netbsd-help: Re: firewall/router problem

Subject: Re: firewall/router problem
To: chiccoweiss <chiccoweiss@onlinehome.de>
From: Ola Eriksson <ola@mreriksson.net>
List: netbsd-help
Date: 04/05/2004 10:01:54
Hello,

I had similar problems some time back, which where caused by my provider 
giving me a new IP address after I got the connection back again. This 
was solved by resyncing ipfilter using 'ipf -y'.

Hope this helps!

Best Regards,
Ola Eriksson
Join The Uptime Project
http://www.mrEriksson.net/uptimes/


chiccoweiss wrote:

> Hi all,
>
> strange problem with my firewall i can't figure out:
> - NetBSD 1.5.2 (FIREWALL)
> - cpu0: Intel 486DX2 (486-class)
> - total memory = 32384 KB
> - avail memory = 26244 KB
> ...
> - le0 at pci0 dev 18 function 0: PCnet-PCI Ethernet
> - le0: address 00:00:f4:c4:42:99
> - le0: 8 receive buffers, 2 transmit buffers
> - le0: interrupting at irq 9
> ...
> - isa0 at mainbus0
> - ep0 at isa0 port 0x280-0x28f irq 10: 3Com 3C509 Ethernet
> - ep0: address 00:20:af:46:b3:44, 8KB byte-wide FIFO, 5:3 Rx:Tx split
> - ep0: 10base5, 10base2 (default 10base2)
>
> With ipfilter and nat enabled and an adsl-line with pppoe.
> 2 workstations (w2k and hpux) behind my fw accessing the internet 
> without any problems.
>
> Once in a while the adsl connection gets lost (problems with the adsl 
> line or the provider!?) and is then reconnected automatically (good :-).
>
> But after reconnection something is wrong:
> The fw can ping the internet, my 2 ws can not! The lan connection 
> between fw and ws is still ok.
> This problem is solved after reboot of the fw (not a good solution :-(
>
> When this occurs, dmesg tells about the pppoe interface (allied 
> telesyn2450)
> - le0: lost carrier
> - le0: lost carrier
> - le0: device timeout
>
> So the first time i replaced the interface with an identical one. 
> ..but same behaviour.
> The logfile shows:
> - 22:00:14 firewall adsl-connect: ADSL connection lost; attempting 
> re-connection.
> - 22:00:19 firewall pppd[641]: pppd 2.4.0 started by root, uid 0
> - 22:00:19 firewall pppd[641]: Using interface ppp0
> - 22:00:19 firewall pppd[641]: Connect: ppp0 <--> /dev/ttyp0
> - 22:00:19 firewall pppoe[644]: Interface=le0 HWaddr=00:00:F4:C4:42:99 
> Device=/dev/bpf0 Buffer size=8192
> - 22:00:50 firewall pppd[641]: LCP: timeout sending Config-Requests
> - 22:00:50 firewall pppd[641]: Connection terminated.
> - 22:01:14 firewall pppoe[644]: Timeout waiting for PADS packets
> - 22:01:14 firewall pppd[641]: Exit.
> - 22:01:14 firewall adsl-connect: ADSL connection lost; attempting 
> re-connection.
> - 22:01:19 firewall pppd[660]: pppd 2.4.0 started by root, uid 0
> - 22:01:19 firewall pppd[660]: Using interface ppp0
> - 22:01:19 firewall pppd[660]: Connect: ppp0 <--> /dev/ttyp0
> - 22:01:19 firewall pppoe[663]: Interface=le0 HWaddr=00:00:F4:C4:42:99 
> Device=/dev/bpf0 Buffer size=8192
> - 22:01:30 firewall pppoe[663]: PPP session is 6384
> - 22:01:30 firewall pppd[660]: local  IP address 80.142.214.201
> -22:01:30 firewall pppd[660]: remote IP address 217.6.88.43
>
> Restarting ipfilter or ipnat manually doesn't work.
> Is there anything i'm missing or doing wrong?
>
> Ciao
>
> Sal
>