DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 4th August 2011
Dr-D's Avatar
Dr-D Dr-D is offline
Port Guard
 
Join Date: Jun 2011
Posts: 43
Default New Cable Modem/BSD Router Problem

I'm at a loss here and my ISP is of no help. I had my cable modem replaced today and now my BSD router no longer works. I had a Motorola Surfboard 5101 replaced by a Surfboard SBG6580. The new one has been configured to work like the old one with the wireless, router, firewall and DHCP all turned off by my ISP. When I connect my PC directly to the cable modem it has internet access which is how I'm posting this, but when I connect the modem to my BSD router just like the old one I have no internet access on anything. My BSD router is picking up an IP from my ISP but it's not passing packets through to my LAN anymore. When I run tcpdump it just says this now:

tcpdump: listening on xl0, link-type EN10MB

where as before there was a continuous stream of data flying by.

I've been at this for over three hours now and I just don't know how or why it's not working anymore. I can ping all my internal IP addresses from/to each other and I can ping my WAN IP adddress from my BSD router but can't ping anything on the internet using URL's or IP addresses. The only thing that has changed is the cable modem. Here is my pf.conf contents:

Code:
# macros
int_if="xl0"
ext_if="xl1"
whs="192.168.0.50"
pc1="192.168.0.20"
pc2="192.168.0.21"
websrv="192.168.0.55"

# options
set block-policy drop
set loginterface $ext_if
set skip on lo

# match rules
match in all scrub (no-df)
match out on egress inet from !(egress) to any nat-to (egress:0)

# filter rules
block in log
pass out quick
antispoof quick for { lo $int_if }
pass in on egress inet proto tcp to (egress) port 80 rdr-to $websrv synproxy state
pass in on egress inet proto tcp to (egress) port 443 rdr-to $whs synproxy state
pass in on egress inet proto tcp to (egress) port 5900 rdr-to $pc1 synproxy state
pass in on egress inet proto tcp to (egress) port 5901 rdr-to $pc2 synproxy state
pass in log on $int_if
Reply With Quote
  #2   (View Single Post)  
Old 4th August 2011
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,318
Default

Post the output of the following commands:
  • $ ifconfig
  • $ sysctl net.inet.ip.forwarding
Reply With Quote
  #3   (View Single Post)  
Old 4th August 2011
Dr-D's Avatar
Dr-D Dr-D is offline
Port Guard
 
Join Date: Jun 2011
Posts: 43
Default

My BSD router has been working beautifully since I put it into service about 6 weeks ago. The only thing that has changed is my cable modem today.

Here is my ifconfig output with the WAN IP (xl1) masked.
Code:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33200
        priority: 0
        groups: lo
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
xl0: flags=8a43<UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:10:4b:2c:a7:3c
        priority: 0
        groups: egress
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
        inet6 fe80::210:4bff:fe2c:a73c%xl0 prefixlen 64 scopeid 0x1
        inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:01:03:2b:e1:84
        priority: 0
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
        inet6 fe80::201:3ee:fe3b:f184%xl1 prefixlen 64 scopeid 0x2
        inet 24.X.X.X netmask 0xfffffc00 broadcast 24.X.X.X
enc0: flags=0<>
        priority: 0
        groups: enc
        status: active
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33200
        priority: 0
        groups: pflog
sysctl net.inet.ip.forwarding output:
Code:
net.inet.ip.forwarding=1
Reply With Quote
  #4   (View Single Post)  
Old 4th August 2011
rocket357's Avatar
rocket357 rocket357 is offline
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 429
Default

From http://www.openbsd.org/faq/pf/filter.html:

Quote:
Several groups are also automatically created by the kernel:
The egress group, which contains the interface(s) that holds the default route(s).
egress is on your internal NIC somehow? Does that make sense to anyone else?

What does "netstat -rnf inet" show?
__________________
Linux/Network-Security Engineer by Profession. OpenBSD user by choice.
Reply With Quote
  #5   (View Single Post)  
Old 4th August 2011
Dr-D's Avatar
Dr-D Dr-D is offline
Port Guard
 
Join Date: Jun 2011
Posts: 43
Default

I've attached a text file too using fixed width font in case this is too messed up to read.
Code:
# netstat -rnf inet
Routing tables

Internet:
Destination        Gateway            Flags   Refs      Use   Mtu  Prio Iface
default            192.168.0.1        UGS        0     7986     -     8 xl0
24.X.X/XX          link#2             UC         1        0     -     4 xl1
24.X.X.X           00:01:5c:22:06:42  UHLc       0        0     -     4 xl1
24.X.X.X           127.0.0.1          UGHS       0       20 33200     8 lo0
127/8              127.0.0.1          UGRS       0        0 33200     8 lo0
127.0.0.1          127.0.0.1          UH         5     3466 33200     4 lo0
192.168.0/24       link#1             UC         5        0     -     4 xl0
192.168.0.1        00:10:4b:2c:a7:3c  UHLc       1        0     -     4 lo0
192.168.0.2        127.0.0.1          UGHS       0     4089 33200     8 lo0
192.168.0.21       00:0a:cd:1b:df:2e  UHLc       0        0     -     4 xl0
192.168.0.50       6c:62:6d:83:9b:65  UHLc       0        0     -     4 xl0
224/4              127.0.0.1          URS        0        0 33200     8 lo0
Attached Files
File Type: txt netstat_-rnf_int_output.txt (1.0 KB, 55 views)

Last edited by ocicat; 5th August 2011 at 12:07 AM. Reason: Please use [code] & [/code] tags for output
Reply With Quote
  #6   (View Single Post)  
Old 4th August 2011
rocket357's Avatar
rocket357 rocket357 is offline
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 429
Default

Quote:
Originally Posted by Dr-D View Post
Destination Gateway Flags Refs Use Mtu Prio Iface
default 192.168.0.1 UGS 0 7986 - 8 xl0
This is your problem. Default gateway should be your external NIC.
__________________
Linux/Network-Security Engineer by Profession. OpenBSD user by choice.
Reply With Quote
  #7   (View Single Post)  
Old 4th August 2011
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

192.168.0.1 is the local IP for your xl0 interface.. and you have it as your default gateway, which is obviously not what you want.

Remove your /etc/mygate file and reboot the system.
Reply With Quote
  #8   (View Single Post)  
Old 5th August 2011
Dr-D's Avatar
Dr-D Dr-D is offline
Port Guard
 
Join Date: Jun 2011
Posts: 43
Default

Geeze, all I had to do was reboot my router and everything came back online. I didn't think that would be necessary simply by changing the cable modem.

I don't have a /etc/mygate file.

The reason my gateway was showing as 192.168.0.1 was because I connected my WAN NIC to my LAN switch to make sure it was grabbing an IP from DHCP, which it did. When I connected it back to my cable modem it grabbed the WAN IP from my ISP but for some reason kept the gateway IP of my LAN NIC which is 192.168.0.1 rather than updating to my ISP's gateway. 192.168.0.1 is the IP of the LAN NIC in my BSD router which is also my DHCP server and obviously the gateway for my LAN.

Once again, thank you everyone for your help. Even though the solution was extremely simple I actually got to learn something through the troubleshooting process.

THANK YOU!
Reply With Quote
  #9   (View Single Post)  
Old 5th August 2011
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,318
Default

Quote:
Originally Posted by Dr-D View Post
Geeze, all I had to do was reboot my router and everything came back online.
Had you initially connected a different computer/device to this new modem?

My experience has been that Motorola SB5100 cable modems cache the MAC address of whatever device is first found when booting up. Any device later substituted is simply never seen. So if I change attached devices, I have to cycle the modem as well.
Reply With Quote
Old 5th August 2011
Dr-D's Avatar
Dr-D Dr-D is offline
Port Guard
 
Join Date: Jun 2011
Posts: 43
Default

I never experienced that problem. The modem was actually a SB5101, now it's a SBG6580 with all the gateway features disabled. The problem I was having is that it was constantly going off line starting two weeks ago Saturday. It would go offline anywhere from a few minutes to several hours. I know they are upgrading the system to add phone service but according to the cable tech here today that work is done and should have only caused disruptions for a few days late at night two weeks ago. I've had problems several times a day everyday for almost two weeks now. All I want is for it to be working flawlessly by Saturday night so when I buy the UFC PPV I'm not spending more time troubleshooting and resetting network gear than I am watching the fights. I'd hate to have to put a triangle choke on my cable modem.

I need to follow my own advice I give to customers. They call with a strange problem and the first thing I tell them to do is reboot. Nine times out of ten that solves the problem, yet rebooting is always the last resort for me, go figure.
Reply With Quote
Old 1st April 2012
npumcrisz npumcrisz is offline
New User
 
Join Date: Feb 2012
Posts: 5
Default

Quote:
Originally Posted by ocicat View Post
Had you initially connected a different computer/device to this new modem?

My experience has been that Motorola SB5100 cable modems cache the MAC address of whatever device is first found when booting up. Any device later substituted is simply never seen. So if I change attached devices, I have to cycle the modem as well.
How true; I hate motorola modems for this feature!
Reply With Quote
Old 2nd April 2012
rocket357's Avatar
rocket357 rocket357 is offline
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 429
Default

I recently had a similar experience. Pretty annoying "feature", if you ask me.
__________________
Linux/Network-Security Engineer by Profession. OpenBSD user by choice.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Multiple serial consoles via null modem cable or serial console server J65nko General Hardware 0 16th January 2010 12:01 AM
best ADSL+2 modem and wirless-N router (all in one)? zorelina General Hardware 1 28th October 2009 12:43 AM
Cable modem + router + FreeBSD Beastie FreeBSD General 2 24th June 2009 07:58 AM
Problem with PORTSNAP and my router cedcot FreeBSD Ports and Packages 2 22nd April 2009 11:32 AM
Cable modem question whispersGhost FreeBSD General 2 24th May 2008 08:11 PM


All times are GMT. The time now is 08:09 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick