URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID1
Нить номер: 52609
[ Назад ]

Исходное сообщение
"routing FreeBSD 4.10  3 interfase"

Отправлено dgr , 21-Янв-05 01:36 
Совсем крыша поехала почему невидно из локалки удаленных оффисов ?

bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=3<RXCSUM,TXCSUM>
        inet 10.36.21.101 netmask 0xffffff00 broadcast 10.36.21.255
        ether 00:11:0a:38:aa:d1
        media: Ethernet autoselect (10baseT/UTP <half-duplex>)
        status: active
bge1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=3<RXCSUM,TXCSUM>
        inet 10.36.61.1 netmask 0xffffff00 broadcast 10.36.61.255
        ether 00:0f:20:d7:29:f3
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active
bge2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=3<RXCSUM,TXCSUM>
        inet 10.60.2.254 netmask 0xffff0000 broadcast 10.60.255.255
        ether 00:0f:20:d7:29:df
        media: Ethernet autoselect (10baseT/UTP <full-duplex>)
        status: active

proxy# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            10.36.21.1         UGSc       41   358390   bge0
10.36.21/24        link#1             UC          1        0   bge0
10.36.21.1         00:03:e3:62:a4:40  UHLW       42        0   bge0   1198
10.36.61/24        link#2             UC         15        0   bge1
10.36.61.2         00:00:e2:1f:21:a0  UHLW        0     1405   bge1   1180
10.36.61.5         00:11:0a:38:aa:ee  UHLW        1    10490   bge1    653
10.36.61.37        00:10:7b:e8:3d:cf  UHLW        0      283   bge1   1087
10.36.61.44        00:10:7b:e8:3d:cf  UHLW        0     7524   bge1    369
10.36.61.51        00:10:7b:e8:3d:cf  UHLW        0      854   bge1   1093
10.36.61.70        00:10:7b:e8:3d:cf  UHLW        0     6356   bge1   1070
10.36.61.82        00:10:7b:e8:3d:cf  UHLW        0     5000   bge1    384
10.36.61.83        link#2             UHLW        1     4983   bge1
10.36.61.88        00:10:7b:e8:3d:cf  UHLW        0      752   bge1    383
10.36.61.115       00:10:7b:e8:3d:cf  UHLW        0    27031   bge1    238
10.36.61.125       00:10:7b:e8:3d:cf  UHLW        1    83133   bge1    147
10.36.61.127       00:10:7b:e8:3d:cf  UHLW        0    13097   bge1    932
10.36.61.129       00:50:ba:cb:b5:18  UHLW        0     1498   bge1    625
10.36.61.142       00:50:04:09:d6:f8  UHLW        0    10178   bge1    410
10.36.61.169       00:10:7b:e8:3d:cf  UHLW        5    15217   bge1    437
10.60/16           link#3             UC          1        0   bge2
10.60.2.1          00:05:5f:be:20:a8  UHLW        0        0   bge2   1197
127.0.0.1          127.0.0.1          UH          2     2250    lo0

proxy# cat /etc/rc.conf
gateway_enable="YES"
sshd_enable="YES"
inetd_enable="NO"
network_interfaces="bge0 bge1 bge2 lo0"
ifconfig_bge0="inet 10.36.21.101  netmask 255.255.255.0"
ifconfig_bge1="inet 10.36.61.1 netmask 255.255.255.0"
#ifconfig_bge1_alias0="inet 10.36.61.4 netmask 255.255.255.255"
ifconfig_bge2="inet 10.60.2.254 netmask 255.255.0.0"
defaultrouter="10.36.21.1"
hostname="proxy"
firewall_enable="YES"
firewall_type="OPEN"
squid_enable="YES"
named_enable="YES"
ipnat_enable="YES"

proxy# cat /etc/ipnat.rules
map bge1 0/0 -> 0/32 proxy port ftp ftp/tcp
map bge0 10.36.61.0/24 -> 10.36.21.101/32 proxy port ftp ftp/tcp
map bge0 10.36.61.0/24 -> 10.36.21.101/32

proxy# ping 10.60.33.1
PING 10.60.33.1 (10.60.33.1): 56 data bytes
64 bytes from 10.60.33.1: icmp_seq=0 ttl=255 time=6.507 ms
64 bytes from 10.60.33.1: icmp_seq=1 ttl=255 time=2.769 ms
64 bytes from 10.60.33.1: icmp_seq=2 ttl=255 time=3.886 ms
64 bytes from 10.60.33.1: icmp_seq=3 ttl=255 time=3.001 ms
64 bytes from 10.60.33.1: icmp_seq=4 ttl=255 time=2.531 ms
^C
--- 10.60.33.1 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.531/3.739/6.507/1.458 ms

пинг из локалки с машины 10.36.61.5

mail# ping 10.60.2.254
PING 10.60.2.254 (10.60.2.254): 56 data bytes
64 bytes from 10.60.2.254: icmp_seq=0 ttl=64 time=0.283 ms
64 bytes from 10.60.2.254: icmp_seq=1 ttl=64 time=0.256 ms
64 bytes from 10.60.2.254: icmp_seq=2 ttl=64 time=0.240 ms
^C
--- 10.60.2.254 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.240/0.260/0.283/0.018 ms

mail# ping 10.60.33.1
PING 10.60.33.1 (10.60.33.1): 56 data bytes
^C
--- 10.60.33.1 ping statistics ---
15 packets transmitted, 0 packets received, 100% packet loss


Где у меня кривые руки ?


Содержание

Сообщения в этом обсуждении
"routing FreeBSD 4.10  3 interfase"
Отправлено ShyLion , 21-Янв-05 08:16 
не мешало бы увидеть таблицы маршрутизации и файрволов ВСЕХ участников эксперимента

"routing FreeBSD 4.10  3 interfase"
Отправлено dgr , 21-Янв-05 13:58 
Проблема понятна на киске 10.60.2.1 нет маршрута для 10.60.2/24
буду пинать провайдера если не получется возможно bridge мне поможет

"routing FreeBSD 4.10  3 interfase"
Отправлено dgr , 21-Янв-05 14:15 
Встает вопрос будет ли мост вмести с натом работать ?
тобиш bge2 = bge1 мост с фильтрацией
      bge0 -> bge1 нат

bge0 10.36.21.101
bge1 10.36.61.1
bge1_alias0 10.60.2.2
bge2 bridge