routing problens

Disasm · Nov 21, 2009

I have 8.0-PRERELEASE updated from stable-supfile. There is a route to the 194.85.80.0/22 subnet, but I can't ping 194.85.80.27.

Code:

# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
10.0.0.0/8         10.55.114.1        UGS         0        0    rl0
10.55.114.0/23     link#2             U           2       58    rl0
10.55.115.80       link#2             UHS         0        0    lo0
81.5.64.0/20       10.55.114.1        UGS         0        0    rl0
81.5.88.0/22       10.55.114.1        UGS         0        0    rl0
127.0.0.1          link#4             UH          0        0    lo0
172.16.0.0/12      10.55.114.1        UGS         0        0    rl0
192.168.0.0/16     10.55.114.1        UGS         0        0    rl0
192.168.1.0/24     link#1             U           0        0    re0
192.168.1.1        link#1             UHS         0        0    lo0
192.188.189.0/24   10.55.114.1        UGS         0        0    rl0
193.125.142.0/23   10.55.114.1        UGS         0        0    rl0
194.85.80.0/22     10.55.114.1        UGS         0        6    rl0

But if I add a route to the host 194.85.80.27, everything works fine. What should I do to access all computers from the subnet?
If it matters, I have gateway_enable="YES" and IPFW enabled with the only rule "allow ip from any to any"

bschmidt · Nov 21, 2009

Is 194.85.80.27 behind 10.55.114.1 or on the same physical network?

aragon · Nov 21, 2009

You pasted the routing table when things don't work, but can you also paste the routing table when they do work?

Disasm · Nov 21, 2009

Routing table after adding a route to the 194.85.80.27:

Code:

# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
10.0.0.0/8         10.55.114.1        UGS         0        0    rl0
10.55.114.0/23     link#2             U           2      540    rl0
10.55.115.80       link#2             UHS         0        0    lo0
81.5.64.0/20       10.55.114.1        UGS         0        0    rl0
81.5.88.0/22       10.55.114.1        UGS         0        0    rl0
127.0.0.1          link#4             UH          0        0    lo0
172.16.0.0/12      10.55.114.1        UGS         0        0    rl0
192.168.0.0/16     10.55.114.1        UGS         0        0    rl0
192.168.1.0/24     link#1             U           0        0    re0
192.168.1.1        link#1             UHS         0        0    lo0
192.188.189.0/24   10.55.114.1        UGS         0        0    rl0
193.125.142.0/23   10.55.114.1        UGS         0        0    rl0
194.85.80.0/22     10.55.114.1        UGS         0        0    rl0
194.85.80.27       10.55.114.1        UGHS        2        2    rl0

Traces to 194.85.80.27 from other machines (10.55.114.0/23 subnet) go through 10.55.114.1

aragon · Nov 21, 2009

Strange. Without the 194.85.80.27 host entry, what do you get with this command:

Code:

route -n get 194.85.80.27

And what does tcpdump show if you try ping 194.85.80.27 without the host entry?

Disasm · Nov 21, 2009

Code:

# route -n get 194.85.80.27
   route to: 194.85.80.27
destination: 194.85.80.0
       mask: 255.255.252.0
    gateway: 10.55.114.1
  interface: rl0
      flags: <UP,GATEWAY,DONE,STATIC>
 recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire
       0         0         0         0      1500         1         0

After adding a route to the host it says:

Code:

# route -n get 194.85.80.27
   route to: 194.85.80.27
destination: 194.85.80.27
    gateway: 10.55.114.1
  interface: rl0
      flags: <UP,GATEWAY,HOST,DONE,STATIC>
 recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire
       0         0         0         0      1500         1         0

tcpdump shows nothing.

aragon · Nov 21, 2009

Disasm said:
tcpdump shows nothing.

It must do. Try run tcpdump against other interfaces when you ping, lo0 included.

Disasm · Nov 22, 2009

Oh, sorry. It was tcpdump on re0 by default.

tcpdump on rl0:

Code:

13:32:16.344375 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 1, length 64
13:32:17.254140 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 1, length 64
13:32:17.345922 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 2, length 64
13:32:17.345932 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 2, length 64
13:32:18.347929 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 3, length 64
13:32:18.347943 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 3, length 64
13:32:19.350366 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 4, length 64
13:32:19.350379 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 4, length 64
13:32:20.351929 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 5, length 64
13:32:20.351943 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 5, length 64
13:32:21.354365 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 6, length 64
13:32:21.354379 IP wiki.box > 194.85.80.27: ICMP echo request, id 12036, seq 6, length 64

tcpdump on lo0 shows nothing.

SirDice · Nov 22, 2009

Your routing table is a mess. A lot of conflicting routes.

Code:

10.0.0.0/8         10.55.114.1        UGS         0        0    rl0
10.55.114.0/23     link#2             U           2       58    rl0
10.55.115.80       link#2             UHS         0        0    lo0

10.55.114.0/23 includes 10.55.115.80 on lo0. 10.0.0.0/8 includes both the addresses on lo0 and rl0.

Code:

192.168.0.0/16     10.55.114.1        UGS         0        0    rl0
192.168.1.0/24     link#1             U           0        0    re0
192.168.1.1        link#1             UHS         0        0    lo0

192.168.0.0/16 includes the 192.168.1.0/24 on re0 and 192.168.1.1 on lo0.

I would suggest cleaning it up and since all routes point to 10.55.114.1 set that as your default gateway.

Disasm · Nov 22, 2009

Code:

# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            10.55.114.1        UGS         0        0    rl0
10.0.0.0/8         10.55.114.1        UGS         2        7    rl0
10.55.114.0/23     link#2             U           2      233    rl0
81.5.64.0/20       10.55.114.1        UGS         0        0    rl0
81.5.88.0/22       10.55.114.1        UGS         0        0    rl0
127.0.0.1          link#4             UH          0        4    lo0
172.16.0.0/12      10.55.114.1        UGS         0        0    rl0
192.188.189.0/24   10.55.114.1        UGS         0        0    rl0
193.125.142.0/23   10.55.114.1        UGS         0        0    rl0
194.85.80.0/22     10.55.114.1        UGS         0       27    rl0

But I still can't ping 194.85.80.27 and others. Now, I can ping only computers from the 10.55.114.0/23 subnet.

SirDice · Nov 22, 2009

You have a default gateway, remove all the excess routes.

Disasm · Nov 22, 2009

I want to use mpd in future. So, in this case I will change the default gateway to the mpd's one and lose access to the local network.

SirDice · Nov 22, 2009

We'll cross that bridge when the time comes

For now just see if it works.

Disasm · Nov 22, 2009

It works.

SirDice · Nov 22, 2009

Ok.. Now slowly start adding the routes, start with that 194.85.80.0/22 one. Add a route, test it and if it works add another until it doesn't work anymore.

Disasm · Nov 22, 2009

Thanks. I have found the reason: it was a line

Code:

ifconfig_rl0="inet 10.55.115.80 10.55.114.1 netmask 255.255.254.0"

in rc.conf

routing problens

Disasm

bschmidt

aragon

Disasm

aragon

Disasm

aragon

Disasm

SirDice

Administrator

Disasm

SirDice

Administrator

Disasm

SirDice

Administrator

Disasm

SirDice

Administrator

Disasm