|
|||
Thanks for your replies.
Ugh. I think this conversation is starting to go beyond my original intent. I used an example of "pulling the network cable" to indicate a disruption in the flow of traffic. DSL/PPPoE is not 100% reliable. Service interruptions are bound to happen beyond my control. When they do I don't want to have to worry about having to manually re: initiate the ppp process. That's all. In the ppp.conf I have values for reconnect...etc which I had figured would reconnect when needed. Code:
default: ... set redial 15 0 set reconnect 15 10000 pppoe: ... Yes I understand what a gateway is. How my ISP has configured their side I am unaware of. My IP always stays the same. My gateway does not (when not enforced) however the one assigned to me is contiguous. Example: MY address range: 192.168.20.2 SN 255.255.255.248 Gateway assigned is: 192.168.20.1 However if I don't manually set the gateway I seem to get other gateway's which are probably from one superblock owned by my ISP. Regarding manually setting my IP/GW Code:
set ifaddr 192.168.20.2 192.168.20.1 255.255.255.248 Code:
route -n show -inet | grep tun0 default 192.168.20.1 UGS 0 727 - 8 tun0 192.168.20.1 192.168.20.2 UH 1 2 1500 4 tun0 If I don't set the address/gateway Code:
#set ifaddr 192.168.20.2 192.168.20.1 255.255.255.248 Code:
route -n show -inet | grep tun0 default 192.168.40.1 UGS 5 252 - 8 tun0 192.168.40.1 192.168.20.2 UH 1 0 1492 4 tun0 Also note if setting the same IP/Gateway on my hardware appliance the connection works fine. PF Load Failure Also note that after removing the dynamic identifiers in pf.conf for ($ext_if) my pf fails to load again when I restart since tun0 is not ready. I have added up to hostname.tun0. I'm curious about implementing "kernel" level PPPoE as apposed to what I have now. What is required? It sound's like this may have more desired results. Thanks for all your help! |
|
|||
That is the complete routing table using your command. I simply added tun0 to simplify removing the private addresses and of course I changed the public IP's.
What else would you like to see? |
|
||||
hostname.if is a many-splendid thing - part II
Code:
# pg /etc/hostname.tun0 inet 169.254.235.1 255.255.255.252 169.254.235.2 group jabberwalkie !/sbin/route add 169.254.235.0/24 169.254.235.1 # Code:
/etc/pf.conf # pass in log quick on jabberwalkie inet \ from <wherever> to (jabberwalkie:network) \ flags S/FSRA keep state ... #
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience. |
|
||||
dhclient-script
You may also want to look into your DHCLIENT operations and utilize dhclient-script functionality.
https://www.mirbsd.org/htman/i386/ma...ent-script.htm remember, you're the dhclient of your isp, so let the dhcp-client event trigger the script and then let the script pass the new gateway parameters and, if necessary, trigger a pfctl -F all -f/etc/pf.conf. /S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience. |
|
||||
Quote:
One thing I did note; your default route points to your local end (20.1) of the ppp connection rather than the remote end (20.2). I don't know if this is a ppp or pppoe specific requirement, but it seems wrong to me. |
|
|||
Quote:
|
|
|||
Thanks s2scott/jggimi for the info.
Quote:
I do not believe I require DHCP for my internet access. As for my routes. Well what I posted was my "public addressable space" except I naturally modified so this information is not readily available to the world. I chose 192.168.x to indicate that. In my example: Code:
default 192.168.40.1 UGS 5 252 - 8 tun0 192.168.40.1 192.168.20.2 UH 1 0 1492 4 tun0 192.168.20.2 - would be my IP I'm not sure how this could even be displayed without giving out personal information. The block my ISP owns would appear to be much larger than any class C address space. Hence a "supernet" however I have no intention of speculating further on the design practices of my ISP. http://en.wikipedia.org/wiki/Supernet http://www.firewall.cx/supernetting-intro.php My performance issues have been resolved to some degree. I disabled all the "set" options in my PF.CONF which would indicate they were the cause of some of the performance. As it stands I see a lot of fluctuation in speed. My system is running in a VMWare ESXi server which may have compatibility issues with OpenBSD? When I do 'top' the CPU seems to be practically sleeping and memory looks adequate with no swap usage. Anyway to see actual interface throughput/utilization? PFTOP shows some info but not specific to an interface, rather to PF. Thanks for all your help! |
|
||||
Thanks for the clarification, plexter. Now your route table makes sense to me. (Most people use a more obvious redaction, such as "203.37.x.y")
While I cannot tell why pppoe stops operation, I assume your virtual machine environment is a contributing factor. |
|
||||
Quote:
, how many times can there be in a two-interface setup? /S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience. |
|
|||
Hi all,
I just wanted to say thanks to everyone for all your help! I believe everything should be working. In any case this topic has probably strayed from the original topic so I'll just start a new post, if needed. Oh also found a neat program to monitor bandwidth which seems pretty neat. "bwm-ng" Thanks a lot, Cheers! |
|
|||
default_foo: not found
Hello,
Plexter, earlier you mentioned running into the same issue when sourcing vars during the setup of openvpn. You mentioned pointing to the right RSA files. By this do you mean the easy-rsa directory? Regards, |
|
|||
I'm not sure I understand your question. Are you having trouble with setup yourself? -if so, please post errors.
For myself: I found it necessary to go through the configuration files and make sure all variables are pointing to correct files. RSA you would need to generate. http://openvpn.net/index.php/open-so...howto.html#pki I do recommend starting a new post if you require assistance however. |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Need help with NAT setup | Quaxo | OpenBSD Installation and Upgrading | 6 | 27th January 2009 08:03 PM |
DJ Setup | tad1214 | FreeBSD General | 8 | 21st July 2008 01:50 PM |
Remote Access to File Server | Oko | OpenBSD Security | 7 | 23rd June 2008 05:17 PM |
How To Setup WPA? | warriors | OpenBSD General | 8 | 15th June 2008 04:39 PM |
postfix setup | Demodog | General software and network | 12 | 11th June 2008 07:43 PM |