Uhmmm....is it possible a physical problem? Did you check the cables,
switch port and router configuration?
I had a problem very similar a few months ago (when I asked about how many
aliases on one single card) and finally was a routing problem...some guy
decided to remove the IPs from the routing tables in the router device. I
wasted almost two crazy days trying to understand why the issue was
present and then I received an email from the DC asking for apologies
because the mistake they did in the router...no comments.
Regards,
Alvaro
On Wed, 8 Apr 2009, Chris Larsen wrote:
By the way, I wanted to clarify the problem:
I cannot ping out using the external interface to any address besides itself. I
also cannot get any replies from the external interface when i ping from other
hosts to this external address. I hope that clarifies. It's binding just fine
and it's obvious there's not a machine out there that has claimed this IP
already, no firewall in place.
Oh and I have no errors in my dmesg output.
----- Original Message -----
From: "Chris Larsen" <ch...@daeda.net>
To: misc@openbsd.org
Sent: Wednesday, April 8, 2009 3:45:56 PM GMT -06:00 US/Canada Central
Subject: unable to communicate using external interface
Hi, I just replaced one openbsd box with another , same network configuation,
except went from 3.4 to 4.4. I have about 8 years experience building openbsd
firewalls and mail filter servers but can't figure this one out. Since there's
not a concise error I am having a hard time finding any resolutions through
forums and newsgroups. I'm hoping someone can help steer me in the right
direction. Thank you in advance.
THE CHALLENGE:
I can ping with the internal interface just fine and I can ping the address of
the external interface just fine but cannot ping the other external addresses
nor the gateway. There is no output at all with the ping. It would sit there
forever without a single error.
BACKGROUND:
My cisco IAD is in bridged mode and my provider has given me 5 addresses. 4 are
on 2 other servers and 1 is for this server. As I mentioned, the address was
being used just fine prior to my new installation. PF is not running yet
although I did turn on ip forwarding in sysctl.conf. This is a default install
with nothing on it yet. I haven't even copied over the ports tree yet.
CONFIGS:
# cat /etc/hostname.rl0
inet 74.7.170.234 255.255.255.248 NONE
# netstat -rn
Routing tables
# cat /etc/mygate
74.7.170.233
Internet:
Destination Gateway Flags Refs Use Mtu Prio Iface
default 74.7.170.233 UGS 0 28 - 48 rl0
74.7.170.232/29 link#1 UC 1 0 - 48 rl0
74.7.170.233 link#1 UHLc 1 107 - 48 rl0
127/8 127.0.0.1 UGRS 0 0 33204 48 lo0
127.0.0.1 127.0.0.1 UH 1 0 33204 48 lo0
192.168.168/24 link#2 UC 7 0 - 48 fxp0
192.168.168.2 00:30:48:21:c4:e0 UHLc 0 0 - 48 fxp0
192.168.168.5 00:08:02:c5:60:38 UHLc 0 1 - 48 fxp0
192.168.168.7 00:11:0a:9c:06:03 UHLc 1 8116 - 48 fxp0
192.168.168.8 00:04:4b:04:10:62 UHLc 1 71 - 48 fxp0
192.168.168.23 00:09:5b:af:31:a8 UHLc 0 307 - 48 fxp0
192.168.168.106 00:1f:e1:45:25:90 UHLc 0 3 - 48 fxp0
192.168.168.119 00:02:3f:fe:38:90 UHLc 1 111 - 48 fxp0
224/4 127.0.0.1 URS 0 0 33204 48 lo0
# ifconfig -a
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33204
groups: lo
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:10:b5:f5:64:cf
groups: egress
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 74.7.170.234 netmask 0xfffffff8 broadcast 74.7.170.239
inet6 fe80::210:b5ff:fef5:64cf%rl0 prefixlen 64 scopeid 0x1
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:07:e9:d6:27:8e
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.168.1 netmask 0xffffff00 broadcast 192.168.168.255
inet6 fe80::207:e9ff:fed6:278e%fxp0 prefixlen 64 scopeid 0x2
enc0: flags=0<> mtu 1536
