(no subject)

From: Mile (mile_at_cefur.net)
Date: 07/12/05

  • Next message: Garrett Mackey: "DNS caching example" 
    Date: Tue, 12 Jul 2005 11:36:54 +0200 (CEST)
To: freebsd-net@freebsd.org

    Hi,

    I am using FreeBSD 5.4-STABLE FreeBSD 5.4-STABLE #2: Tue Jun 7 23:41:06
    CEST 2005 brane@office.mobila-pu.si:/usr/obj/usr/src/sys/mobila i386

    and i have one big problem with lan...

    If i use mpd then some sites dont work on lan (www.hp.com www.najdi.si .....)
    but if i use ppp then everything work.

    My configs
    natd.conf
    interface ng0
    dynamic yes
    use_sockets yes

    /etc/ipfw
    #natd
    /sbin/ipfw 15 add divert natd all from any to any via ng0

    sysctl.conf
    security.bsd.see_other_uids=0
    security.bsd.see_other_gids=0
    security.bsd.unprivileged_read_msgbuf=0
    net.inet.tcp.blackhole=2
    net.inet.udp.blackhole=1
    vm.swap_idle_enabled=1
    kern.ipc.maxsockbuf=2097152
    kern.ipc.somaxconn=2048
    kern.maxfiles=65536
    kern.maxfilesperproc=32768
    net.inet.tcp.rfc1323=0
    net.inet.tcp.delayed_ack=0
    net.inet.tcp.sendspace=32768
    net.inet.tcp.recvspace=32768
    net.inet.udp.recvspace=32768
    net.inet.udp.maxdgram=57344
    net.local.stream.recvspace=32768
    net.local.stream.sendspace=32768
    net.inet.icmp.drop_redirect=1
    net.inet.icmp.log_redirect=1
    net.inet.ip.redirect=1
    net.inet6.ip6.redirect=0
    net.inet.ip.sourceroute=1
    net.inet.ip.accept_sourceroute=1
    net.link.ether.inet.max_age=1200
    net.inet.icmp.bmcastecho=0
    net.inet.tcp.drop_synfin=1
    net.inet.ip.fw.verbose=1

    I think that it isnt problem in configs.... because as i said with ppp
    everythink work fine. I had same issues with freebsd 4.11.

    greetz, mile

    _______________________________________________
    freebsd-net@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-net
    To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

  • Next message: Garrett Mackey: "DNS caching example"

    Relevant Pages

    • ipfw / natd does not allow lan traffic to reach external numbers
      ... *) natd is used to redirect access to external IP addresses and ports ... -redirect_port tcp 192.168.0.21:25-52 25-52 ... -redirect_port udp 192.168.0.21:25-52 25-52 ... comes when a box on the LAN tries to reach a site residing on ...
      (freebsd-questions)
    • RE: Acess to virtual hosts are being blocked by natd/firewall
      ... >> Make sure that you are diverting the traffic from LAN to ... > DMZ via NATD. ... Not between the LAN and DMZ area, ...
      (freebsd-net)
    • multiple VLANs public IPs and NATds : HowTo ?
      ... How would one go about running several instances of natd with unique public IP's for several VLAN's terminated on the same interface? ... The idea being that multiple seperate RFC-1918 networks are ... Each LAN goes into a switch where the port is configured as a particular LAN ... There should be 1 instance of NATd running for each VLAN ...
      (freebsd-net)
    • Re: multiple NATds and VLANs
      ... > each VLAN goes through a seperate NAT'd instance in order to ... Each buisiness has it's own LAN ... Each NATd uses seperate public IP's ... newbie, newbie, with such a problem on hand you are too modest! ...
      (comp.unix.bsd.freebsd.misc)
    • RE: Issues with 2 instances of NATD
      ... > Joseph Begumisa ... Issues with 2 instances of NATD ... > on the LAN ... However, traffic from all machines ...
      (freebsd-questions)