On Tue, Jan 15, 2002 at 04:13:35PM -0800, Alex Melkomukov wrote:
Hello everyone.
The OS is FreeBSD 4.4. I did some digging and discovered that I needed to enable 'routed' and create some static routes to the gateway IP outside of the local network block to be able to reach the Internet.
I uncommented the
defaultrouter="5.6.7.1"
entry (IP has been changed to protect parties involved) in the rc.conf file and added the
router_enable="YES"
entry. I then added the following entries to the rc.local file:
route add default -interface 1.2.3.100 -netmask 255.255.255.252 route add -net 5.6.7.1 -interface 1.2.3.100 -netmask 255.255.255.252 route add default 5.6.7.1
I came up with these routes by trial and error, and am not convinced that these are the correct entries to use.
I can reach the Internet and the nameserver (which is also outside of the local network block), and can ping and traceroute without any problems.
But,... every once in a while certain programs start timing out and/or take a really long time to respond (to the point of failure due to time-out on the other end). Some of these programs are telnet, ssh, ftp, radius.
Other programs/protocols (such as http traffic) do not display the same behavior.
So, I am seeking advice on how to configure static routes correctly and/or if some other issues may be causing this strange, intermitten behavior.
Please let me know if I implemented this incorrectly...
am __________________________________________________________________ Alex Melkomukov amelkomukov@navi.net Navi.Net http://www.navi.net 618 NW Glisan St., Ste. 101 voice 503-517-8866 Portland, OR 97209 USA fax 503-517-8868 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Alex, If you can ping the outside world, and traceroutes etc work just fine my guess would be you are seeing some kind of DNS related timeout. Does your IP space reverse resolve? I.e. if you nslookup 1.2.3.100 does it resolve to your host's domain name? Does your forward lookup match your reverse? Connecting to hosts that use wrappers etc on their Telnet, SSH, FTP can take forever if you don't have reverse entries. This is because they typically do a reverse lookup and forward lookup on your IP and DNS name (respectivly) and so if you don't have entries properly set up you have to wait for their DNS queries to timout. HTTP probably is fine because it isn't normally wrapped, and may not do a reverse then forward look up upon connect. Last thing, you've got the static routes, no need to run the routing daemon. You can set router_enable="NO". regards, -DAL- -- dylan@newdream.net