netbsd-users: Re: Setting up ipnat with NetBSD and OSX[almost]

Subject: Re: Setting up ipnat with NetBSD and OSX[almost]
To: Andrew Gillham <gillham@vaultron.com>
From: Ian P. Thomas <ipthomas_77@yahoo.com>
List: netbsd-users
Date: 12/29/2001 10:58:20
--------------Boundary-00=_8D44H3K8Q0XHNLRGC8H0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 8bit

On Saturday 29 December 2001 01:26 am, you wrote:
> On Fri, Dec 28, 2001 at 11:26:09PM -0500, Ian P. Thomas wrote:
> > 	I added my DNS server IP's to the space listed as Domain Names and
> > found that it created a file /var/run/resolv.conf that has a
> > symlink /etc/resolv.conf.
> >
> > ipnat -l
> > MAP 192.168.3.2     49185 <- -> 128.205.233.134 40045 [192.205.1.2
> > 53] MAP 192.168.3.2     49185 <- -> 128.205.233.134 40044
> > [192.205.160.1 53] MAP 192.168.3.2     49184 <- -> 128.205.233.134
> > 40039 [192.205.1.2 53] MAP 192.168.3.2     49183 <- ->
> > 128.205.233.134 40038 [192.205.160.1 53]
> >
> > 	This is what I got after trying to look up a site, www.apple.com
> > from the Mac.  The connection are being built, but somehow this
> > info is not making its way back to the Mac.  Its mapping the Mac's
> > IP to the IP given to me by my ISP.
>
> Yes, those entries look ok.  Try querying some other server besides
> those two.  With tcpdump you can see if the server is responding to
> the request or not.
>
> > 	I just checked my rc.conf and found that rpcbind was not enabled. 
> > I enabled it and added logging.  This may be why the Mac wasn't
> > getting any packets back.  I'm going to reboot after Koffice
> > finished building.
>
> You shouldn't need rpcbind.  Worst case you should be able to run a
> caching only DNS server on your NetBSD box.  It doesn't make sense
> why this is not working, but I think only a tcpdump will tell us
> more. Also, you might want to install 'ethereal' on your NetBSD box,
> it is a nice GUI packet capture utility.
>
> This command should do what you want:
> 	tcpdump -nvvi fxp0 -x -X -s 1500 udp port 53
>
> Basically it should dump the full packet in hex and ascii, and
> provide a verbose decode of the packets as well.
>
> If you want to save the tcpdump info to a file, just add '-w
> filename' to the options.
>
> Anyway, start tcpdump, then do "nslookup www.netbsd.org." on the Mac
> and you should get a couple screensful of output.
>
> -Andrew
	I did as asked and got a file full of output.  I opened up the file 
with ethereal (I've used it before to pin down a problem connecting 
with broadband).  I'm not sure what I'm looking for.  I have 12 packets 
that originate from the Mac, but never seem to get back there.  It 
looks as if these packets are going out onto the net with an internal 
IP.  
	I turned off rpcbind.  You're right, it didn't help.  I thought it 
might be needed because of the call to portmap made by ipnat.
	I've included the file as an attachment.

Ian
-- 
Of Course it Runs NetBSD
www.netbsd.org
--------------Boundary-00=_8D44H3K8Q0XHNLRGC8H0
Content-Type: text/plain;
  charset="iso-8859-1";
  name="dumpfile"
Content-Transfer-Encoding: base64
Content-Description: tcpdump output
Content-Disposition: attachment; filename="dumpfile"

1MOyoQIABAAAAAAAAAAAANwFAAABAAAAL+QtPIeLBABKAAAASgAAAAACsxqygQADk0xSXggARQAA
PAQUAABAEVIkwKgDAsDNoAHACAA1ACihPPTsAQAAAQAAAAAAAAN3d3cGbmV0YnNkA29yZwAAAQAB
NOQtPPS8BABKAAAASgAAAAACsxqygQADk0xSXggARQAAPAQVAABAEVIjwKgDAsDNoAHACAA1ACih
PPTsAQAAAQAAAAAAAAN3d3cGbmV0YnNkA29yZwAAAQABOeQtPGrpBABKAAAASgAAAAACsxqygQAD
k0xSXggARQAAPAQWAABAEVIiwKgDAsDNoAHACAA1ACihPPTsAQAAAQAAAAAAAAN3d3cGbmV0YnNk
A29yZwAAAQABPuQtPBcWBQBKAAAASgAAAAACsxqygQADk0xSXggARQAAPAQXAABAEfEgwKgDAsDN
AQLACAA1AChAPPTsAQAAAQAAAAAAAAN3d3cGbmV0YnNkA29yZwAAAQABQ+QtPHNFBQBKAAAASgAA
AAACsxqygQADk0xSXggARQAAPAQYAABAEfEfwKgDAsDNAQLACAA1AChAPPTsAQAAAQAAAAAAAAN3
d3cGbmV0YnNkA29yZwAAAQABSOQtPOZxBQBKAAAASgAAAAACsxqygQADk0xSXggARQAAPAQZAABA
EfEewKgDAsDNAQLACAA1AChAPPTsAQAAAQAAAAAAAAN3d3cGbmV0YnNkA29yZwAAAQABTeQtPKiy
BQBQAAAAUAAAAAACsxqygQADk0xSXggARQAAQgQaAABAEVIYwKgDAsDNoAHACAA1AC6D4dZlAQAA
AQAAAAAAAAN3d3cGbmV0YnNkA29yZwVsb2NhbAAAAQABUuQtPCLfBQBQAAAAUAAAAAACsxqygQAD
k0xSXggARQAAQgQbAABAEVIXwKgDAsDNoAHACAA1AC6D4dZlAQAAAQAAAAAAAAN3d3cGbmV0YnNk
A29yZwVsb2NhbAAAAQABV+QtPJcLBgBQAAAAUAAAAAACsxqygQADk0xSXggARQAAQgQcAABAEVIW
wKgDAsDNoAHACAA1AC6D4dZlAQAAAQAAAAAAAAN3d3cGbmV0YnNkA29yZwVsb2NhbAAAAQABXOQt
PDs4BgBQAAAAUAAAAAACsxqygQADk0xSXggARQAAQgQdAABAEfEUwKgDAsDNAQLACAA1AC4i4dZl
AQAAAQAAAAAAAAN3d3cGbmV0YnNkA29yZwVsb2NhbAAAAQABYeQtPKVsBgBQAAAAUAAAAAACsxqy
gQADk0xSXggARQAAQgQeAABAEfETwKgDAsDNAQLACAA1AC4i4dZlAQAAAQAAAAAAAAN3d3cGbmV0
YnNkA29yZwVsb2NhbAAAAQABZuQtPBOjBgBQAAAAUAAAAAACsxqygQADk0xSXggARQAAQgQfAABA
EfESwKgDAsDNAQLACAA1AC4i4dZlAQAAAQAAAAAAAAN3d3cGbmV0YnNkA29yZwVsb2NhbAAAAQAB


--------------Boundary-00=_8D44H3K8Q0XHNLRGC8H0--

_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com