|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
Need help urgently !!!
The level of principle, I need to know what kind of topology i need to use
for my alix board. I mean I bought a board called ALIX 6E1 how has two ports (ETHERNET (vr0 vr1. I want to set the board to use as a router. I want to know Should I set the vr0 as WAN and set it as dhcpclient who gets the IP address from the modem or through a wireless network card form my laptop who is connected to the home router . In addition the vr1 port as LAN and configure it as dhcp server which will give an ip address to my laptop behind it. Do I need to configure NAT between the two ETHERNET port or is there another way to implement these settings. I run on the board OPENBSD 4.9 operating system and the laptop I have WIN 7 64 BIT. I'm trying for a long time to figure out what option to choose to define the best and fastest. In addition there is a USB port in the board that I want to connect to NETSTICK mobile communications. I mean I also need to set some kind of protocol regulating communication when I'm connecting Through a dsl and i lose comunecation I will pass to the mobile communications. I would welcome any help given, I'm sorry for my misunderstanding but this how i learn . Matthew. |
|
|||
You could start by connecting the vr0 port your Alix board to the modem and on then run a dhclient vr0. (on the Alix board)
The vr0 interface then will either get a public IP or a private, non-public IP. To help you further please post the output of the dhclient vr0 command
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Thanks for the attitude
You mean to run a command of IFCONFIG and see if I get an address on vr0 when I plug it to the modem.
Of course after I set up my vr0 as dhcp client. Anyway, I've done some settings for the ports but I want to know why you cant i set a static address for each of the ports instead of a dynamic host. And why do I have to use - NAT instead of bridging or routing . |
|
|||
You can set up vr0 as a dhcp client manually from the command line:
Code:
# dhclient vr0 Or create a /etc/hostname.vr0 that only contains: Code:
dhcp Code:
# ifconfig -A We need this information to assist you further
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Thanks for your help
This is what I got after I ran the command ifconfig-a .
Code:
# ifconfig -A lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33200 priority: 0 groups: lo inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 lladdr 00:0d:b9:1c:96:80 priority: 0 groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet6 fe80::20d:b9ff:fe1c:9680%vr0 prefixlen 64 scopeid 0x1 inet 192.168.1.103 netmask 0xffffff00 broadcast 192.168.1.255 vr1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500 lladdr 00:0d:b9:1c:96:81 priority: 0 media: Ethernet autoselect (none) status: no carrier enc0: flags=0<> priority: 0 groups: enc status: active pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33200 priority: 0 groups: pflog Code:
pf enabled net.inet.ip.forwarding: 0 -> 1 sysctl: top level name 1 in 1 is invalid sysctl: top level name forwarding in forwarding is invalid sysctl: top level name (routing) in (routing) is invalid sysctl: top level name of in of is invalid sysctl: top level name IPv4 in IPv4 is invalid sysctl: top level name packets in packets is invalid net.inet.ip.forwarding: 1 -> 1 starting network /etc/rc: /etc/rc.conf[29]: for: not found /etc/dhclient.conf line 3: expecting a statement. DHCP ^ /etc/dhclient.conf line 19: semicolon expected. send ^ DHCPDISCOVER on vr0 to 255.255.255.255 port 67 interval 4 DHCPOFFER from 192.168.1.1 (00:22:6b:7b:7e:68) DHCPREQUEST on vr0 to 255.255.255.255 port 67 DHCPACK from 192.168.1.1 (00:22:6b:7b:7e:68) bound to 192.168.1.103 -- renewal in 43200 seconds. starting system logger starting initial daemons:. savecore: no core dump checking quotas: done. building ps databases: kvm dev. clearing /tmp starting pre-securelevel daemons:. setting kernel security level: kern.securelevel: 0 -> 1 creating runtime link editor directory cache. preserving editor files. starting network daemons: sshd dhcpd sendmail inetd. starting local daemons:. standard daemons: cron. Mon Oct 17 09:27:25 IST 2011 Last edited by ocicat; 17th October 2011 at 11:21 AM. Reason: Please, use [code] & [/code] tags when posting screen output. |
|
|||
thanks !!!
Do you have a suggestion how I can solve these problems.(syntax errors in sysctl.conf, rc.conf, and dhclient.conf).
|
|
|||
Code:
# vi /etc/dhclient.conf # $OpenBSD: dhclient.conf,v 1.1 1998/09/08 20:26:41 marc Exp $ # DHCP Client Configuration # # See dhclient.conf(5) for possible contents of this file. # When empty default values are used: # # Example: # # send dhcp-lease-time 3600; # send host-name "myhost"; # supersede host-name "myhost"; # supersede domain-name "my.domain"; # request subnet-mask, broadcast-address, time-offset, routers, # domain-name, domain-name-servers, host-name, lpr-servers, ntp-servers; # require subnet-mask, domain-name-servers, routers; # media "link0 link1", "link0 link1", "link0 link1", "-link0 link1"; initial-interval 1; send host-name "ecbox"; request subnet-mask, broadcast-address, routers, domain-name, domain-name-servers, host-name; ~ ~ /etc/dhclient.conf: unmodified: line 1 Last edited by J65nko; 17th October 2011 at 05:00 PM. Reason: code tags |
|
|||
# vi /etc/sysctl.conf
Code:
# $OpenBSD: sysctl.conf,v 1.49 2011/02/16 10:37:45 mikeb Exp $ # # This file contains a list of sysctl options the user wants set at # boot time. See sysctl(3) and sysctl(8) for more information on # the many available variables. net.inet.ip.forwarding=1 1=Permit forwarding (routing) of IPv4 packets #net.inet.ip.mforwarding=1 # 1=Permit forwarding (routing) of IPv4 multicas t packets #net.inet.ip.multipath=1 # 1=Enable IP multipath routing #net.inet.icmp.rediraccept=1 # 1=Accept ICMP redirects #net.inet6.icmp6.rediraccept=0 # 0=Don't accept IPv6 ICMP redirects #net.inet6.ip6.forwarding=1 # 1=Permit forwarding (routing) of IPv6 packets #net.inet6.ip6.mforwarding=1 # 1=Permit forwarding (routing) of IPv6 multicas t packets #net.inet6.ip6.multipath=1 # 1=Enable IPv6 multipath routing #net.inet6.ip6.accept_rtadv=1 # 1=Permit IPv6 autoconf (forwarding must be 0) #net.inet.tcp.rfc1323=0 # 0=Disable TCP RFC1323 extensions (for if tcp i s slow) #net.inet.tcp.rfc3390=0 # 0=Disable RFC3390 for TCP window increasing #net.inet.esp.enable=0 # 0=Disable the ESP IPsec protocol #net.inet.ah.enable=0 # 0=Disable the AH IPsec protocol #net.inet.esp.udpencap=0 # 0=Disable ESP-in-UDP encapsulation /etc/sysctl.conf: unmodified: line 1 # vi /etc/rc.conf #!/bin/sh - # # $OpenBSD: rc.conf,v 1.141 2011/02/12 11:21:01 ajacoutot Exp $ # set these to "NO" to turn them off. otherwise, they're used as flags ldpd_flags=NO # for normal use: "" ripd_flags=NO # for normal use: "" mrouted_flags=NO # for normal use: "", if activated # be sure to enable multicast_router below. dvmrpd_flags=NO # for normal use: "" ospfd_flags=NO # for normal use: "" ospf6d_flags=NO # for normal use: "" bgpd_flags=NO # for normal use: "" rarpd_flags=NO # for normal use: "-a" bootparamd_flags=NO # for normal use: "" rbootd_flags=NO # for normal use: "" sshd_flags="" # for normal use: "" named_flags=NO # for normal use: "" nsd_flags=NO # for normal use: "" rdate_flags=NO # for normal use: [RFC868-host] or [-n RFC2030-host] timed_flags=NO # for normal use: "" ldattach_flags=NO # for normal use: "[options] linedisc cua-device" ntpd_flags=NO # for normal use: "" /etc/rc.conf: unmodified: line 1 Last edited by J65nko; 17th October 2011 at 05:00 PM. Reason: code tags |
|
||||
Your error in sysctl.conf is the first line:
Code:
net.inet.ip.forwarding=1 1=Permit forwarding (routing) of IPv4 packets I cannot see your error(s) in rc.conf because you are only showing the first page of a larger file. vi(1) is NOT the tool to use to copy and paste the entire contents of a file here. The error messages point to the line numbers, wlm2. Please use them to find your error(s). The error in dhclient.conf is, as the error message said, in line #3 of the file. This line should be commented, it is NOT. Code:
DHCP Client Configuration |
|
|||
thanks!!
I fixed all the mistakes,many, many thanks indeed you do not know how you helped me.
Say you read the first correspondence I need help. I want to know what I do worng with the settings of vr1. I need to set vr1 port as LAN and configure it as dhcp server which will give an ip address to my laptop behind it. Do I need to configure NAT between the two ETHERNET port or is there another way to implement these settings. I run on the board OPENBSD 4.9 operating system and the laptop I have WIN 7 64 BIT. I'm trying for a long time to figure out what option to choose to define the best and fastest. In addition there is a USB port in the board that I want to connect to NETSTICK mobile communications. I mean I also need to set some kind of protocol regulating communication when I'm connecting Through a dsl and i lose comunecation I will pass to the mobile communications. |
|
|||||
Quote:
Quote:
Code:
[Router with DHCP server]--{wireless}--[Laptop]--{wired to vr0}--[ALIX6E1 with DHCP client] Code:
{Internet} -- [ALIX acting as your router]--[Laptop] It is possible that the address provided by your ISP's equipment is not an Internet address. Addresses in the RFC 1918 block are for private networks, and are not usable on the Internet without translation. Network Address Translation (NAT) is required for any device that does not have its own address on the internet. Using my second picture, if the ALIX box's outer network is on the Internet, then NAT is required for the inner network. If the ALIX box's outer network is a private network, NAT is not required. Quote:
Quote:
You might find it helpful to communicate in your native language, rather than English. Perhaps this list from www.openbsd.org/mail.html will help. Quote:
|
|
|||
The first thing one more time Thanks for your help.
The second thing I'm sorry for my ignorance but if you can help me it would be useful. I want to know one thing, you wrote me that I need to configure the board as a router that is according to FAQ 6.2.7, according to the message I sent you i removed the ladders to allow (net.inet.ip.forwarding=1 ), Is there anything else I should do? Secondly how I configure vr1 as dhcp server. For example here is dhcpd.conf print screen. Code:
vi /etc/dhcpd.conf #option domain-name "ecbox.com"; n domain-name "ecbox.com"; option domain-name-servers 192.168.1.3, 192.168.1.5; subnet 192.168.1.0 netmask 255.255.255.0 { option routers 192.168.1.1; range 192.168.1.32 192.168.1.127; |
|
||||
I wrote:
Quote:
Here is an example, where the ISP's equipment is presenting a "real" Internet address, and NAT is used to provide a private (RFC 1918) inner network: Code:
{Internet} a.b.c.d -- [ALIX] -- 192.168.1.1/24 -- [Laptop] But... Here is an example, where the ISP's equipment is presenting a private network to you -- or, if you decide to continue to use your DSL router you have in place right now, without changing how it is configured, whether ISP provided or not: Code:
{Internet} [ISP's or your own NAT device] -- 192.168.1/24 -- [ALIX] -- 10.1.1/24 -- [Laptop] |
|
||||
First, thank you for wrapping text you copy/paste with code tags. I appreciate it.
Second, please stop using vi to copy/paste. As I stated earlier, it is unclear when you use it what the complete contents of any file actually are. You have another bad line here, whether you did this via another bad edit, or whether you have some sort of typo in your post, I cannot tell. Note what I have highlighted in red. Code:
n domain-name "ecbox.com"; |
|
|||
thanks !
My ALIX box's outer network is a private network .
Secondly what do you recommend using for routing between two port ethernet. The third thing I still do not see how I implement dhcp server on vr1, of course I want that vr1 assigns an address to my laptop. Can I just give a static address to the network card on my laptop, and a static address to vr1 port Without need to use dhcp server configuration. |
|
||||
Here's some additional assistance, wlm2.
If you would like to see the diagnostic output from dhcpd, start with the dhcpd(8) man page. There, you will find the -d option: Code:
-d Force dhcpd to log to stderr. This can be useful for debugging, and also at sites where a complete log of all dhcp activity must be kept, but syslogd(8) is not reliable or otherwise cannot be used. Normally, dhcpd will log all output using the syslog(3) function with the log facility set to LOG_DAEMON. |
|
||||
Then is my first picture still accurate? You are connecting from a DSL router, through your Windows machine, through to vr0 on the ALIX, and vr1 is not connected to any network? You have yet to clarify this with any text or pictures.
Quote:
If you want the ALIX to be a router, you must connect it to two or more separate networks. The only connection between those two networks is ... the ALIX. I will repeat what I think I know, from your earlier threads. It is unclear to me if this is the configuration, because English is not your native language, and you have neither confirmed nor corrected my earlier ASCII "drawings".
Is anything I believe wrong? If so, please correct me. Since words are difficult, please post an ASCII diagram, like the ones I have posted. Show how things are connected now, and, how you want them connected in the future. Because .... If you want the ALIX system to act as some sort of firewall, it must sit between the Internet and the system you wish protected ... your laptop. If what I believe is correct, it is not (yet) doing so. Quote:
Quote:
It appears to me that you need to start by clearly stating what it is you want to accomplish. Then, perhaps we can help you build a network designed to provide that. At the moment, it looks to me like you are having trouble with basic concepts, because your physical network layout does not appear to provide any value. If what I believe is correct. I still do not know.
|
|
|||
thanks
Okay sorry that I didnt sent the topology of the network before.
HTML Code:
Cable Modem => linksys wrt610n => alix6e1 board (vr0) . alix6e1 board (vr1) => dell xps studio (network card) . I connect with a network cable to port vr1 and Then I connect with the same cable to my laptop network card . |
|
|