gateway Flags Refs Use Netif Expire
10.0.0.0/8 10.55.114.1 UGS 0 0 rl0
10.55.114.0/23 link#2 U 2 58 rl0
10.55.115.80 link#2 UHS 0 0 lo0
81.5.64.0/20 10.55.114.1 UGS 0 0 rl0
81.5.88.0/22 10.55.114.1 UGS 0 0 rl0
127.0.0.1 link#4 UH 0 0 lo0
172.16.0.0/12 10.55.114.1 UGS 0 0 rl0
192.168.0.0/16 10.55.114.1 UGS 0 0 rl0
192.168.1.0/24 link#1 U 0 0 re0
192.168.1.1 link#1 UHS 0 0 lo0
192.188.189.0/24 10.55.114.1 UGS 0 0 rl0
193.125.142.0/23 10.55.114.1 UGS 0 0 rl0
194.85.80.0/22 10.55.114.1 UGS 0 6 rl0

But if I add a route to the host 194.85.80.27, everything works fine. What should I do to access all computers from the subnet?
If it matters, I have gateway_enable="YES" and IPFW enabled with the only rule "allow ip from any to any"
bschmidt
November 21st, 2009, 08:27
Is 194.85.80.27 behind 10.55.114.1 or on the same physical network?
aragon
November 21st, 2009, 09:09
You pasted the routing table when things don't work, but can you also paste the routing table when they do work?
Disasm
November 21st, 2009, 11:00
Routing table after adding a route to the 194.85.80.27:

# netstat -rn
Routing tables

Internet:
Destination Gateway Flags Refs Use Netif Expire
10.0.0.0/8 10.55.114.1 UGS 0 0 rl0
10.55.114.0/23 link#2 U 2 540 rl0
10.55.115.80 link#2 UHS 0 0 lo0
81.5.64.0/20 10.55.114.1 UGS 0 0 rl0
81.5.88.0/22 10.55.114.1 UGS 0 0 rl0
127.0.0.1 link#4 UH 0 0 lo0
172.16.0.0/12 10.55.114.1 UGS 0 0 rl0
192.168.0.0/16 10.55.114.1 UGS 0 0 rl0
192.168.1.0/24 link#1 U 0 0 re0
192.168.1.1 link#1 UHS 0 0 lo0
192.188.189.0/24 10.55.114.1 UGS 0 0 rl0
193.125.142.0/23 10.55.114.1 UGS 0 0 rl0
194.85.80.0/22 10.55.114.1 UGS 0 0 rl0
194.85.80.27 10.55.114.1 UGHS 2 2 rl0


Traces to 194.85.80.27 from other machines (10.55.114.0/23 subnet) go through 10.55.114.1
aragon
November 21st, 2009, 15:17
Strange. Without the 194.85.80.27 host entry, what do you get with this command:


route -n get 194.85.80.27


And what does tcpdump show if you try ping 194.85.80.27 without the host entry?
Disasm
November 21st, 2009, 15:27
# route -n get 194.85.80.27
route to: 194.85.80.27
destination: 194.85.80.0
mask: 255.255.252.0
gateway: 10.55.114.1
interface: rl0
flags: <UP,GATEWAY,DONE,STATIC>
recvpipe sendpipe ssthresh rtt,msec mtu weight expire
0 0 0 0 1500 1 0


After adding a route to the host it says:

# route -n get 194.85.80.27
route to: 194.85.80.27
destination: 194.85.80.27
gateway: 10.55.114.1
interface: rl0
flags: <UP,GATEWAY,HOST,DONE,STATIC>
recvpipe sendpipe ssthresh rtt,msec mtu weight expire
0 0 0 0 1500 1 0


tcpdump shows nothing.
aragon
November 21st, 2009, 19:51
tcpdump shows nothing.
It must do. Try run tcpdump against other interfaces when you ping, lo0 included.
Disasm
November 22nd, 2009, 11:40
Oh, sorry. It was tcpdump on re0 by default.

tcpdump on rl0:

13:32:16.344375 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 1, length 64
13:32:17.254140 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 1, length 64
13:32:17.345922 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 2, length 64
13:32:17.345932 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 2, length 64
13:32:18.347929 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 3, length 64
13:32:18.347943 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 3, length 64
13:32:19.350366 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 4, length 64
13:32:19.350379 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 4, length 64
13:32:20.351929 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 5, length 64
13:32:20.351943 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 5, length 64
13:32:21.354365 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 6, length 64
13:32:21.354379 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 6, length 64


tcpdump on lo0 shows nothing.
SirDice
November 22nd, 2009, 13:03
Your routing table is a mess. A lot of conflicting routes.


10.0.0.0/8 10.55.114.1 UGS 0 0 rl0
10.55.114.0/23 link#2 U 2 58 rl0
10.55.115.80 link#2 UHS 0 0 lo0

10.55.114.0/23 includes 10.55.115.80 on lo0. 10.0.0.0/8 includes both the addresses on lo0 and rl0.


192.168.0.0/16 10.55.114.1 UGS 0 0 rl0
192.168.1.0/24 link#1 U 0 0 re0
192.168.1.1 link#1 UHS 0 0 lo0

192.168.0.0/16 includes the 192.168.1.0/24 on re0 and 192.168.1.1 on lo0.

I would suggest cleaning it up and since all routes point to 10.55.114.1 set that as your default gateway.
Disasm
November 22nd, 2009, 13:24
# netstat -rn
Routing tables

Internet:
Destination Gateway Flags Refs Use Netif Expire
default 10.55.114.1 UGS 0 0 rl0
10.0.0.0/8 10.55.114.1 UGS 2 7 rl0
10.55.114.0/23 link#2 U 2 233 rl0
81.5.64.0/20 10.55.114.1 UGS 0 0 rl0
81.5.88.0/22 10.55.114.1 UGS 0 0 rl0
127.0.0.1 link#4 UH 0 4 lo0
172.16.0.0/12 10.55.114.1 UGS 0 0 rl0
192.188.189.0/24 10.55.114.1 UGS 0 0 rl0
193.125.142.0/23 10.55.114.1 UGS 0 0 rl0
194.85.80.0/22 10.55.114.1 UGS 0 27 rl0

But I still can't ping 194.85.80.27 and others. Now, I can ping only computers from the 10.55.114.0/23 subnet.
SirDice
November 22nd, 2009, 13:48
You have a default gateway, remove all the excess routes.
Disasm
November 22nd, 2009, 14:07
I want to use mpd in future. So, in this case I will change the default gateway to the mpd's one and lose access to the local network.
SirDice
November 22nd, 2009, 14:17
We'll cross that bridge when the time comes ;)

For now just see if it works.
Disasm
November 22nd, 2009, 14:31
It works.
SirDice
November 22nd, 2009, 14:53
Ok.. Now slowly start adding the routes, start with that 194.85.80.0/22 one. Add a route, test it and if it works add another until it doesn't work anymore.
Disasm
November 22nd, 2009, 20:33
Thanks. I have found the reason: it was a line
ifconfig_rl0="inet 10.55.115.80 10.55.114.1 netmask 255.255.254.0"
in rc.conf