I find out the problem is in the unbound.conf file. Now, my xeperia can use
the internet. Thanks you for your help..
Clarence
===original ====
server:
interface: 192.168.1.1
interface: 127.0.0.1
interface: ::1
access-control: 127.0.0.0/8 allow
access-control: 10.0.0.0/24 allow
access-control: 0.0.0.0/0 refuse
access-control: ::0/0 refuse
access-control: ::1 allow
do-not-query-localhost: no
hide-identity: yes
hide-version: yes
forward-zone:
name: "."
forward-addr: 64.6.64.6 # Verisign
forward-addr: 94.75.228.29 # chaos Computer Club
forward-first: yes #try direct if forwarder fails
========================================
====== changed unbound.conf=======
server:
interface: 192.168.1.1
interface: 127.0.0.1
access-control: 192.168.1.0/24 allow
access-control: 127.0.0.0/8 allow
do-not-query-localhost: no
hide-identity: yes
hide-version: yes
forward-zone:
name: "."
forward-addr: 64.6.64.6 # Verisign
forward-addr: 94.75.228.29 # chaos Computer Club
forward-first: yes #try direct if forwarder fails
==========================================
man Chan (<openbsd...@yahoo.com.hk>) 在 2020年5月11日星期一 下午3:21:17 [GMT+8] 寫道:
Here is all the config files of my openbsd-router. traceroute yahoo.com.hk on
my xperia (android) stop at ip of my openbsd-router. There is nothing display
on openbsd-router running tcpdump -eni pflog0.
dhclient.conf----
append domain-name-servers 127.0.0.1;
==============================
dhcpd.conf---------
# $OpenBSD: dhcpd.conf,v 1.1 2014/07/11 21:20:10 deraadt Exp $
#
# DHCP server options.
# See dhcpd.conf(5) and dhcpd(8) for more information.
#
# Network: 192.168.1.0/255.255.255.0
# Domain name: my.domain
# Name servers: 192.168.1.3 and 192.168.1.5
# Default router: 192.168.1.1
# Addresses: 192.168.1.32 - 192.168.1.127
#
option domain-name "my.domain";
#option domain-name-servers 192.168.1.3, 192.168.1.5;
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.1;
option domain-name-servers 192.168.1.1;
range 192.168.1.32 192.168.1.127;
}
==============================
pf.conf ----------------------
# The wirde and wireless interface of the LAN
wired="re0"
#wifi=""
# This is a table of non-routable addresses that will be used later
table <martians> { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 \
172.16.0.0/12 192.0.0.0/24 192.0.2.0/24 224.0.0.0/3 \
192.168.0.0/16 192.18.0.0/15 198.51.100.0/24 \
203.0.113.0/24 }
set block-policy drop
set loginterface egress
set skip on lo
# Normalize the traffic
match in all scrub (no-df random-id max-mss 1440)
# Perform NAT
match out on egress inet from !(egress:network) to any nat-to (egress:0)
block in quick on egress from <martians> to any
block return out quick on egress from any to <martians>
block all
pass out quick inet keep state
pass in on { $wired } inet
# Forward incoming connection ( on TCP port 40 and 443 ) to web server
#pass in on egress inet proto tcp from any to (egress) port { 80 443 } rdr-to
192.168.1.2
============================================
resolv.conf------
# Generated by alc0 dhclient
nameserver 192.168.8.1
nameserver 127.0.0.1
lookup file bind
========================
sysctl.conf-------------
net.inet.ip.forwarding=1
net.inet6.ip6.forwarding=1
=============================
unbound.conf ------------
server:
interface: 192.168.1.1
interface: 127.0.0.1
interface: ::1
access-control: 127.0.0.0/8 allow
access-control: 10.0.0.0/24 allow
access-control: 0.0.0.0/0 refuse
access-control: ::0/0 refuse
access-control: ::1 allow
do-not-query-localhost: no
hide-identity: yes
hide-version: yes
forward-zone:
name: "."
forward-addr: 64.6.64.6 # Verisign
forward-addr: 94.75.228.29 # chaos Computer Club
forward-first: yes #try direct if forwarder fails
===================================================
dmesg--------------------
OpenBSD 6.6-stable (GENERIC.MP) #1: Thu May 7 17:40:45 HKT 2020
clare...@o66.my.domain:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 6156845056 (5871MB)
avail mem = 5957545984 (5681MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xfbe20 (23 entries)
bios0: vendor American Megatrends Inc. version "P1.20" date 11/30/2012
bios0: ASRock 960GM-VGS3 FX
acpi0 at bios0: ACPI 1.0
acpi0: sleep states S0 S1 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG OEMB AAFT HPET SSDT
acpi0: wakeup devices PCE2(S4) PCE3(S4) PCE4(S4) PCE5(S4) PCE6(S4) PCE7(S4)
PCE9(S4) PCEA(S4) PCEB(S4) PCEC(S4) SBAZ(S4) PS2K(S4) P0PC(S4) UHC1(S4)
UHC2(S4) UHC3(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD Athlon(tm) II X4 630 Processor, 2805.89 MHz, 10-05-02
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,NODEID,ITSC
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line
16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu0: AMD erratum 721 detected and fixed
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 200MHz
cpu0: mwait min=64, max=64, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD Athlon(tm) II X4 630 Processor, 2805.51 MHz, 10-05-02
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,NODEID,ITSC
cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line
16-way L2 cache
cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu1: AMD erratum 721 detected and fixed
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 2 (application processor)
cpu2: AMD Athlon(tm) II X4 630 Processor, 2805.51 MHz, 10-05-02
cpu2:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,NODEID,ITSC
cpu2: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line
16-way L2 cache
cpu2: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu2: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu2: AMD erratum 721 detected and fixed
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: AMD Athlon(tm) II X4 630 Processor, 2805.51 MHz, 10-05-02
cpu3:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,NODEID,ITSC
cpu3: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line
16-way L2 cache
cpu3: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu3: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu3: AMD erratum 721 detected and fixed
cpu3: smt 0, core 3, package 0
ioapic0 at mainbus0: apid 4 pa 0xfec00000, version 21, 24 pins
acpimcfg0 at acpi0
acpimcfg0: addr 0xe0000000, bus 0-255
acpihpet0 at acpi0: 14318180 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (P0P1)
acpiprt2 at acpi0: bus -1 (PCE2)
acpiprt3 at acpi0: bus -1 (PCE3)
acpiprt4 at acpi0: bus -1 (PCE4)
acpiprt5 at acpi0: bus 2 (PCE5)
acpiprt6 at acpi0: bus 3 (P0PC)
acpicpu0 at acpi0: C1(@1 halt!), PSS
acpicpu1 at acpi0: C1(@1 halt!), PSS
acpicpu2 at acpi0: C1(@1 halt!), PSS
acpicpu3 at acpi0: C1(@1 halt!), PSS
acpipci0 at acpi0 PCI0: 0x00000010 0x00000011 0x00000000
acpicmos0 at acpi0
acpibtn0 at acpi0: PWRB
"PNP0C14" at acpi0 not configured
cpu0: 2805 MHz: speeds: 2800 2100 1600 800 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "AMD RS780 Host" rev 0x00
ppb0 at pci0 dev 1 function 0 unknown vendor 0x1849 product 0x9602 rev 0x00
pci1 at ppb0 bus 1
radeondrm0 at pci1 dev 5 function 0 "ATI Radeon HD 3000" rev 0x00
drm0 at radeondrm0
radeondrm0: apic 4 int 18
ppb1 at pci0 dev 5 function 0 "AMD RS780 PCIE" rev 0x00: msi
pci2 at ppb1 bus 2
alc0 at pci2 dev 0 function 0 "Attansic Technology L1D" rev 0xc0: msi, address
bc:5f:f4:cb:8d:06
atphy0 at alc0 phy 0: AR8035 10/100/1000 PHY, rev. 0
ahci0 at pci0 dev 17 function 0 "ATI SBx00 SATA" rev 0x00: apic 4 int 22, AHCI
1.1
ahci0: port 1: 3.0Gb/s
scsibus1 at ahci0: 32 targets
sd0 at scsibus1 targ 1 lun 0: <ATA, SAMSUNG HD080HJ/, ZH10>
t10.ATA_SAMSUNG_HD080HJ/P_S0DEJ1GLB02679_
sd0: 76319MB, 512 bytes/sector, 156301488 sectors
ohci0 at pci0 dev 18 function 0 "ATI SB700 USB" rev 0x00: apic 4 int 16,
version 1.0, legacy support
ohci1 at pci0 dev 18 function 1 "ATI SB700 USB" rev 0x00: apic 4 int 16,
version 1.0, legacy support
ehci0 at pci0 dev 18 function 2 "ATI SB700 USB2" rev 0x00: apic 4 int 17
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "ATI EHCI root hub" rev 2.00/1.00
addr 1
ohci2 at pci0 dev 19 function 0 "ATI SB700 USB" rev 0x00: apic 4 int 18,
version 1.0, legacy support
ohci3 at pci0 dev 19 function 1 "ATI SB700 USB" rev 0x00: apic 4 int 18,
version 1.0, legacy support
ehci1 at pci0 dev 19 function 2 "ATI SB700 USB2" rev 0x00: apic 4 int 19
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 configuration 1 interface 0 "ATI EHCI root hub" rev 2.00/1.00
addr 1
piixpm0 at pci0 dev 20 function 0 "ATI SBx00 SMBus" rev 0x3c: SMI
iic0 at piixpm0
spdmem0 at iic0 addr 0x50: 2GB DDR3 SDRAM PC3-10600
spdmem1 at iic0 addr 0x51: 4GB DDR3 SDRAM PC3-10600
pciide0 at pci0 dev 20 function 1 "ATI SB700 IDE" rev 0x00: DMA, channel 0
configured to compatibility, channel 1 configured to compatibility
azalia0 at pci0 dev 20 function 2 "ATI SBx00 HD Audio" rev 0x00: apic 4 int 16
azalia0: codecs: Realtek ALC662
audio0 at azalia0
pcib0 at pci0 dev 20 function 3 "ATI SB700 ISA" rev 0x00
ppb2 at pci0 dev 20 function 4 "ATI SB600 PCI" rev 0x00
pci3 at ppb2 bus 3
re0 at pci3 dev 5 function 0 "Realtek 8169" rev 0x10: RTL8110S (0x0400), apic 4
int 20, address 00:16:01:5c:22:60
rgephy0 at re0 phy 7: RTL8169S/8110S/8211 PHY, rev. 0
ohci4 at pci0 dev 20 function 5 "ATI SB700 USB" rev 0x00: apic 4 int 18,
version 1.0, legacy support
pchb1 at pci0 dev 24 function 0 "AMD AMD64 10h HyperTransport" rev 0x00
pchb2 at pci0 dev 24 function 1 "AMD AMD64 10h Address Map" rev 0x00
pchb3 at pci0 dev 24 function 2 "AMD AMD64 10h DRAM Cfg" rev 0x00
km0 at pci0 dev 24 function 3 "AMD AMD64 10h Misc Cfg" rev 0x00
pchb4 at pci0 dev 24 function 4 "AMD AMD64 10h Link Cfg" rev 0x00
usb2 at ohci0: USB revision 1.0
uhub2 at usb2 configuration 1 interface 0 "ATI OHCI root hub" rev 1.00/1.00
addr 1
usb3 at ohci1: USB revision 1.0
uhub3 at usb3 configuration 1 interface 0 "ATI OHCI root hub" rev 1.00/1.00
addr 1
usb4 at ohci2: USB revision 1.0
uhub4 at usb4 configuration 1 interface 0 "ATI OHCI root hub" rev 1.00/1.00
addr 1
usb5 at ohci3: USB revision 1.0
uhub5 at usb5 configuration 1 interface 0 "ATI OHCI root hub" rev 1.00/1.00
addr 1
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
wbsio0 at isa0 port 0x2e/2: NCT6776F rev 0x33
lm1 at wbsio0 port 0x290/8: NCT6776F
usb6 at ohci4: USB revision 1.0
uhub6 at usb6 configuration 1 interface 0 "ATI OHCI root hub" rev 1.00/1.00
addr 1
vmm0 at mainbus0: SVM/RVI
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
root on sd0a (bf7f658e79b5a6bc.a) swap on sd0b dump on sd0b
initializing kernel modesetting (RS780 0x1002:0x9616 0x1849:0x9616 0x00).
radeondrm0: 1440x900, 32bpp
wsdisplay0 at radeondrm0 mux 1: console (std, vt100 emulation), using wskbd0
wsdisplay0: screen 1-5 added (std, vt100 emulation)
umass0 at uhub0 port 3 configuration 1 interface 0 "KINGSTON DT 101 G2" rev
2.00/0.00 addr 2
umass0: using SCSI over Bulk-Only
scsibus4 at umass0: 2 targets, initiator 0
sd1 at scsibus4 targ 1 lun 0: <, , 1.00> removable serial.09511642AC40D7092ACB
sd1: 7424MB, 512 bytes/sector, 15204352 sectors
====================================
Kaya Saman (<kayasa...@gmail.com>) 在 2020年5月10日星期日 下午9:27:45 [GMT+8] 寫道:
On 5/10/20 2:12 PM, Kaya Saman wrote:
> On 5/10/20 2:04 PM, Tom Smyth wrote:
>> Hello Clarence,
>>
>> you would need to provide some more information about your setup,
>>
>> ip addresses on interfaces , what is your pf.conf etc...
>>
>> In your experia ( I believe they are android)
>> you can download the hurricane electric network tools (HE network
>> tools) (a free app to run rudimentary network diagnostic commands,
>> such as ping traceroute dns lookup tests to identify the problem
>> associated with your connection when using openBSD..
>> that would help you diagnose the source of the connectivity problems
>> you are having...
>> Hope this helps
>>
>> Tom Smyth
>>
>>
>> On Sun, 10 May 2020 at 13:09, man Chan <openbsd...@yahoo.com.hk> wrote:
>>> Hello,
>>> I recently setup a home network as followings (Just for fun):
>>> ISP <----> openbsd router (version 6.6 Stable) <-------> gigabits
>>> switch (TP-Link TL-SG1008D) <-----> linksys ea8300 (with wireless)
>>>
>>> everything works except that I can't use my sony xperia tablet to
>>> access internet using the wireless function provide by the
>>> linksys-ea8300.
>>> When I replace the openbsd-router and switch with another wireless
>>> router, I can use my sony xperia to access the internet. Does any
>>> one try this before ?
>>> If yes, please let me to know how you do it. Thanks.
>>> Clarence
>>
>>
> I totally agree with the suggestion by @Tom above!
>
>
> Another good tool for Android is 'fing', it will give you access to
> Traceroute and Ping functions on your Xperia.
>
>
> The first thing to try would be to see if the Xperia can communicate
> with the gateway (OpenBSD router) then if that is successful public IP
> addresses. If something strange is going on you can further run
> Traceroute to narrow down where the issue is occurring.
>
>
> On the OpenBSD side, it could be a number of things like PF rules,
> routing, NAT but without further information it is basically a guess
> as to what it could be.
Just to elaborate here a little; you can run the 'tcpdump' program on
OpenBSD to give you more information.
To get started: man tcpdump
If you want to see where the packets from the Xperia are traveling then
something like:
tcpdump -eni (inside_interface) host (ip_of_Xperia)
For debugging PF rules a good start is to use: tcpdump -eni pflog0 <-
you can further narrow things down by using the 'action' option eg.
'block' / 'allow'
Hope this helps a little more :-)
