Hosting Provided By

i can't ping yahoo.com ?

From: Langfeust . <langfeust2001(at)hotmail.com>
Date: Fri Jan 31 2003 - 05:39:23 EST

Hi everybody,

I'm a noobs in OpenBsd, i've just started past Friday...

My local network, access to the net through an Suze Linux gateway, and i to impose the local network to cross he openbsd i've just configure.

I've configured two ethernet card ont the OpenBsd, in order to split the network.
Ine the local side, computers have access to 192.168.1.* subnet, and the internet
side is on 192.168.2.* (The suze Gateway, and one of the OpenBsd ethernet card).

I've configured a NAT packet translation, from one subnet to the other, it runs correctly.
And packet filter will be enabled in the future, he allow all the packets to cross from
one card or the other, whatever the source is...

test : http://yahoo.com <- host is down
hum.... : http://yahoo.fr <- echo reply
grrrr.... : http://www.yahoo.com <- echo reply GRRRR : http://yahoo.com <- host is down

I try the ping from the openbsd directly, same results...

I try without getting throught the openbsd, it works. Certainly, yahoo.com was down ? I tried both in the same time, seams that openbsd can't access to the yahoo.com host.

Do you need help?

I don't understand, what's wrong in my configuration ?

Thx for your advices :)

Seb

PS : my configuration follow...

bsd# cat /etc/hostname.rl0
#inet 192.168.2.2 1 255.255.255.0 media 10baseT
inet 192.168.1.250 1 255.255.255.0 media 10baseT bsd# cat /etc/hostname.rl1
#inet 192.168.1.250 1 255.255.255.0 media 10baseT
inet 192.168.2.2 1 255.255.255.0 media 10baseT bsd# cat /etc/nat.conf
# $OpenBSD: nat.conf,v 1.4 2001/07/09 23:20:46 millert Exp $
#
# See nat.conf(5) for syntax and examples
#
# replace ext0 with external interface name, 10.0.0.0/8 with internal
network
# and 192.168.1.1 with external address
#
# nat: packets going out through ext0 with source address 10.0.0.0/8 will
get
# translated as coming from 192.168.1.1. a state is created for such
packets,
# and incoming packets will be redirected to the internal address.

# nat on ext0 from 10.0.0.0/8 to any -> 192.168.1.1
nat on rl0 from rl1 to any -> rl0
#nat on rl1 from 192.168.2.2/24 to any -> 192.168.1.250
#nat on rl0 from 192.168.1.254/24 to any -> 192.168.2.2
#nat on rl0 from 192.168.1.250/24 to any -> 192.168.2.2
# rdr: packets coming in through ext0 with destination 192.168.1.1:1234 will
port 5678
bsd# cat /etc/pf.conf
# $OpenBSD: pf.conf,v 1.3 2001/11/16 22:53:24 dhartmei Exp $
#
# See pf.conf(5) for syntax and examples

# pass all packets in and out (these are the implicit first two rules)
pass in all
pass out all

#block in all
#block out all
#pass out proto tcp from any to any port = 80
#pass in proto tcp from any to any port = 80 keep state
#pass out proto tcp from any to any port = 80 keep state
#pass in proto udp from any to any port = 53 keep state
#pass out proto tcp from any to any port = 25 keep state

Do you need more help?

#pass in proto tcp from any to any port = 110 keep state
#pass in proto tcp from any to any port = 6668 keep state
#pass out proto tcp from any to any port = 6668 keep state
#pass in proto tcp from any to any port = 21 keep state
#pass out proto tcp from any to any port = 21 keep state
#pass in proto tcp from 192.168.1.0/24 to 192.168.1.0/24 port = 22 keep
state
#pass out proto tcp from 192.168.1.0/24 to 192.168.1.0/24 port = 22 keep
state
#pass in proto tcp from any to any port = 143 keep state
bsd# cat /etc/rc.conf
#!/bin/sh -
#
# $OpenBSD: rc.conf,v 1.72 2002/01/08 12:04:43 tholo Exp $

# set these to "NO" to turn them off. otherwise, they're used as flags

routed_flags=NO         # for normal use: "-q"
altqd_flags=NO          # for normal use: ""
mrouted_flags=NO        # for normal use: "", if activated
                        # be sure to enable multicast_router below.
rarpd_flags=NO          # for normal use: "-a"
bootparamd_flags=NO     # for normal use: ""
rbootd_flags=NO         # for normal use: ""
sshd_flags=""           # for normal use: ""
smtpfwdd_flags=NO       # for normal use: ""; be sure to configure smtpd(8)
                        # and sendmail(8) to use MSA only
named_flags=NO          # for normal use: ""
rdate_flags=NO          # for normal use: name of RFC868 timeserver
timed_flags=NO          # for normal use: ""
ntpdate_flags=NO        # for normal use: NTP server; run before ntpd starts
photurisd_flags=NO      # for normal use: ""
isakmpd_flags=NO        # for normal use: ""
mopd_flags=NO           # for normal use: "-a"
httpd_flags=NO          # for normal use: "" (or "-DSSL" after reading
ssl(8))
apmd_flags=NO           # for normal use: ""
dhcpd_flags=NO          # for normal use: "-q"
rtadvd_flags=NO         # for normal use: list of interfaces
                        # be sure to set net.inet6.ip6.forwarding=1
route6d_flags=NO        # for normal use: ""
                        # be sure to set net.inet6.ip6.forwarding=1
rtsold_flags=NO         # for normal use: interface
                        # be sure to set net.inet6.ip6.forwarding=0
                        # be sure to set net.inet6.ip6.accept_rtadv=1
lpd_flags=NO            # for normal use: "" (or "-l" for debugging)

# For normal use: "-L sm-mta -bd -q30m"
sendmail_flags="-L sm-mta -C/etc/mail/localhost.cf -bd -q30m"

# Set to NO if ftpd is running out of inetd
ftpd_flags=NO # for non-inetd use: "-D"

# Set to NO if identd is running out of inetd
identd_flags=NO # for non-inetd use: "-b -u nobody -elo"

# On some architectures, you must also disable console getty in /etc/ttys
xdm_flags=NO # for normal use: ""

# For enabling console mouse support (i386 architecture only)
wsmoused_flags=NO # for ps/2 or usb mice: "", serial: "-p /dev/cua00"

# set the following to "YES" to turn them on
rwhod=NO
nfs_server=NO # see sysctl.conf for nfs client configuration lockd=NO
gated=NO
amd=NO

pf=YES                  # Packet filter / NAT
portmap=YES             # almost always needed
inetd=YES               # almost always needed
check_quotas=YES        # NO may be desirable in some YP environments
ntpd=YES                # run ntpd if it exists

krb4_server_kdc=NO      # kerberos server. run 'info kth-krb' for
Can't find what you're looking for? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related openbsd.org Links
advocacy
announce
bugs
ipv6
misc
ports
ports-changes
security-announce
smp
source-changes
tech
Request more information about Pantek
assistance.
krb4_slave_kdc=NO       # kerberos slave server.
krb5_master_kdc=NO      # KerberosV master KDC. Run 'info heimdal' for help.
krb5_slave_kdc=NO       # KerberosV slave KDC.
afs=NO                  # mount and run afs

Can we help you?

# Multicast routing configuration
# Please look at /etc/netstart for a detailed description if you change
these

multicast_host=NO       # Route all multicast packets to a single interface
multicast_router=NO     # A multicast routing daemon will be run, e.g.

mrouted

# miscellaneous other flags
# only used if the appropriate server is marked YES above

savecore_flags=                 # "-z" to compress
gated_flags=
ypserv_flags=                   # E.g. -1 for YP v1, -d for DNS etc
yppasswdd_flags=                # "-d /etc/yp" if passwd files are in
/etc/yp
nfsd_flags="-tun 4"             # Crank the 4 for a busy NFS fileserver
amd_dir=/tmp_mnt                # AMD's mount directory
amd_master=/etc/amd/master      # AMD 'master' map
syslogd_flags=                  # add more flags, ie. "-u -a
/chroot/dev/log"
named_user=named                # Named should not run as root unless
necessary
named_chroot=/var/named         # Where to chroot named if not empty
pf_rules=/etc/pf.conf           # Packet filter rules file
nat_rules=/etc/nat.conf         # NAT rules file
pflogd_flags=                   # add more flags, ie. "-s 256"
afs_mount_point=/afs            # Mountpoint for AFS
afs_device=/dev/xfs0            # Device used by afsd
afsd_flags=-z                   # Flags passed to afsd
shlib_dirs=                     # extra directories for ldconfig

local_rcconf="/etc/rc.conf.local"

[ -f ${local_rcconf} ] && . ${local_rcconf} # Do not edit this line

bsd# pfctl -F nat
nat cleared

bsd# pfctl -N /etc/nat.conf
bsd# pfctl -R /etc/pf.conf
bsd# sh /etc/netstart
writing to routing socket: File exists
writing to routing socket: File exists
writing to routing socket: File exists
writing to routing socket: File exists
writing to routing socket: File exists
writing to routing socket: File exists
writing to routing socket: File exists
Don't know where to look next? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related openbsd.org Links
advocacy
announce
bugs
ipv6
misc
ports
ports-changes
security-announce
smp
source-changes
tech
Request more information about Pantek
writing to routing socket: File exists
writing to routing socket: File exists
writing to routing socket: File exists
writing to routing socket: File exists
writing to routing socket: File exists
writing to routing socket: File exists

writing to routing socket: File exists
writing to routing socket: File exists
add net default: gateway 192.168.1.254: File exists writing to routing socket: File exists
bsd# ping yahoo.fr
PING yahoo.fr (217.12.3.11): 56 data bytes

64 bytes from 217.12.3.11: icmp_seq=0 ttl=242 time=587.771 ms
64 bytes from 217.12.3.11: icmp_seq=1 ttl=242 time=587.175 ms
64 bytes from 217.12.3.11: icmp_seq=2 ttl=242 time=588.169 ms

--- yahoo.fr ping statistics ---
4 packets transmitted, 3 packets received, 25% packet loss round-trip min/avg/max/std-dev = 587.175/587.705/588.169/0.408 ms bsd# ping yahoo.com
PING yahoo.com (66.218.71.198): 56 data bytes ping: sendto: Host is down
ping: wrote yahoo.com 64 chars, ret=-1
--- yahoo.com ping statistics ---
7 packets transmitted, 0 packets received, 100% packet loss bsd# cat /etc/mygate
192.168.1.254
bsd# cat /etc/resolv.conf
search idems.fr

nameserver 193.252.19.3
nameserver 193.252.19.4
lookup file bind
bsd# nslookup yahoo.com
Server: ns3.wanadoo.fr
Address: 193.252.19.3

Non-authoritative answer:
Name: yahoo.com
Addresses: 66.218.71.198, 64.58.79.230

bsd#

MSN Messenger : discutez en direct avec vos amis ! http://www.msn.fr/msger/default.asp Received on Fri Jan 31 11:47:26 2003

Confused? Frustrated?

This message: [ Message body ]
Next message: B Stellingwerff: "uhm.. missing manpage online ?"
Previous message: David Simmons: "Re: Motherboard help PLEASE"
In reply to Ted Goodridge, Jr: "Re: messed up rdr rule"
Next in thread: Jyri Hovila: "Re: i can't ping yahoo.com ?"
Reply: Jyri Hovila: "Re: i can't ping yahoo.com ?"
Reply: Langfeust .: "Nat problem, or something else, i don't know..."
Reply: Langfeust .: "Mail througt openbsd..."
Reply: santhosh kumar: "gateway setup"
Reply: Victor Montero: "Re: gateway setup"
Reply: santhosh kumar: "gateway"
Reply: Melameth, Daniel D.: "Re: gateway"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:32:40 EDT