FreeBSD 9.1-RELEASE routing issue

T

twh

Hi, I am having a bit of trouble getting 9.1 to route. In previous versions on other hardware, setting gateway_enable=YES was enough. I have two interfaces:

Code: 
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO>
	ether 00:22:4d:88:17:fe
	inet6 fe80::222:4dff:fe88:17fe%em0 prefixlen 64 scopeid 0x1 
	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
	media: Ethernet autoselect (1000baseT <full-duplex>)
	status: active
em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO>
	ether 00:22:4d:88:17:fb
	inet6 fe80::222:4dff:fe88:17fb%em1 prefixlen 64 scopeid 0x2 
	inet 172.16.10.1 netmask 0xffffff00 broadcast 172.16.10.255
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
	media: Ethernet autoselect (1000baseT <full-duplex>)
	status: active

I have internal hosts behind em1, and em0 is supposed to handle internet traffic to the default gw (ISP router 192.168.254). I can ping em0 from the inside network, and I can see ICMP requests come into em1, but not route to 192.168.1.254. I checked gateway_enable=YES, net.inet.ip.forwarding: 1, net.inet.ip.redirect: 1, and routing tables:

Code: 
Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.1.254      UGS         0      327    em0
127.0.0.1          link#11            UH          0       20    lo0
172.16.10.0/24     link#2             U           0      387    em1
172.16.10.1        link#2             UHS         0        0    lo0
192.168.1.0/24     link#1             U           0       57    em0
192.168.1.1        link#1             UHS         0        0    lo0

There is no filtering enabled, pf and ipfw modules not even loaded. Arp shows hosts:

Code: 
? (172.16.10.5) at 00:12:17:5a:b1:cd on em1 expires in 910 seconds [ethernet]
? (172.16.10.1) at 00:22:4d:88:17:fb on em1 permanent [ethernet]
? (192.168.1.75) at 28:cf:da:01:e5:2b on em0 expires in 1192 seconds [ethernet]
? (192.168.1.1) at 00:22:4d:88:17:fe on em0 permanent [ethernet]
? (192.168.1.254) at e8:6d:52:87:28:f0 on em0 expires in 1176 seconds [ethernet]

But I can't figure out for the life of me why it isn't routing. Is there anything I missed?
 
Most likely the router at 192.168.1.254 does not know how to reach the 172.16.10.0/24 network. You need to add a static route on the router for the 172.16.10.0/24 net or set up NAT on the FreeBSD machine that hides the 172.16.10.0/24 addresses behind the NAT.
 
Yes, you need to define the route back. I always imagine myself as a network packet. Then move from hop to hop, looking at the routing table to see where to go next. But once on the destination you need to do the reverse, from the destination back to the source.
 
You must log in or register to reply here.
Back
Top