On Sat, Jul 28, 2001 at 09:29:28PM -0400, Will Roberts wrote:
> 
> At the recommendation of sever people, I intend to set up an old 
> Sparc IPX with two ethernet interfaces as a NAT router and firewall
> using NetBSD.
> 
> Several days ago, just to familiarize myself with NetBSD, I completed 
> the installation of v 1.5.1 on a Sparc IPC.
> 
> I am now trying to get the IPC connected to my home LAN which consists 
> of about 10 miscellaneous machines running Redhat Linux on both Sparc 
> and Intel platforms, Solaris on a Sparc platform, and several Windows95
> boxes of various flavors.  They are all behind a NAT server which is 
> running NAT32 software on an Win95 Pentium-90 and is set up to use 
> static addresses on the LAN side.  This arrangement has been in place 
> for a couple of years and has been very, very stable with no problems 
> configuring any of the various OS to use the 172.16.x.x LAN and the 
> 172.16.2.100 machine as the gateway.
> 
> Now I have NetBSD set up and have it working and able to ping machines 
> both on the LAN and outside -- for a while.  After some period of time, 
> say 30 minutes or so, I can no longer ping anything outside (even 
> by numeric IP) and the problem is solved only when I stop and restart 
> the NAT software on the gateway machine.

Did you try a 'ping -n <IP>' ? Even if you give an IP addr, ping will
try a DNS lookup to get the name.

> 
> I also notice that NetBSD sets itself up with IPv6 enabled and when 
> I do >route show, I am able to get a IP routing table with everything 
> looking OK followed by an IPv6 routing table which I do not fully 
> understand.  When the NetBSD machine ceases to communicate through 
> the gateway machine, this >route show command hangs after displaying 
> just the IP routing table and the headings for the IPv6 portion.  It 
> takes a ^C to get out of it.  Similarly, when this happens, >ping

This is because the DNS doesn't work any more. Try 'route -n show'

> xxx.xxx.xxx.xxx hangs when attempting an outside IP but works fine 
> with the IPs of other machines in the LAN -- including working fine 
> pinging the 172.16.2.100 machine which is supposed to be the gateway.
> 
> I do not get a "no route to host" message when this problem occurs.
> Ping just hangs and requires a ^C.  (If I delete the gateway from 
> the routing table, ping returns the expected "no route to host" 
> message.)

Does 'route -n show' show the default route ?

> 
> I suspect that NetBSD is attempting some automated route discovery 
> or some such and that is this is hanging its ability to deal with 
> the NAT machine as gateway until the NAT software is stopped and 
> restarted.  The problem well may be in the NAT software, but NetBSD 
> is the only OS which is having this issue.

Unless you have 'routed' of 'gated' running on the NetBSD machine,
it won't do this for ipv4. Maybe the NAT software is confused by IPv6 ?

Can you get some state from the NAT software when it works, and when it doesn't
for the NetBSD machine ?

You can also try to recompile a kernel without 'options INET6' to see
if the problem comes from IPv6

--
Manuel Bouyer <bouyer@antioche.eu.org>
--