netbsd-help: Re: pppoe default route

Subject: Re: pppoe default route
To: None <netbsd-help@netbsd.org>
From: Milos Negovanovic <milosn@xtra.co.nz>
List: netbsd-help
Date: 08/29/2002 09:19:16
Hi again,

yes it was problem with IPF rules. My original rule-set was to big for
any modifications in trial/error style so I've replaced it with simple
one:

block in quick on ppp0 all
pass out quick on ppp0 proto tcp/udp from 192.168.0.0/24 to any keep state
pass out quick on ppp0 proto icmp from 192.168.0.0/24 to any keep state

... which didn't work. The router box was still blocked.

Then i tried this one:

block in quick on ppp0 all
pass out quick on ppp0 proto tcp/udp from any to any keep state
pass out quick on ppp0 proto icmp from any to any keep state

... this one did work, but it also left me puzzled :) since Ive never
had this kinda problem with iptables (the box was running Linux before).
Basically, whats the address of NetBSD box here? It obviously is not a
member of 192.168.0.0/24.

My concern over kernel-pppoe and 3ComDualLink comes because of the fact
that this little thing uses some strange 3Com version of pppoe, and
rp-pppoe is addressing this with additional "-f 3c12:3c13 -S ISP" flag sent
to pppd.

Regards
Milos


On Wed, 28 Aug 2002 11:02:47 -0400
Joe Reed <jnr@po.cwru.edu> wrote:

> On Tuesday 27 August 2002 07:22 pm, Milos Negovanovic wrote:
> > Hi,
> >
> > i am trying to set up NetBSD as a router/gateway on my home network:
> >
> > Internet --- 3 Com DualLink ADSl Modem --- rtk0 --- NetBSD --- rtk1 ---
> > Home Network
> >
> > rp-pppoe-3.3 connects alright, sets default route, and everything works
> > great on PC's on my network (NAT configured), but NetBSD box itself cant
> > access Internet at all. I get "no route to host" and "host not accessible"
> > errors. resolv.conf is configured properly.
> >
> > Any ideas?
> 
> you may want to double check that your ipnat and ipfilter rules aren't 
> blocking packets originating from the local machine.  i've only used the 
> in-kernel pppoe of -current though so if you have the time/inclination, you 
> may want to just use that one. (i've used 1.5ZA, 1.6{A,C}with the in-kernnel 
> pppoe without problem at all)
> 
> >
> > Also, anyone tried to drive 3 Com DualLink with kernel-pppoe?
> it's been my experience that 3-com nearly always works (90%+).  i'd imagine 
> you'll have no problems.
> 
> --joe